On Mon, Oct 28, 2002 at 04:56:03PM +1100, Andrew Bartlett wrote: > Andrew Bartlett wrote: > > > > Matthew Hannigan wrote: > > > > > > With a single server, settings "security = server" and > > > "password server = pdc1 pdc2', I can successfully > > > authenticate against two entirely different PDCs > > > depending on which order I put the two machines in > > > the 'password server' list. > > > > > > Is there someway of forcing clients from either > > > domain to authenticate against the 'right' pdc, > > > regardless of the order in the 'password server' > > > config? > > > > > > What is the algo for choosing auth server out of a > > > list, anyway? > > > > > > If so it'd be a nice cheap way of getting what > > > we would otherwise have to wait for trust relationship > > > support for. > > > > The reason we don't support this already is that while the auth works, a > > *lot* of other things break. > > But if one PDC trusts the other, then secrutiy=domain will do this stuff
Except that the users would have to be on the server, right? Since (according to the docs (smb.conf)) the network logon comes from the server, not the workstation. What precisely does 'on the server' mean anyway? In the smbpasswd file? We don't use that; we just have the unix user (/etc/passwd) Matt
