On Mon, 2007-03-05 at 14:01 +0000, Russell Jones wrote: > Hans van der Merwe wrote: > > When I login using DOMAIN\user - a home dir under /home/DOMAIN/user is > > created. > > I remember having issues after domain registration with Samba home dis > > pointing to /home/DOMAIN, so in my ignorance I changed it by hand back > > to /home in smb.conf. > > Thus logging in as DOMAIN\user or user always goes to /home/user. > > Sorry my fault. > > As I see it, to use the domain user I will have to move my local user > > home dir contents to /home/DOMAIN/user. > > > > But still, where is uid DOMAIN\user stored? > > > I think it's stored in a Samba tdb file... Ah yes > http://us1.samba.org/samba/docs/man/manpages-3/smbd.8.html > > winbindd_idmap.tdb* > > winbindd's local idmap db > > I wonder in turn how one would keep these in sync across machines? > > (Of course, I'm not the first: > http://lists.samba.org/archive/samba/2005-October/thread.html#111648 > Looks like HP have dealt with this in a proprietary way: > http://docs.hp.com/en/B8725-90110/ch09s03.html > "Access to an LDAP-UX Netscape Directory Server as the backend storage > for larger deployments to maintain winbind ID maps across multiple HP > CIFS Servers." > > These look interesting: > http://de.samba.org/samba/ftp/pre/WHATSNEW-3-0-25pre1.txt > > Winbind IDMAP integration with RFC2307 schema objects supported by Windows > 2003 R2. > > New Winbind IDmap plugin (ad) for retrieving uid and gid from AD servers > which maintain the SFU user and group attributes. > > http://linux.israel.net/samba/devel/roadmap-3.html (can't find this on > samba.org) > > ) > > What does Yast -> Windows Domain Memebership do to my config files? > > > Isn't a lot of the YaST stuff perl scripts? Could you dig out (e.g. find > it's package and use rpm -ql <package name> ) the one for this YaST > module and read through it? >
OK, thanks, I'm back on local security :) E-Mail disclaimer: http://www.sunspace.co.za/emaildisclaimer.htm -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
