Hello, HOWTO chapter 21 describes the use of winbind daemon in a Samba domain member Server, but it's possible (and desirable) to run winbind in a PDC Samba server? The question is due to it that in that case it seems it is not necessary winbind for authenticate/mapping users against a external WinNT4 PDC, the Samba PDC perform authentication itself (and the mapping its not necessary, because Samba run in UNIX, where each user/group have an UID/GID). What about when there is a trust relationship between Samba domain and an external WinNT4 domain? (I think in this case winbind could be necessary, to assign SID in the WinNT4 domain to users of the Samba PDC domain, but I'm not sure). Thanks in advance! ------ Ferm?n
On Wed, 31 Dec 2003, [iso-8859-1] Ferm?n Gal?n M?rquez wrote:> Hello, > > HOWTO chapter 21 describes the use of winbind daemon in a Samba domain > member Server, but it's possible (and desirable) to run winbind in a PDC > Samba server? The question is due to it that in that case it seems it is not > necessary winbind for authenticate/mapping users against a external WinNT4 > PDC, the Samba PDC perform authentication itself (and the mapping its not > necessary, because Samba run in UNIX, where each user/group have an > UID/GID).Correct.> What about when there is a trust relationship between Samba domain and an > external WinNT4 domain? (I think in this case winbind could be necessary, to > assign SID in the WinNT4 domain to users of the Samba PDC domain, but I'm > not sure).Winbind is needed to map SIDs from foreign domains and from machines that are not domain members. That is why it is a good idea to run winbind on all servers. Cheers, John T. -- John H Terpstra Email: jht@samba.org
Maybe Matching Threads
- [Bridge] Re: Bridge Digest, Vol 31, Issue 6
- "Account Unknown" problem (Samba3 domain users in WinNT permissions)
- Problem creating domU: "Device 2049 (vbd) could not be connected. Hotplug scripts not working."
- Multiple SA in the same IPSec tunnel
- Linux router performance