zheka wrote:
Duncan Brannen wrote:
Yes, you missed the parameter "lock directory" in smb.conf. browse.dat lays under the lock directory path.
Appologies for double posting this. I managed to add it to the end of an old thread instead of starting a new one,
anyone recommend a mail client that shows threads? :)
Hi,
I'm trying to run 2 domains from the one server. I've got my 2 config files
and both servers run, bound to the correct interface if started normally.
The problem I have occurs when I try to start both at once. nmdb seems to be hardwired
to write to $SAMBA_ROOT/var/locks/browse.dat so each instance of nmbd overwrites
the data of the other.
Have I missed an option to configure it to write elsewhere? ( log, lock & pid dirs don't do it)
or, do I have to recompile samba with a new root?
Feature Request:: Is it possible to have an option to reset this location if it doesn't exist?
Is there a good howto anywhere on 2 domains / one machine or a good reason not to do it?
(Pref for Solaris)
We've got the same users in each domain, with the same ldap backend, The problem
being solved is that of giving some users escalated permissions when logged into their
own domain (Set group of machines ) but allowing them to log into the "World usable"
domain (open access machines) with normal permissions. Joe Blogs shouldn't be able to
login to the 2nd domain, & I've controlled access using the ldap filter in smb.conf. (Good / Bad idea?)
Any comments from those who done this appreciated.
Cheers, Duncan
I have successfull installation of samba server with two domains, but it works only if locking directories are separated. And yes, you will need separate ldap records for same users in different domains (because of different SIDs).
I've set the lock directory (see above, tried lock, log and pid) but this doesn't change the browse.dat location, just the pid / filename.tdb location. Possibly the overwriting of browse.dat by the two nmbd processes is a red herring and it should work.
I've set the SIDs' of the two domains to be the same so I only need one set of user records. Which version are you using? I'm going to try again with 3.0.11,
and compile them into distinct directories if it still fails.
Cheers,
Duncan
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
