[Samba] trying to prepare to go live this weekend

Craig White craigwhite at azapple.com
Fri Dec 19 16:56:07 GMT 2003

Asking these questions again, I have read/re-read the documentation and
want to get these ideas clear before I commit. Any answers on any
question will be appreciated.

1 - Group (Linux) - Groups (Windows) seems to confusing to me so I
mapped Groups to Group in the smbldap-tools and the nss/ldap.conf so I
would only have one group called Group. This seems reasonable to me - is
there a problem with that thinking?

2 - Now I know, I can't have WinNT PDC or BDC and thus have 3 choices...
 a) create a new domain for linux based domain and set up a trust
between the two - still leaves me without a BDC for original domain.
 b) reformat/reinstall WinNT on current PDC and make it a server on
Linux managed domain - ugly option at this point.
 c) turn off logon services (never done this on NT domain controller but
presume that it can be somewhat disabled) - has anyone done anything
down this path?

3 - If I make a new domain and set up trusts between old domain and new
domain - do I have to then add the group Groups to get continuity
(proper mapping) between the two domains?

4 - I can't discern the significance of having the local users with
uid's 500+ and sambaSamAccount/uid's 1000+ and I'm thinking that this
convention came into being only to make it simpler to identify. Am I
missing something? It would seem that a uid in any range could have
objectclasses with sambaSamAccount and/or posixAccounts 



More information about the samba mailing list