[Samba] uidNumbers and gidNumbers for samba multi-domain setup (ldap)
Dear friends, I managed to setup one additional PDC of my LAN, authenticating against the same openldap server. I have this ldap tree: - ou=users (for both domains), ou=computers (for both domains) - ou=groups (for the first domain), ou=groups1 (for the second domain) Please, I have these important doubts: 1. is it ok to have the same gidNumbers for well known groups for both domains? I mean, i.e. is it ok to have cn=Domain Users with gidNumber=513 for both domains? (and the same gidNumber for Domain Computers, etc?). 2. is it better/possible to use one common sambaUnixIdPool? or is it better/needed to have different sources for each domain, to assign let smbldap-tools to assign uidNumbers and gidNumbers? Thank you very much in advance, Pablo Chamorro C. -- Ext. 8705 Tel: +57 (2) 7314752/3222/2595 - Fax: +57 (2) 7310514 Carrera 31 #18-07 Parque Infantil - PO Box 1795 - Pasto -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] multi-domain authentication
with local you mean DOMA or the samba workstation itself? we recently implemented a one-way trust between DOMA and DOMB to allow MS Terminal Server users to authenticate users from both domains. all member servers (samba) have to use winbindd to "see" trusted accounts. please read the appropriate chapters in JHT's docs and trust settings in smb.conf. then you will be able to specify valid users = DOMA\joe DOMB\joe for example. greez David F. Newman wrote: On Thursday 08 September 2005 02:34, Michael Gasch wrote: David F. Newman wrote: Can samba be used with security = server to authenticate a user in a domain other than what the samba server is in? i.e. The samba server is set to workgroup NA and I have a user called EU\joe that is trying to access a share but it seems it is checking the password against NA\joe. I have a username map of joe EU\joe i think you have to establish a trust between DOM NA and DOM EU - for this to work you have to deal with winbindd, too. mapping won't be sufficient until your users (joe & EU\joe) have the same passwords I am not looking to authenticate shell access against a windows server. I'm only trying to authenticate access to smbd against a windows server. I'm using "security = server" with the password server set to the domain controllers of my local domain. There is a trust between the two domains. But smbd only seems to authenticate users who are in the local domain. -Dave -- Michael Gasch Max Planck Institute for Evolutionary Anthropology Department of Human Evolution (IT) Deutscher Platz 6 D-04103 Leipzig Germany Phone: 49 (0)341 - 3550 137 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] multi-domain authentication
On Thursday 08 September 2005 02:34, Michael Gasch wrote: > David F. Newman wrote: > > Can samba be used with security = server to authenticate a user in a > > domain other than what the samba server is in? > > > > i.e. The samba server is set to workgroup NA and I have a user called > > EU\joe that is trying to access a share but it seems it is checking the > > password against NA\joe. I have a username map of > > joe EU\joe > > i think you have to establish a trust between DOM NA and DOM EU - for > this to work you have to deal with winbindd, too. > > mapping won't be sufficient until your users (joe & EU\joe) have the > same passwords > I am not looking to authenticate shell access against a windows server. I'm only trying to authenticate access to smbd against a windows server. I'm using "security = server" with the password server set to the domain controllers of my local domain. There is a trust between the two domains. But smbd only seems to authenticate users who are in the local domain. -Dave -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] multi-domain authentication
David F. Newman wrote: Can samba be used with security = server to authenticate a user in a domain other than what the samba server is in? i.e. The samba server is set to workgroup NA and I have a user called EU\joe that is trying to access a share but it seems it is checking the password against NA\joe. I have a username map of joe EU\joe i think you have to establish a trust between DOM NA and DOM EU - for this to work you have to deal with winbindd, too. mapping won't be sufficient until your users (joe & EU\joe) have the same passwords greez -- Michael Gasch Max Planck Institute for Evolutionary Anthropology Department of Human Evolution (IT) Deutscher Platz 6 D-04103 Leipzig Germany Phone: 49 (0)341 - 3550 137 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] multi-domain authentication
Can samba be used with security = server to authenticate a user in a domain other than what the samba server is in? i.e. The samba server is set to workgroup NA and I have a user called EU\joe that is trying to access a share but it seems it is checking the password against NA\joe. I have a username map of joe EU\joe -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] multi domain
how to set samba to be many domain not just one , and how to set samba join winnt PDC . thank's -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba