domain groups
Luke Kenneth Casson Leighton
lkcl at samba.anu.edu.au
Mon Dec 29 17:44:58 GMT 1997
On Tue, 30 Dec 1997, Scott Serr wrote:
>
> Now that I've found domain groups are in the experimental stage, is there
> a way to use them in the alpha releases? I need some kind of syntax.
these only apply to the BRANCH_NTDOM cvs branch, and are only used by the
dce/rpc code, which means that they are only used by NT workstations.
have a look at pipeutil.c in the cvs BRANCH_NTDOM revision (see
http://samba.anu.edu.au/cvs.html or
samba.anu.edu.au/cgi-bin/cvsweb/samba/source) and that will give details
on the _current_ syntax of "domain groups", not the future ones :-)
it would appear that the domain aliases is like "local groups". exactly
why this is done i have no idea. a far better way for microsoft to have
done this would be to have each NT workstation as a "primary domain
controller" for itself and only for itself.
a trust relationship could then be established between the NT workstation
(as a primary domain controller for itself) and an NT server (as a
primary domain controller for the domain which the NT workstation is a
member of).
this would alleviate some of the problems associated with creating files
when you log in to a portable computer that is not connected to the
network: when you re-connect, you cannot access any of the files that you
created during your time off-line.
> FYI, I'm using domain groups on Win95 boxes in policies.
these (domain groups) will probably end up, at _some_ point, being used by
Win95: it's a matter of working out which SMBtrans2 calls are needed, and
then working them out (from packet traces).
this is totally independent development that will be required, by the way,
from the nt dce/rpc support currently being researched.
luke
More information about the samba
mailing list