[Samba] auth to two diff PDCs? (success, sort of)
Andrew Bartlett
abartlet at samba.org
Mon Oct 28 05:59:26 GMT 2002
Andrew Bartlett wrote:
>
> Matthew Hannigan wrote:
> >
> > With a single server, settings "security = server" and
> > "password server = pdc1 pdc2', I can successfully
> > authenticate against two entirely different PDCs
> > depending on which order I put the two machines in
> > the 'password server' list.
> >
> > Is there someway of forcing clients from either
> > domain to authenticate against the 'right' pdc,
> > regardless of the order in the 'password server'
> > config?
> >
> > What is the algo for choosing auth server out of a
> > list, anyway?
> >
> > If so it'd be a nice cheap way of getting what
> > we would otherwise have to wait for trust relationship
> > support for.
>
> The reason we don't support this already is that while the auth works, a
> *lot* of other things break.
But if one PDC trusts the other, then secrutiy=domain will do this stuff
fine.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba-technical
mailing list