On Mon, 2005-05-23 at 16:23 +0100, David Barker wrote:
> Looking through the ldapsam stuff, it looks like in samba 3 a user can
> only be a member of one domain at a time in an ldap tree.
>
> attributetype ( 1.3.6.1.4.1.7165.2.1.20 NAME 'sambaSID'
> DESC 'Security ID'
> EQUALITY caseIgnoreIA5Match
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{64} SINGLE-VALUE )
>
> Does anyone know if it's safe to drop SINGLE-VALUE from sambaSid, to
> allow one user to be in two domains at once?The idea was (it didn't really work out as well as I would have liked) to have sambaSID be the unique identifier for objects in the ldap tree (for finding them when clients ask 'what is this sid' questions). Why do you think you need multiple domains on one LDAP tree? Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net
signature.asc
Description: This is a digitally signed message part
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
