[Samba] Samba/LDAP Domains and multiple File Servers
Matt Ingram
mingram at cbnco.com
Wed Mar 22 15:01:42 GMT 2006
>> hmm are you referring to the chapter on Making Happy Users? That
>> chapter does not address the the scenario I am going for. The sample
>> given is still using home drives that reside on the PDC and mounted on
>> the BDC via NFS; which is not what I'm looking for. What I'm looking
>> for is, Site one's users home drives exclusively running off of BDC1;
>> site 2's users home drives exclusively running off of BDC2, and so on.
>>
>> Here's what I've tried:
>> on the BDC's smbldap-tools I've set the smbldap-tools.conf SID to that
>> of the PDC instead of the BDC's SID, while things like the home drive
>> are pointing to the BDC, instead of the PDC. This seems to work, the
>> way I was hoping.. are you aware of any problems having the setup like this?
>>
> ----
> let's keep this on list please.
>
>
> doesn't sound remotely like the samba documentation describes it and if
> it works for you - great.
>
> The intent of samba software is that PDC and any/all BDC's have the
> exact same LDAP data - at least as far as all Samba user/group/computer
> attributes are concerned and a BDC would have it's own SID, not the same
> SID as the PDC. That would track the methodology of a Windows NT 4 type
> DOMAIN.
>
>
which is what I'm doing. The BDC still does have its own SID and it
uses the exact same ldap data as the PDC. It's just in the
/etc/smbldap-tools/smbldap.conf file on the BDC, I set the SID to use
that of the PDC. When I had the SID set to the BDC (in the
smbldap.conf), logons didn't work when an account was generated with the
smbldap-useradd on the BDC. I'm assuming the SID of a user on the domain
has to have the SID prefix of the PDC, not any other server on the domain.
> Since a passdb of LDAP or tdb types actually permit you to have user
> home drives and profiles set individually, it really isn't much effort
> to assign these paths individually for users to whichever server you
> want them to use.
>
>
you're right, it isn't much effort to modify the home drives a users on
different servers. But being able to use the smbldap-tools to do all of
that for you, is a smoother solution, imo - assuming there is no issues
in doing it.
> Am I aware of any problems having the setup like you have described
> yours to be? No - but I tend towards setting things up as they were
> intended to be done.
>
I don't think I'm doing anything that strange here.. I've just added the
smbldap-tools to the BDC as well, and modified the smbldap.conf file so
that it will create users home drives and ldap settings to use a home
drive on the BDC. If I am doing something strange here, in a way samba
is not intended to be used, please point it out to me. I don't want to
shoot myself in the foot later on ;).
Thanks greatly for your help.
Matt
--
Matt Ingram
Intermediate Unix Administrator, IS
Canadian Bank Note Company, Limited
\m/
More information about the samba
mailing list