Remote Citrix Auth Pass-Through ...

C.Lee Taylor leet at leenx.co.za
Sat Jan 10 07:30:48 GMT 2004 

Greetings ...

	I am posting here, because I believe this a little more technical than 
"I can't get my server work?" ...

	A little background ...

	We have been force by our head office to use AD and Citrix, not a bad 
combo, but I like my Linux Servers and don't wish to loose them, so I 
have been working toward's and means to keep them and get our company 
what they want ...

	We have 2xWin2K3 ADS DC server, and expect to have more than one Citrix 
server.  My remote clients should be running Win9X or Win2K Clients off 
an Linux File/Print/Mail server, which I have upgraded to FC1 and self 
compiled Samba 3.0.2pre1 ( still test system ) ...

	Now my two problems, which one of the developers did give me a general 
idea of what to do, but it did not work (sorry, I can't remember who it 
was ) ...

	My remote clients, I would like to log into Samba as if it was a PDC, 
so that I can run logging scripts and join them the domain ... Currently 
I am using Samba with LDAP and this works fine, but introducing ADS and 
Citrix now has broken then very nice setup ... I don't wish to lose 
flexibility or functionality by introducing winbind, which is what has 
happened with my tests.

	If I use winbind, I can't setup a PDC.  It was explained to create a 
trust between my Samba domain and ADS domain, and this way I should be 
able to pass auth through the trust and as I have thought this through, 
I believe all my users will belong in ADS domain and all the Machine 
accounts would belong in Samba domain, but I can't get the trust working 
... I think this is because of the fact the our ADS is in native mode, 
and the HowTo only converts Mixed mode, and warns against using/trying 
in Native Mode ( somebody's got to try it some time ) ...

	So, I was hoping that somebody might be able to help me, or if I am 
missing info ( which I can't think of what to put in here without 
flooding the list with information that is not needed ) what would be 
best to forward ...

	I don't have much control over the ADS system, some very basic stuff, 
but I will not be able to convince the powers that be to switch it to 
Mixed Mode ...

	Please can any body with some insight, give me a hand ( and a nice cool 
slap in the face is not what I am looking for ... given myself enough of 
them ... )

Thanks
Mailed
Lee

P.S. All the work I have seen on the list is great ... Working for a 
wonderful future is perfect!!

More information about the samba-technical mailing list