[Samba] trying to prepare to go live this weekend
craigwhite at azapple.com
Fri Dec 19 16:56:07 GMT 2003
Asking these questions again, I have read/re-read the documentation and
want to get these ideas clear before I commit. Any answers on any
question will be appreciated.
1 - Group (Linux) - Groups (Windows) seems to confusing to me so I
mapped Groups to Group in the smbldap-tools and the nss/ldap.conf so I
would only have one group called Group. This seems reasonable to me - is
there a problem with that thinking?
2 - Now I know, I can't have WinNT PDC or BDC and thus have 3 choices...
a) create a new domain for linux based domain and set up a trust
between the two - still leaves me without a BDC for original domain.
b) reformat/reinstall WinNT on current PDC and make it a server on
Linux managed domain - ugly option at this point.
c) turn off logon services (never done this on NT domain controller but
presume that it can be somewhat disabled) - has anyone done anything
down this path?
3 - If I make a new domain and set up trusts between old domain and new
domain - do I have to then add the group Groups to get continuity
(proper mapping) between the two domains?
4 - I can't discern the significance of having the local users with
uid's 500+ and sambaSamAccount/uid's 1000+ and I'm thinking that this
convention came into being only to make it simpler to identify. Am I
missing something? It would seem that a uid in any range could have
objectclasses with sambaSamAccount and/or posixAccounts
More information about the samba