I've been reading the Official How-To, Chap. 6, Joining an NT4-type Domain with Samba-3 because I want to join my current Samba3 PDC server and all its users (on Win XP Pro machines) to an MS Server 2003 domain. Not sure if I am understanding the material. It seems as if I can join the Samba3 server to the to the Server 2003 domain, but not all the user accounts. Is this correct? What I want to accomplish is --- Maintain the same Samba PDC and user account setup, and also make it possible for the Samba users to access data in a directory on Server 2003. I appreciate any points of advice and suggested reading. Thank you for your help.
Adam Tauno Williams
2008-Jan-28 23:30 UTC
[Samba] Samba PDC (and Users/Machines) join Server 2003 Domain
> I've been reading the Official How-To, Chap. 6, Joining an NT4-type Domain > with Samba-3 because I want to join my current Samba3 PDC server and all its > users (on Win XP Pro machines) to an MS Server 2003 domain.You can establish a trust relationship between the domains.
Mike
2008-Feb-03 15:48 UTC
[Samba] Re: Samba PDC (and Users/Machines) join Server 2003 Domain
On Jan 28, 2008 6:18 PM, Mike <1100100@gmail.com> wrote:> I've been reading the Official How-To, Chap. 6, Joining an NT4-type Domain > with Samba-3 because I want to join my current Samba3 PDC server and all its > users (on Win XP Pro machines) to an MS Server 2003 domain. > > What I want to accomplish is --- Maintain the same Samba PDC and user > account setup, and also make it possible for the Samba users to access data > in a directory on Server 2003. > >I was going to move forward with an interdomain trust relationship, but the beginning of Ch. 19 in the TOSHARG suggests, "Given that Samba-3 can function with a scalable backend authentication database such as LDAP, . . . the administrator would be well-advised to consider alternatives to the use of interdomain trusts simply because, by the very nature of how trusts function, this system is fragile." A question before I begin with LDAP and kerberos -- If I make my Samba3 server act as a domain member on the MS 2003 server domain, can I continue to have all WinXP Pro clients login and authenticate to Samba3, or do I need to make them join, login, and authenticate to the MS 2003 server, and then give them access to Samba3 server after joining it (Samba3 box) to the MS 2003 domain? Thanks for your time and patience.