Winbind and domain logons = yes
Raphaël Berghmans
rberghmans at arafox.com
Wed Nov 19 10:54:36 GMT 2003
On Tue, 2003-11-18 at 16:50, Gerald (Jerry) Carter wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Raphaël Berghmans wrote:
> |
> | To make a migration from NT4 to samba I've configured
> | a samba server with domain logons = yes (to be BDC for
> | the NT4 PDC) and with Winbind (to emulate add user script
> | as explained in WHATNEWS.txt).
> |
> | "wbinfo -u" works fine but "getent passwd" doens't
> | work (nsswitch is correctly configured). When I set up
> | domain logons = no : "getent passwd" works fine !
> |
> | Is this a normal behaviour ?
>
> Yes. We can't be a BDC for an NT PDC. Where did you read
> this in the docs?
Yes I agree with you but to make a "net rcp vampire" the samba must be
recognize by NT as BDC, otherwise the access is DENIED by NT.
In WHATNEWS.txt I found this :
New functions have been added to winbindd to emulate the 'add user
script' family of smbd functions without requiring that external
scripts be defined. This functionality is controlled by the 'winbind
enable local accounts' smb.conf parameter (enabled by default).
Then with this functionality which steps have to be done to migrate SAM from NT4 to Samba/LDAP ?
- Does winbind have to be started ?
- nsswitch.conf configure with winbind ?
See you
Raphael
More information about the samba-technical
mailing list