Hello all
I'm trying once again to get a Samba server set up on a Slackware Linux
system for a small office (much less than 100 users). There will be
multiple domains on this system (say foo.com, bar.com, ...) with the users
scattered between these domains. We want to use LDAP to authenticate the
users and provide authorization info. There are no Windows domain
controllers available. All client machines are either NT2000 or Windows
XP. No users will ever log in to the Linux box, and we don't even want to
create /etc/passwd entries for them (all user info should be maintained in
LDAP).
Do I need to use nss_ldap? Doesn't that module only provide a means for
the system to find user info in LDAP when the user logs in to Linux?
Since that will never happen, I shouldn't need it?
Same thing for PAM?
What about winbind? I read in the archives that it is only needed to
provide a mapping between SID and UID. If we store UID info directly in
LDAP, do we need to run winbind at all?
How should I handle the multiple domains issue? I see where the
samba.schema has 'sambaDomainName'. How is that used when the user logs
in? In other words, how does 'user1@foo.com' specifiy his login on his
Windows machine? Does he just enter 'user1' and the system assigns him
to
'foo.com'? Is there any way for a user to be a member of multiple
domains?
Can a user be a member of multiple groups? Say 'accounting' and
'marketing' in bar.com? I'll save cross-domain groups for some
other
time.
Thanks for any help.
/dwight
--
Dwight N. Tovey
email: dwight@dtovey.net
web: http://www.dtovey.net/~dwight
-----------
Heard about the new restaurant on the moon? Great food but no atmosphere.
