[Samba] Local account login failed when samba join to LDAP
Rowland Penny
rowlandpenny at googlemail.com
Tue Apr 1 01:53:32 MDT 2014
On 01/04/14 06:57, Johnson Cheng wrote:
> Dear Steve,
>
> I am not sure if I get your point.
> Does "ldap can hold all the information in just one db" mean it doesn't work when I have two DBs, tdbsam and ldapsam ?
>
> When samb3 join AD, it can work on both local accounts and AD accounts. Why LDAP can only support a DB?
>
You cannot use two samba databases, AD only uses one database, local
users are NOT part of AD.
When you login into a machine that is joined to an AD server, AD is
checked to see if the user exists, if the user does not exist, the local
passwd file is checked and if the exists there (and the password is
correct), they can login. If the local user then goes to another machine
and tries to login, it will fail because the local user is not in AD or
a local user on that machine. An AD user can login into any machine that
is joined to the AD domain.
Rowland
More information about the samba
mailing list