Greetings Can someone explain cross domain authentication? I have two trusted domains. Several users have the same user name on either domain. Are these mapped as the same user? Is there a mechanism to differentiate? -- There are three kinds of people in the world. Those who can count and those who can't... Charlie
hi, as these users are from different domains and with different SIDs you can distinguish between them. on your fileservers use "winbind use default domain = no" and an IDMAP backend which supports SID-to-UID-mappings for trusted domains, too (e.g. idmap_ldap in case you have many fileservers). micha Charles Whipple wrote:> Greetings > > Can someone explain cross domain authentication? I have two trusted > domains. > Several users have the same user name on either domain. Are these mapped as > the same user? Is there a mechanism to differentiate? >
hi, as these users are from different domains and with different SIDs you can distinguish between them. on your fileservers use "winbind use default domain = no" and an IDMAP backend which supports SID-to-UID-mappings for trusted domains, too (e.g. idmap_ldap in case you have many fileservers). micha Charles Whipple wrote:> Greetings > > Can someone explain cross domain authentication? I have two trusted > domains. > Several users have the same user name on either domain. Are these mapped as > the same user? Is there a mechanism to differentiate? >