[Samba] one ldap server and multiple samba PDC domains

Andrew Bartlett abartlet at samba.org
Thu Oct 23 00:45:46 GMT 2008

On Mon, 2008-10-20 at 08:57 +0330, Mohammad Reza Hosseini wrote:
> hello
> Is it possible to have multiple samba servers so multiple samba PDC domains
> but just one ldap server ? (so users in ldap can login to diffrent domains
> but we add them just one time)
> if yes how?

In short, don't.  A lot of folks have got themselves into a lot of
trouble doing this, as it is not a tested or supported configuration.

The only option is to ensure that each Samba domain cannot see the users
of the other domain - the suffixes must be different.  But then why even
share the LDAP server?

I strongly suggest running a single domain for a single organisation,
backed by a single LDAP server (or replicated set of LDAP servers).

Andrew Bartlett

Andrew Bartlett
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20081023/a317f436/attachment.bin

More information about the samba mailing list