[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Suggestion for 2 domains samba+ldap and Windows AD

To: openldap-technical@openldap.org
Subject: Re: Suggestion for 2 domains samba+ldap and Windows AD
From: Alberto Moreno <portsbsd@gmail.com>
Date: Mon, 20 Jul 2009 22:42:16 -0700
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:content-type :content-transfer-encoding; bh=89A8pI3/W5nkZdrieHxox0eqCTnwOz1EQePqiAMkk+o=; b=h5nIxlweq27BXF5ex3uuRn0oX7f7+JETu5JL0vI4wb6+MsXMI0+fAm0AnBPh+kQEt7 MzXGdbjVI/lL/Me17f20VUYj3rzru/bRY6ZRvOOTJ7OytisTylMbybtX+epyU7Sjgu1z Bf7S5xtKE6sECOlQaqYKvFkOsDfpo/VIuWKn4=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=Je76Ruoi7Qjz7eXBau3nTB67TpVvQLUvWqm/mrJej676P5U4+yNuNWAlJNKENtxrva kdQZbm/d9JTXk2xUoh/fRK90CeGx16RlpvA5yLg1Dh1LkXGfVVcAYi+keMvqTf/4pQu9 WyTHCrMj0fvC37s0XgGrBwxEJM1pWvquxeBTY=
In-reply-to: <200907191749.53091.bgmilne@staff.telkomsa.net>
References: <3ffefd920907131113j763687feq3307f56803ea41fc@mail.gmail.com> <200907191749.53091.bgmilne@staff.telkomsa.net>

On Sun, Jul 19, 2009 at 9:49 AM, Buchan Milne<bgmilne@staff.telkomsa.net> wrote:
> On Monday 13 July 2009 19:13:15 Alberto Moreno wrote:
>>  Hi people.
>>
>>   I want to know if this is possible.
>>
>>   I have right now 3 domains in my network.
>>
>>   Dom A = Samba 3.0.33 Gentoo + LDAP. This serve to a domain of 10
>> users at location 1.
>>   Dom B = Windows 2003 AD serving 8 users at location 2.
>>   Dom C = WinNT + samba as client serving most of the users(35) at location
>> 2.
>>
>>   As u can see, the NT is the most busy, I need to remove that
>> domain, is in the same location as "Dom B", my path is to move all the
>> users from "Dom C" to "Dom B" most of the machines are windows boxes.
>> This is easy, the only issue I was having before is my 2 samba boxes,
>> I could not make possible to be part of the "Dom B", but last week I
>> made that possible, them I can make this move.
>>
>>   Well, the main reason of this email is because, after I remove the
>> NT server, at location 2 I would just have a Window 2k3 AD domain
>> working, on the other site (location 1)  I would have a domain running
>> samba+ldap working.
>>
>>   Right now, if I'm at location 1 I cannot see location 2 the "Dom
>> B"(Win 2k3), the same thing happen at location 2.
>>
>>   There is a way to make this possible, can  a domain with samba+ldap
>> see a domain with win 2k3? Is possible to share users?
>>
>>   I was think to setup another server at location 2 with samba+ldap
>> and sync users but I still have the users of the win 2k3 domain...?
>>
>>   Hope to be clear, if someone have some experience here at will
>> appreciated, thanks for your time!!!
>
>
> This question has very little to do with LDAP, as whether the accounts are in
> ldapsam or tdb or smbpasswd makes very little difference.
>
> You can create inter-domain trusts between the two remaining domains, which
> will allow users from one domain to access services in the other domain.
> Please see the samba documentation on inter-domain trusts.
>
> Regards,
> Buchan

  Thanks  Buchan for your help!!!

LIving the dream...

References:
- Suggestion for 2 domains samba+ldap and Windows AD
  - From: Alberto Moreno <portsbsd@gmail.com>
- Re: Suggestion for 2 domains samba+ldap and Windows AD
  - From: Buchan Milne <bgmilne@staff.telkomsa.net>

Prev by Date: on-the-fly tweaking of AccessControl (be_acl)
Next by Date: Fwd: OpenLdap manual howto available
Index(es):
- Chronological
- Thread