security = domain is for domain member servers, which are servers that
are part of the domain but don't authenticate users, handle roaming
profiles, etc. basically you'd use them for print servers, or more file
shares.
why don't you just have a PDC and use BDCs? sure you can have a bunch
of domains and PDCs, but if its all for the same company, just go with
the PDC and then a BDC on each subnet. PDCs and BDCs both use security
= user
Daniel Pocock wrote:
Consider the following scenario:
- a single OpenLDAP server, with a single instance of the object class
sambaDomain and a single SID:
dn: sambaDomainName=myserver,ou=samba,dc=example,dc=com
objectClass: sambaDomain
sambaDomainName: MYGROUP
sambaSID: S-1-2-3
- multiple Samba servers, each with the following configuration:
security = user
workgroup = MYGROUP
Is this a valid configuration? Or does the SMB protocol require the
domain security to be used (security = domain) when all servers share
a single LDAP backend?
Regards,
Daniel
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
