Can anyone provide any advise, pro/cons etc for how to deal with passdb data (meaning smbpasswd account data and groupmap data) when running multiple Samba 3.0.x member servers in a single AD domain. I'm not using winbind so I think this might be an unusual question.
>From what I've read most references to using an LDAP backend are for Samba PDC >servers (might have misunderstood though). Does it make sense to have Samba 3.0 AD member servers using the same ldapsam read/write passdb backend? Is this supported? The other option is for all Samba member servers to have their own local passdb backend, but this means having to run "smbpasswd -a" and "net groupmap" commands separately on every individual server which will result in differing SIDs for groupmap I think, is this a problem? Also this will mean the accounts will have un-synchronised passwords but I don't mind about that because I am happy to rely solely on Kerberos authentication which ignores the password in passdb, Any thought on this subject much appreciated, thanks Andy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba