[Samba] LDAP Replication
lrivera at racsa.co.cr
Fri Mar 14 10:53:28 GMT 2003
Right off the bat I can tell you from my experience (unless somebody
corrects me) that you're going to have problems keeping ACLs with Domain
Group references (i.e. ACLs that include groups in the NT4 Domain
Samba 2.2.x doesn't support Domain Groups. Samba 3.0 does, but as you
mentioned you can't wait until that, and obviously alpha (beta?) level
code would also be unacceptable.
By Domain Groups I mean custom-created groups of users within the NT
domain such as "Managers", "Marketing Personnel", etc...these can't be
represented in Samba 2.2.x AFAIK - only a few "default" (read: required)
I hope I'm wrong, but sadly I don't think I am.
On Thu, 2003-03-13 at 21:45, Zawalinski, Vladimir wrote:
> >From Google searches, it seems that using SAMBA 2.2.7 + Open LDAP on Linux
> patched for POSIX ACL support delivers a functional PDC/BDC pair, and that
> directory replication can take place automatically once set up.
> Could someone please confirm that this actually works?
> The background to this issue is that we are moving a large number of NT4
> file servers to a LINUX platform, but need to keep security arrangements,
> particularly file ACLs unchanged, but cannot wait until the production
> release of Samba V3.
Diego Rivera <lrivera at racsa.co.cr>
More information about the samba