[Samba] Active Directory integration - where to go next??

[Gibbs, Simon]

Hi,

I think I've hit a bit of a brick wall with integrating Samba and Active
Directory and aren't sure which direction I should go - I've had a look
through the How-To and this made me doubt myself even more.

At the moment I've configured a Samba domain member to authenticate users
against AD. wbinfo and getent both correctly produce user/groups lists from
AD and test shares/ACL's are working OK.

But should I be storing the mapped Windows user ID's in some kind of DB? Ie
LDAP or tdbsam?

My aim is to have a second Samba member that will act as a failover. How
would this affect the user mappings? I think I read somewhere that each box
would map the Windows users separately, so they may not have identical UID's
- which would in turn cause problems with permissions and ACL's.
Is this the case?? If so do I need to create a single repository to store
the user mappings that both Samba members use? Again how does this work??
And how does this get updated when new users are added to AD?

Thanks for your time - I'm getting a bit frustrated and need a push in the
right direction.

Simon




********************************************************************************
The information contained in this email message may be confidential. If you are not the intended recipient, any use, interference with, disclosure or copying of this material is unauthorised and prohibited. Although this message and any attachments are believed to be free of viruses, no responsibility is accepted by T&F Informa for any loss or damage arising in any way from receipt or use thereof.  Messages to and from the company are monitored for operational reasons and in accordance with lawful business practices. 
If you have received this message in error, please notify us by return and delete the message and any attachments.  Further enquiries/returns can be sent to postmaster at tfinforma.com