[Samba] Roaming Desktops with Linux Clients

Dave Ewart davee at ceu.ox.ac.uk
Wed Apr 11 11:49:13 GMT 2007


On Wednesday, 11.04.2007 at 21:07 +0930, Daniel O'Connor wrote:

> On Wednesday 11 April 2007 20:44, Dave Ewart wrote:
> > Well, we clearly have different opinions here.  I don't fancy
> > mounting /home (via NFS) on every Linux box.  That just strikes me
> > as the wrong way to do it: a local machine root compromise puts the
> > entirety of /home at risk.  pam_mount at least ensures that you only
> > get the home directory for the current logged-in user
> > remotely-mounted.
> 
> I wasn't thinking straight and was under the impression that local
> root would need special access to the LDAP server but that isn't
> necessary with the correct ACLs.
> 
> Yes, you're right :)

:-)

Yes, local root needs to be told to *trust* the LDAP server, as far as
authentication and users/groups are concerned, but no special access is
required.

Dave.
-- 
Dave Ewart
davee at ceu.ox.ac.uk
Computing Manager, Cancer Epidemiology Unit
Cancer Research UK / Oxford University
PGP: CC70 1883 BD92 E665 B840 118B 6E94 2CFD 694D E370
Get key from http://www.ceu.ox.ac.uk/~davee/davee-ceu-ox-ac-uk.asc
N 51.7518, W 1.2016
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: Digital signature
Url : http://lists.samba.org/archive/samba/attachments/20070411/427264b6/attachment.bin


More information about the samba mailing list