[Samba] DC01 & DC02 differences?
L.P.H. van Belle
belle at bazuin.nl
Tue Feb 3 00:46:29 MST 2015
Hai Bob,
On my servers, both DC1 and DC2,
i see..
PAM profiles to enable: ?
? [*] Kerberos authentication ?
? [*] Unix authentication
?
and wbinfo works ok..
wbinfo -u
Administrator
Guest
.... etc ..
Yes, both do winbind request, but...
I do login only with 1 user on my servers on linux.
This is a separated user. samba handles only the windows request..
I keep this separated for security..
No windows user can login for example with ssh on my DC's... its just not allowed.
For the i do create a "Maintainence user"
But on the member servers i do enable this, there its allowed for some windows users to login with ssh.
This all is for the safety on my DC's.
Greetz,
Louis
>-----Oorspronkelijk bericht-----
>Van: bob at donelsontrophy.net
>[mailto:samba-bounces at lists.samba.org] Namens Bob of Donelson Trophy
>Verzonden: maandag 2 februari 2015 20:03
>Aan: SAMBA MailList
>Onderwerp: [Samba] DC01 & DC02 differences?
>
>
>
>I have created a DC01 & DC02 with Louis's (generation one) scripts. I
>have noticed, during some testing that 'pam-auth-update' shows PAM
>profiles Kerberos, Unix & Winbind listed on DC01.
>
>The DC02 only lists Kerberos & Unix and Winbind is missing.
>
>I thought that the two DC's were suppose to be identical? If DC01 goes
>"down" DC02 cannot carry a winbind request?
>
>Am I miss understanding the principle of two DC's?
>
>Louis, what is you "take" on this?
>
>--
>
>-------------------------
>
>Bob Wooden of Donelson Trophy
>
>615.885.2846 (main)
>www.donelsontrophy.com [1]
>
>"Everyone deserves an award!!"
>
>
>Links:
>------
>[1] http://www.donelsontrophy.com
>--
>To unsubscribe from this list go to the following URL and read the
>instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list