Volker.Lendecke at SerNet.DE
Thu Feb 17 08:54:08 GMT 2005
On Thu, Feb 17, 2005 at 08:03:07AM +1100, Andrew Bartlett wrote:
> I'm certainly not happy with an NTLM bind, mostly because we can't
> handle the trusted domain case for:
> Samba Server -> Windows Doamin (primary)
> -> Samba domain (trusted)
The primary goal for this is definitely samba as our primary domain. If it is
not, winbind would use the normal idmap backend parameter. If it is 'idmap
backend = rpc:user at host' then something like smbpasswd -w might provide the
> It also just does not match windows behaviour.
The unixinfo pipe does not match windows behaviour at all I think.
> For our primary domain, then a schannel bind is appropriate. For
> trusted domains, this is harder to get right.
I've always wanted to have --set-auth-user a per-domain parameter. But anyway
this can only help you for the template homedir/shell stuff in case of trusted
domains. For the idmap you need a single source anyway, and this can be
provided by the idmap backend parameter.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20050217/2aa57e49/attachment.bin
More information about the samba-technical