On Tue, 2003-09-16 at 23:48, Markus Schabel wrote: > Hello! > > Running the new Samba 3.0 with all users in an LDAP directory with the > new objectClass sambaSamAccount there seems to be a problem with > multiple domains. > > I have some users that are in more than one domain. Previously this was > no problem, because all domains had access to the same LDAP user account > and allowed users are controlled with specific filters. > > Now the sambaSID contains the domainSID which is different for each > domain, so that it is not possible to use the same account for more than > one domain. > > How do you solve this? Are trust relationships that mature that they can > solve this?
Trust relationships are the correct way to deal with this. Any one user should only have one SID - anything else leads to mayhem at one point or another. Or you could just use the 2.2 schema... Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net
signature.asc
Description: This is a digitally signed message part
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
