[Samba] Re: Remote Citrix Auth Pass-Through ...

Andrew Bartlett abartlet at samba.org
Sat Jan 24 21:39:02 GMT 2004

On Sun, 2004-01-25 at 00:44, C.Lee Taylor wrote:
> Greetings ...
>     Thanks for you reply Andrew, I think I will try and explain again 
> what I am trying to do, maybe I am just going at this the wrong way ...
> >I'm not sure what you mean here.
> >  
> >
>     We have two applications which will be distributed by Citrix.  I 
> would like to have one username and password for all the services ... 
> Single-Sign-On. Windows2003 has been chosen for our AD.  We have a few 
> remote sites with Linux file/print servers.
>     Now if we use winbind, we can't setup the Linux servers as PDC. 

This is incorrect.  Winbind runs perfectly fine against Samba 3.0.

> That is a limitation of winbind, and with out the Samba servers running 
> as PDC's I can't get the local workstations as the remote sites to 
> process login scripts.

Logon scripts for their own domain, or logon scripts for trusted

>     I could give up on the idea of remote sites local workstations 
> automaticly processing login scripts, because that is the only real 
> thing I am looking for.  I could manually add login scripts to all the 
> workstations, or I could work out something with trusts.
>     I have been trying setuping up a trust both ways between AD and 
> Samba, but TS will not let any of my users login from Samba.

How about you sort out your terminal-services issues first.  I think you
might be being bitten by generic Samba/TS interactions, and are just
making your life more difficult by looking for the most complex

In a Samba domain, win2k TS clients need Samba 3.0.1 to store the right
extra information.  But it sounds like you don't want to run a Samba
PDC, except for the fact that it would allow you to serve up a logon
script.  Can't AD do that as well, if not better?

Andrew Bartlett

Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20040125/2958039e/attachment.bin

More information about the samba mailing list