On Tue, 2004-02-03 at 09:44, Barry Smoke wrote: > in both methods tried, we can't successfully add xp machines to the > domain at the remote locations > main samba is on our main campus, behind a 10.10 internal lan > remote samba's are on remote campuses, behind a 10.xx network > 10.11 > 10.12 > > all connected with our internal lan via VPN > ###################################################################### > Method 1) ALL PDC's, using same ldap database(thus inherant problems, > allusers have SID's generated with primary domain's SID)
You cannot share users between domains. If the user is in one domain, it *must not* be visible to the other domains, you must use a seperate ldap suffix. > ####################################################################### > Method 2) believeing method 1 had something to do with an SID problem, > we proceeded to set up the remote locations as BDC's > > a)set up master ldap server, and samba server on same machine, > b) set up replica's and referrals back to master > c) set up remote servers as BDC's using same SID > d)set up SID in smbldaptools to be the same > > results: > samba added the xp machines to the domain, but we could not log in upon > reboot. Check your replication, and use Samba 3.0.1, with the 'ldap replication sleep' parameter. This allows you to make the system wait until the slave LDAP server has caught up. > questions: > on method1 above, we have some users that get special shares based upon > the %m, meaning the domain they put to log in box. %m is the machine name they login from. > This works on the pdc, but we can't get it to work on a BDC.(Why don't > domain aliases work on a BDC?) I'm not sure what you mean here. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net
signature.asc
Description: This is a digitally signed message part
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
