-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Paul Henry wrote:
| 1. Is it ok, with roaming profiles on, to leave | "logon drive = " empty, as this drive seems to | be confusing users? You probably won't get the home directory mapped automatically for you. But you can still have this mapped via a logon script. Test and see. | 2. All my ldap stuff is using tls, and I just | want to confirm that "ldap ssl = start_tls" is | looking in /etc/ldap.conf for certificate | locations etc.? The StartTLS support is handled by the OpenLDAP client libs so they will use their normal configuiration files. I'm assuming you meant /etc/openldap/ldap.conf and not the ldap.conf file used by teh PADL tools. Confusing as it is, I know... | 3. Is all traffic between Windows clients and | the Samba server encrypted, or can this be done/how? No, it not all encrypted. Some rpc exchanges are encrypted via schannel communication. For complete data privacy, look at a VPN or IPSec. | 4. Nowhere in Samba How-To or Samba-Guide did it | say that the logon.bat (logon script, whatever you wish | to name it) should be permission 744, i.e. chmod | 744 could we add this? it just needs to be readable by the authenticated user. This should be common sense I think. | 5. Why do you need to ldap enable sshd via pam? You don't. sshd has nothing to do with Samba. cheers, jerry ===================================================================== Alleviating the pain of Windows(tm) ------- http://www.samba.org GnuPG Key ----- http://www.plainjoe.org/gpg_public.asc "I never saved anything for the swim back." Ethan Hawk in Gattaca -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFC5jT/IR7qMdg1EfYRAkQbAJ43q0Cq7c1GUHqbicJkV0VL89eJgwCgqiqG pjFAgWBe8XaNSyxZUJvjHsc= =KWJc -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
