Prev: URGENT! Issues after upgrade from Ubuntu Dapper to Lucid
Next: [Samba] Trust between Samba PDC and AD domain
From: Scott Goodwin on 29 May 2010 17:50 I've pored through the documentation, wiki, lists, etc, and I can't seem to come to a concise conclusion on how to accomplish this. My specific scenario is the following. I have a samba PDC domain called domainA, and an AD domain called domainB. domainA and domainB are different named domains, and they each authenticate logins and credentials on their own turf. The users on domainA need to access resources on domainB, so we set up each user with a separate account in domainB (but they are not the same name). For example, my user name in domainA is sgoodwin, but in domainB it is goodwsb. I have to enter "domainB\goodwsb" + password every time I access a different server in domainB (and there are many servers -- domainB is a very large domain). Obviously, I need an interdomain trust set up, but I am unclear on some of the finer points mentioned in the samba docs. First off, I am hoping it is possible (and simple) to set it up so that the user accounts in domainA map to their domainB accounts, so that no extra authentication is needed. So, SSO between both domains. Is this possible even though the account names are different? Second, am I supposed to join my samba PDC to the AD domain as a member server, or is that even possible when keeping the two domains separately controlled? Some of the docs seem to imply this, but maybe I'm misinterpreting? Without dumping all my configuration info, logs, etc, in the post, can someone give me some hints on how I would set this up? I don't need a full hand-holding... just the direction to go in. NOTE: before you link me to http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/domain-member.html, http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/winbind.html, or http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/InterdomainTrusts.html, I've already read through these entirely, and am still unsure which scenario I need to follow. Thanks for any help. --scott -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba |