[Samba] Multiple domains served by a single LDAP tree
Matiu Carr
m.carr at auckland.ac.nz
Tue Feb 28 12:54:04 GMT 2006
> My question, then, is do people here put together multiple
> NT4/Samba
> domains using a single LDAP backend? I'm betting not.
> Assuming that's
> the case, from Windows, how does one assign permissions
> and whatnot?
> From a single large flatspace containing every user and
> group? If not,
> how are they separated?
What you describe resembles a user domain + multiple
resource domain NT/AD construction.
The local domains implement policy that "restricts" access
to subsets of the total pool.
If all the domains trust the same user domain, permissions
are straightforward, and interdomain trusts are not
required.
Mat at home
--
Matiu Carr < m.carr at auckland.ac.nz>
http://www.people.auckland.ac.nz/Mat/
More information about the samba
mailing list