I dont think so,
I've gotten round it by setting domain logons=yes and hard coding the file server name(offaly) on the wins server(kerry) in wins.dat as an ordinary workstation. And disabled nmbd on offaly. It would be great if i had an option domain logons=yes + domain controller=no. Would suit this particular configuration. Dale Schroeder wrote: > See if this is what you want: > http://us1.samba.org/samba/docs/man/Samba-Guide/unixclients.html#sdcsdmldap > > > Hope it helps. > > Dale > > David Markey wrote: >> Hi, >> >> >> Samba version 3.2-test(from git) >> >> I have a PDC(CS Domain) called kerry with an openldap backend, I have a >> file server that i want to authenticate off the same ldap as the PDC but >> i dont want it to be a BDC. This machine is called offaly. >> >> >> I would have thought that this would work pretty smoothly if i just >> configure domain logons = no. >> >> But then the file server generates it own SID and doesnt use the SID >> for the CS >> domain and creates its own account policies. >> >> Is there any way to have domain logons=yes but not act as a BDC or is it >> possible for to have domain logons=no and conform to the SID and account >> policies for the CS Domain. >> >> More info, >> >> When Domain Logons = no then it generates this in LDAP: >> >> >> dn: sambaDomainName=OFFALY,dc=cs,dc=dit,dc=ie >> sambaDomainName: OFFALY >> sambaSID: S-1-5-21-1810654286-1445949878-2619355827 >> sambaAlgorithmicRidBase: 1000 >> objectClass: sambaDomain >> sambaNextUserRid: 1000 >> structuralObjectClass: sambaDomain >> entryUUID: 1db04188-79bc-102d-8b3c-bff53cf5d285 >> creatorsName: cn=admin,dc=cs,dc=dit,dc=ie >> createTimestamp: 20090118145748Z >> sambaMinPwdLength: 5 >> sambaPwdHistoryLength: 0 >> sambaLogonToChgPwd: 0 >> sambaMaxPwdAge: -1 >> sambaMinPwdAge: 0 >> sambaLockoutDuration: 30 >> sambaLockoutObservationWindow: 30 >> sambaLockoutThreshold: 0 >> sambaForceLogoff: -1 >> sambaRefuseMachinePwdChange: 0 >> >> >> But it should i want it to use the CS domain one namely: >> >> dn: sambaDomainName=CS,dc=cs,dc=dit,dc=ie >> sambaAlgorithmicRidBase: 1000 >> sambaNextUserRid: 1000 >> structuralObjectClass: sambaDomain >> entryUUID: cf6b1632-7886-102d-88b4-cdd5ec2918da >> creatorsName: cn=admin,dc=cs,dc=dit,dc=ie >> createTimestamp: 20090117020342Z >> sambaRefuseMachinePwdChange: 0 >> gidNumber: 1000 >> sambaDomainName: CS >> sambaSID: S-1-5-21-162219125-2768231107-2725269179 >> objectClass: top >> objectClass: sambaDomain >> objectClass: sambaUnixIdPool >> sambaLockoutDuration: 10 >> sambaLockoutObservationWindow: 10 >> sambaLockoutThreshold: 5 >> sambaMinPwdLength: 5 >> sambaPwdHistoryLength: 5 >> sambaLogonToChgPwd: 0 >> sambaMaxPwdAge: 7776000 >> sambaMinPwdAge: 0 >> sambaForceLogoff: -1 >> uidNumber: 1009 >> sambaNextRid: 1002 >> >> >> Any Ideas? >> >> Thanks >> >> David >> >> >> >> -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
