Understood and agreed, but since we're migrating to the AD in a
piecemeal fashion must get this to work for users in both domains until
the migration is complete. Any suggestions?
-Ron
On 01/23/2011 01:05 PM, tms3 at tms3.com wrote:>
>>
>> I encountered a strange problem recently when changing the IP of my
>> Samba server. We are in the process of moving from an ancient NT4
>> domain to an AD domain. We did a full migration of all the users, and
>> up until Friday, our AD users were able to access the Samba server
>> (which is still on the NT domain) with full permissions, etc.
>>
>> On Friday for reasons completely unrelated, we had to change the IP of
>> the Samba server. When we brought it up on the new IP, it gave an error
>> bringing up the Samba daemons. I was rushed and didn't pay to much
>> attention to the error, but instead took the easy route of removing
>> Samba from the NT domain, and re-joining.
>>
>> That got the Samba daemons up and running and we mostly had no problem,
>> except now the AD users aren't allowed to access their home
directories.
> Home directories in a trusted domain is probably a bad idea, and likely
> has some permission issues. It might be best to join the samba server to
> the AD domain instead.
>>
>>
>> The AD and NT domains have a mutual trust relationship, and all SSIDs
>> for the users on both domains are the same. As I said, prior to Friday,
>> these users were able to access.
>>
>> I'm not entirely sure how Samba handles multiple domains, etc. and
I
>> have no idea how to even begin to trouble shoot this problem. Any
>> suggestions would be welcome.
>>
>> -Ron
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>