[Samba] Samba 3.0.0 & LDAP: multiple domains logon

werner maes werner.maes at cc.kuleuven.ac.be
Wed Oct 1 15:52:34 GMT 2003


At 10:44 1/10/2003, Gerald (Jerry) Carter wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>werner maes wrote:
>|
>|     Hello,
>|
>| If you use samba 3.0.0 with LDAP authentication, samba uses an ldap
>| attribute "sambaSID" in which the domain SID is stored. When somebody
>| does a domain logon (2000/XP) this attribute is checked. But suppose I
>| would like to login to another domain? Can I define multiples sambaSID's
>| or is this attribute unique? If it's unique, how can I login to multiple
>| domains?
>
>You can't.  This was one of the drawbacks of moving to SID's
>as opposed to RID's.  However, you can setup truated Samba
>domains thus grouping users but still being able to logon to
>clients in other domains.

What do you mean by "truated Samba domains"?
Could you explain some more?

Thanks,

Werner 




More information about the samba mailing list