buc at odusz.so-cdu.ru
Mon Oct 16 13:24:29 GMT 2006
Volker Lendecke wrote:
>On Thu, Oct 12, 2006 at 07:55:17PM +0400, Dmitry Butskoy wrote:
>>Say again: When NSS-winbind is not used, the server can be in several
>>domains simultaneously! It could be very useful for users in UNIX-based
>Again: Please use trusts for this. Samba can perfectly well
>trust a W2k3 current patches domain and the other way round
>as well. If this does not work, we have a but we are going
"net rpc trustdom" ? But AFAIK AD must be in the "mixed mode" for this,
which is (for some reasons) impossible for us. And "net ads trustdom"
still not implemented... ;)
Moreover, even for the "two NT domains" case. Consider two NT domains
"OLDDOM" and "NEWDOM". A fileserver in NEWDOM trusts OLDDOM.
The "NEWDOM\name" is mapped to UNIX user "name" (according to "winbind
trusted domains only = yes"). But what user "OLDDOM\name" will be mapped
to? (Surely we want it to be mapped to "name" too).
More information about the samba-technical