samba - Oct 2008 - one ldap server and multiple samba PDC domains

hello

Is it possible to have multiple samba servers so multiple samba PDC domains
but just one ldap server ? (so users in ldap can login to diffrent domains
but we add them just one time)
if yes how?

thanks.

Yes, it is possible.

You must have multiple sambaDomainName entries, all with same SID value.

I have this, and works very good.

Jorge C.
PD. Sorry for my bad english.


On Mon, 20 Oct 2008 02:27:39 -0300, Mohammad Reza Hosseini  
<mrhosseini1367@gmail.com> wrote:
> hello
>
> Is it possible to have multiple samba servers so multiple samba PDC  
> domains
> but just one ldap server ? (so users in ldap can login to diffrent  
> domains
> but we add them just one time)
> if yes how?
>
> thanks.


-- 
Using Opera's revolutionary e-mail client: http://www.opera.com/mail/

On Mon, 2008-10-20 at 08:57 +0330, Mohammad Reza Hosseini
wrote:
> hello
> 
> Is it possible to have multiple samba servers so multiple samba PDC domains
> but just one ldap server ? (so users in ldap can login to diffrent domains
> but we add them just one time)
> if yes how?
In short, don't.  A lot of folks have got themselves into a lot of
trouble doing this, as it is not a tested or supported configuration.

The only option is to ensure that each Samba domain cannot see the users
of the other domain - the suffixes must be different.  But then why even
share the LDAP server?

I strongly suggest running a single domain for a single organisation,
backed by a single LDAP server (or replicated set of LDAP servers).

Andrew Bartlett

-- 
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :
http://lists.samba.org/archive/samba/attachments/20081023/a317f436/attachment.bin