[Samba] Samba3 Limitations?

Carlos Eduardo Pedroza Santiviago carlos at pti.org.br
Fri Mar 18 11:54:32 GMT 2005


Recently, i worked in a pilot project to migrate a NT4 Domain to Samba3 +
OpenLDAP. They have a quite large user base, approx. 2500 accounts, plus
approx. 1800 groups, which 200 are local groups.

Unfortunately, we faced some problems, and i'd like to know if anyone has
faced them too, and how overcame them:

- User Rights and Privileges: This is kinda new in latest Samba release,
3.0.11, but doesn't implement yet all NT4 funcionalities. Specifically here,
they use the privileges called "Log on as a service" and "Logon as a batch
job", and the others, too. I am not a NT4 master, but AFAIK, this can be
changed to local policies (in windows machines, 2003 atm) insted of using the
Domain ones. Am i right?

- Local groups: AFAIK, NT4 Admins used them to ease the administration of
permissions ACLs, but how implement it using Samba3+OpenLDAP? Or the only way
is to change all the local groups to domain groups and redo the acl stuff?
(the ntadmins will cry)


More information about the samba mailing list