[Samba] 4 samba domains/one ldap backend/2 methods/which to use?

Andrew Bartlett abartlet at samba.org
Tue Feb 3 20:40:25 GMT 2004 

On Wed, 2004-02-04 at 01:00, Barry Smoke wrote:
> Andrew Bartlett wrote:
> 
> >You cannot share users between domains.  If the user is in one domain,
> >it *must not* be visible to the other domains, you must use a seperate
> >ldap suffix.
> >
> where is the documentation on this?  I would think this would be a 
> common configuration with ldap, trying to consolidate to one ldap 
> directory.  Anyone written any HowTo's?
> since we are using smbldap-tools, I guess this means a re-write to make 
> those utilities work?

Most people consolidate on a single domain, when they move to a single
LDAP directory.  

> >Check your replication, and use Samba 3.0.1, with the 'ldap replication
> >sleep' parameter.  This allows you to make the system wait until the
> >slave LDAP server has caught up.
> >
> >  
> >
> Thanks, We'll try that...

> We tested putting a netbios alias into our pdc with ldap, and we can 
> type that alias as the domain we are logging into
> on the main network, and use the variable in the smb.conf file for 
> various things....works great!

You you the netbios alias as a domain name?  This must work by some very
weird quirk of how Win9X functions in the domain....

> when we got our BDC up, we tried putting our main campus domain as the 
> workgroup name, then put in what we were using as
> the remote domain in as an alias(just like on the main server), and even 
> a windows 98 machine couldn't find the domain....
> does BDC break this?

Netbios aliases are for netbios host names, not domains.  There is
exactly *one* domain name per domain.

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20040204/6dd8fd77/attachment.bin

More information about the samba mailing list