[Samba] Samba 3.0.0 & LDAP: multiple domains logon

Gerald (Jerry) Carter jerry at samba.org
Wed Oct 1 15:44:41 GMT 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

werner maes wrote:
|
|     Hello,
|
| If you use samba 3.0.0 with LDAP authentication, samba uses an ldap
| attribute "sambaSID" in which the domain SID is stored. When somebody
| does a domain logon (2000/XP) this attribute is checked. But suppose I
| would like to login to another domain? Can I define multiples sambaSID's
| or is this attribute unique? If it's unique, how can I login to multiple
| domains?

You can't.  This was one of the drawbacks of moving to SID's
as opposed to RID's.  However, you can setup truated Samba
domains thus grouping users but still being able to logon to
clients in other domains.




cheers, jerry
~ ----------------------------------------------------------------------
~ Hewlett-Packard            ------------------------- http://www.hp.com
~ SAMBA Team                 ---------------------- http://www.samba.org
~ GnuPG Key                  ---- http://www.plainjoe.org/gpg_public.asc
~ "You can never go home again, Oatman, but I guess you can shop there."
~                            --John Cusack - "Grosse Point Blank" (1997)

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE/evZoIR7qMdg1EfYRAmBuAKDqfSOb/BUGDEDZtlpDUAEOFrgxKwCfeypo
dGPwe9oxoAtPb+i5BtTCAvo=
=WnyP
-----END PGP SIGNATURE-----




More information about the samba mailing list