Multiple domains in LDAP and 1 samba server for all domains, what to do?
Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
This will allow me to add users to the samba system and authenticate them via LDAP but probably only for the domain red.com.
Question is how can I allow the ldap admin DN login to the other domains on LDAP and create or authenticate users there? I'm starting to think that we'll need three samba daemons or servers.
The second problem, how can users from one domain authenticate and search the directory of another domain? I'm flirting with the idea that I should just create one fake domain name and have everyone in that, but I'm sure that's going to cause problems in the future.
Why not have one 'fake' domain name, and then create users in groups within subdomains within one LDAP db? This really shouldn't pose a problem, since you can configure individual machines to only allow a subset of users.
It does take a lot of work, but I would bet that one database in LDAP is alot easier to implement than three, and it is easily replicated onto other servers if that is required.
Last edited by irishbitte; 11-14-2008 at 09:13 AM.