[Samba] Re: Samba-OpenLDAP and AD question..
jslittl at hendricks.org
Wed Nov 1 13:03:21 GMT 2006
> On Mon, 2006-10-30 at 13:14 -0800, John Little wrote:
> > Hi all
> > We have slowly been migrating our NT4 domain to Samba+OpenLDAP.
> >Today I was told that we were going to to create an AD 'resource'
> >domain, put all of the workstations in it and create a trust
> >relationship between the two domains. In other words the users
> >would be in the Samba+OpenLDAP domain and the workstations in the AD
> >'resource' domain. If it matters we have about 1750 workstations
> >with about 2000 users.
> > Is this a reasonable model to follow or thing to do?
> It depends on the reasons for creating the resource domain.
> > If we do this what sort of pitfalls, if any, should I expect to encounter?
> > Any ideas, opinions, knowledge of this are greatly appreciated.
> It should work. In fact, I think I even tested it briefly at my site.
> It will just be an interdomain trust as far as Samba and AD are
My concern is that currently the machines are joined to the NT4 domain (AD has
not been implemented as of yet). We have users in the Samba domain
accessing shares on Windows servers joined to the NT4 domain. Occasionally
these users cannot access a share and get a message about the trust
relationship not working. This does not occur when the workstation is
joined to the Samba domain. The workstations are Win XP pro and Win2k. Note
that I am not speaking of logon issues here, just of intermittent share
Since we are a hospital patient safety and care is of utmost priority.
Translated into IS terms doctors and nurses have to access information
quickly and when they need it. Hence my concern about keeping the
workstations on the NT4 or AD domain.
Are the trust relationships more stable with AD or am I possible missing
something in my setup that would cause the intermittent access issues?
> Andrew Bartlett
More information about the samba