[Samba] why limit winbind to trusted domain only ?

gary ng garyng2000 at yahoo.com
Wed May 4 09:44:06 GMT 2005


I am wondering the rationale behind this design
decision. I am working on a small network using samba
as the PDC/BDC with most workstation being Windows

With samba and the User Manager for domain, I can
easily manage the user database from Windows.

In addition to samba, I also run the mail server on
it, this requires standard linux login.

Initially, I thought the best would be using winbind
so the same samba account can be used for all other
unix activities too but found out that winbind would
not return anything for its own domain.

This make the above situation a bit complicated, I can
still use nss_ldap/pam_ldap to make use of the same
samba account(I use ldap backend anyway) but the setup
is more complicated(need to do password sync through

So why not let winbind to return entries for its own
domain as well then only one set of account needs to
be dealt with the above situation ?

Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 

More information about the samba mailing list