i'm currently running samba 2.2.8a as a domain member server to an NT4Server.... no problems will be upgrading the PDC to a W2K server next week... there isn't a need to use LDAP with Samba with W2KServer is there ? I can still go with my current setup can I ?
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 2 Jul 2003, ipguy wrote:> i'm currently running samba 2.2.8a as a domain member server to an > NT4Server.... no problems > will be upgrading the PDC to a W2K server next week... > there isn't a need to use LDAP with Samba with W2KServer is there ? I can > still go with my current setup can I ?You should be fine, but you will need the enable the - --with-winbind-ldap-hack when compiling winbindd (if you are using it) to get the caching of SIDs and usernames correct with a native mode Win2k DC. Otherwise the sequence number updates will never chacnge and cached information wil never expire like it should. cheers, jerry ---------------------------------------------------------------------- Hewlett-Packard ------------------------- http://www.hp.com SAMBA Team ---------------------- http://www.samba.org GnuPG Key ---- http://www.plainjoe.org/gpg_public.asc "You can never go home again, Oatman, but I guess you can shop there." --John Cusack - "Grosse Point Blank" (1997) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE/A6GkIR7qMdg1EfYRAi20AJ9GYiQnqG45/p0sUVm8PaSUy6DCHQCgm9Pj gCGv36jt3YFAhfZTeCvKQ98=UqCS -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 3 Jul 2003, ipguy wrote:> ok, but I won't be using ldap so are you sure i'll need the > "--with-winbind-ldap-hack" ?The problem is that a native mode active directory DC will always return the same sequence number when queried via RPC. So you have to grab the highestCommittedUSN attaribute via LDAP. Otherwise, the cache entries in winbindd_cache ever expire which is bound to cause problems. You could also just tell winbindd never to cache (-n) but then performance suffers. cheers, jerry ---------------------------------------------------------------------- Hewlett-Packard ------------------------- http://www.hp.com SAMBA Team ---------------------- http://www.samba.org GnuPG Key ---- http://www.plainjoe.org/gpg_public.asc "You can never go home again, Oatman, but I guess you can shop there." --John Cusack - "Grosse Point Blank" (1997) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.0 (GNU/Linux) Comment: For info see http://quantumlab.net/pine_privacy_guard/ iD8DBQE/BCGxIR7qMdg1EfYRAsPcAKDOskQFAPyCPOKWbhw9jtwkdrv8qACgmqg7 V0TfwbelRX+aeR+tIGGQT48=nkID -----END PGP SIGNATURE-----