2) Anyone can log into any PC -- disadvantage People have become used to not worrying about security on their own PCs as nobody else could login. Once "domained" anyone can login.
There is an option in Samba 3 that is designed to work like the host attribute in LDAP. Basically, you list the machine that people can log in on.
3) Complexity
I am concerned about keeping this whole house of cards working with
a PDC in MtLaurel and "slave" PDCs in the other locations. Our
people travel a lot and they need to use resources while in non-home
offices. How do they join the MtLaurel PDC and then move to the Sophia
one? How do they use one inside the corporate network from outside?
We're currently planning on solving this issue with only one domain across our sites. The plan is to set up DC boxes in each site, all connected to the same ldap data store, also replicated at each site naturally. When a laptop is off the network, you still are allowed to log in with cached (I believe that's the right term) credentials as long as the user has logged in on that machine before. However, you don't have access to the networked resources until such time as you connect with your vpn naturally.
-- Paul Gienger Office: 701-281-1884 Applied Engineering Inc. Cell: 701-306-6254 Information Systems Consultant Fax: 701-281-1322 URL: www.ae-solutions.com mailto:[EMAIL PROTECTED]
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
