Thanks again for your responce ... it currently feels like I am banding my head against a M$ Wall ...
No, what I mean, if you enable "domain logons = yes", getent passwd does not return any users from the AD system, which means I can't have a remote Samba Server acting as PDC to host the netlogon service ...Now if we use winbind, we can't setup the Linux servers as PDC.
This is incorrect. Winbind runs perfectly fine against Samba 3.0.
For the domain that is locale to the user ... Which would be a Samba server at a remote site ...
That is a limitation of winbind, and with out the Samba servers running as PDC's I can't get the local workstations as the remote sites to process login scripts.
Logon scripts for their own domain, or logon scripts for trusted
domains?
I am not sure that is the problem, for a test, I have been able to Join a Win2K3 TS system to my lovely Samba domain and everything works fine. No problem there.I could give up on the idea of remote sites local workstations automaticly processing login scripts, because that is the only real thing I am looking for. I could manually add login scripts to all the workstations, or I could work out something with trusts.
I have been trying setuping up a trust both ways between AD and Samba, but TS will not let any of my users login from Samba.
How about you sort out your terminal-services issues first. I think you
might be being bitten by generic Samba/TS interactions, and are just
making your life more difficult by looking for the most complex
solution.
In a Samba domain, win2k TS clients need Samba 3.0.1 to store the rightMy real problem is a few $h!ty application which I have no control over. iScala, a finance system which uses M$SQL2K, tied very closley into AD. And then Citrix or maybe TS ...
extra information. But it sounds like you don't want to run a Samba
PDC, except for the fact that it would allow you to serve up a logon
script. Can't AD do that as well, if not better?
I am currently tring to create a trust between Samba and AD domain so that users in my Samba domain have access to AD resources, which currently means access to iScala. But I am still going to have to fine a way to get my remote Samba users to access Citrix via Pass-Through-Auth, but from what have seen, I might not have may options left.
Thanks Mailed Lee
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
