I have got my ADS/Win2K3 system and Samba3 using winbind. I am able to do getent passwd, which returns users out of ADS.
My problem is that I wish to have a Samba box at a remote location, which I currently have, using user accounts stored in LDAP, but have not choice but to move to ADS based users because of a Citrix application which we are not able to get to work with Samba and LDAP based accounts.
If I enable domain logons, getent passwd returns only local accounts, not ADS based account, plus, I have also seen that if I set winbind trusted domains only = yes, then getent passwd also stops working.
Now I am sure, I read somewhere, that you can't use winbind and domain logons, but I am hoping somebody might be able to give us better idea.
In Samba 3.0, winbindd should be used on a Samba PDC in order
to handle users/groups from trusted domains.
Okay, so if I understand what you are get at, is that I should setup an AD domain, make my Samba server belong to another domain and the Samba domain trust the AD domain, that way I get the AD users in my Samba domain, which will let me use domain logins, which is the big thing I am missing with Samba acting as a "Server role: ROLE_DOMAIN_MEMBER" ...
Does this sound right?
Mailed Lee
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
