[Samba] Migrating NT4 Domain with Idealx tools
Marcel de Riedmatten
mdr at dotforge.ch
Wed Nov 17 16:37:02 GMT 2004
Le mer 17/11/2004 à 17:09, Paul Coray a écrit :
> Marcel de Riedmatten schrieb:
> >
> > you can have them separated. What count is that the machines account are
> > visible on domain controllers (PDC BDC) ie getent passwd must show the
> > machine (posix) account. This is nss_ldap configuration. If samba
> > doesn't see the machine (posix) account it won't work .
>
> So can I specify more then one nss base for passwd in libnss-ldap.conf
>
> i.e.
>
> nss_base_passwd ou=Users,dc=mydomain,dc=ch
> nss_base_passwd ou=Computers,dc=mydomain,dc=ch
> nss_base_group ou=Groups,dc=mydomain,dc=ch
I am not sure. I just don't specify nss_base_passwd ie i just
defined
base dc=mydomain,dc=ch
> >
> >> So I would suspect some problem in the communication with the
> >>
> >>>PDC and double check that on the samba box
> >>>
> >>>1) you have the domain SID as local SID
> >>
> >>Do SIDS for the PDC and for the domain have to be the same?
> >
> >
> > yes the domain SID _is_ the (local) SID of the PDC and all domain
> > controllers must have the same SID.
>
> Thanks Marcel, this is very valuable information to me! I think these
> should be pointed out more clearly in the docs.
>
>
ok
By the way I am preparing something for the vampire and idmap stuff.
--
Marcel de Riedmatten
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Ceci est une partie de message
=?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e=2E?=
Url : http://lists.samba.org/archive/samba/attachments/20041117/7c006ca6/attachment.bin
More information about the samba
mailing list