[Samba] Re: Remote Citrix Auth Pass-Through ...
leet at leenx.co.za
Mon Jan 26 09:51:08 GMT 2004
Thanks again for your responce ... it currently feels like I am
banding my head against a M$ Wall ...
>> Now if we use winbind, we can't setup the Linux servers as PDC.
>This is incorrect. Winbind runs perfectly fine against Samba 3.0.
No, what I mean, if you enable "domain logons = yes", getent passwd
does not return any users from the AD system, which means I can't have a
remote Samba Server acting as PDC to host the netlogon service ...
>>That is a limitation of winbind, and with out the Samba servers running
>>as PDC's I can't get the local workstations as the remote sites to
>>process login scripts.
>Logon scripts for their own domain, or logon scripts for trusted
For the domain that is locale to the user ... Which would be a Samba
server at a remote site ...
>> I could give up on the idea of remote sites local workstations
>>automaticly processing login scripts, because that is the only real
>>thing I am looking for. I could manually add login scripts to all the
>>workstations, or I could work out something with trusts.
>> I have been trying setuping up a trust both ways between AD and
>>Samba, but TS will not let any of my users login from Samba.
>How about you sort out your terminal-services issues first. I think you
>might be being bitten by generic Samba/TS interactions, and are just
>making your life more difficult by looking for the most complex
I am not sure that is the problem, for a test, I have been able to
Join a Win2K3 TS system to my lovely Samba domain and everything works
fine. No problem there.
>In a Samba domain, win2k TS clients need Samba 3.0.1 to store the right
>extra information. But it sounds like you don't want to run a Samba
>PDC, except for the fact that it would allow you to serve up a logon
>script. Can't AD do that as well, if not better?
My real problem is a few $h!ty application which I have no control
over. iScala, a finance system which uses M$SQL2K, tied very closley
into AD. And then Citrix or maybe TS ...
I am currently tring to create a trust between Samba and AD domain
so that users in my Samba domain have access to AD resources, which
currently means access to iScala. But I am still going to have to fine
a way to get my remote Samba users to access Citrix via
Pass-Through-Auth, but from what have seen, I might not have may options
More information about the samba