[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Suggestion for 2 domains samba+ldap and Windows AD

On Monday 13 July 2009 19:13:15 Alberto Moreno wrote:
>  Hi people.
>   I want to know if this is possible.
>   I have right now 3 domains in my network.
>   Dom A = Samba 3.0.33 Gentoo + LDAP. This serve to a domain of 10
> users at location 1.
>   Dom B = Windows 2003 AD serving 8 users at location 2.
>   Dom C = WinNT + samba as client serving most of the users(35) at location
> 2.
>   As u can see, the NT is the most busy, I need to remove that
> domain, is in the same location as "Dom B", my path is to move all the
> users from "Dom C" to "Dom B" most of the machines are windows boxes.
> This is easy, the only issue I was having before is my 2 samba boxes,
> I could not make possible to be part of the "Dom B", but last week I
> made that possible, them I can make this move.
>   Well, the main reason of this email is because, after I remove the
> NT server, at location 2 I would just have a Window 2k3 AD domain
> working, on the other site (location 1)  I would have a domain running
> samba+ldap working.
>   Right now, if I'm at location 1 I cannot see location 2 the "Dom
> B"(Win 2k3), the same thing happen at location 2.
>   There is a way to make this possible, can  a domain with samba+ldap
> see a domain with win 2k3? Is possible to share users?
>   I was think to setup another server at location 2 with samba+ldap
> and sync users but I still have the users of the win 2k3 domain...?
>   Hope to be clear, if someone have some experience here at will
> appreciated, thanks for your time!!!

This question has very little to do with LDAP, as whether the accounts are in 
ldapsam or tdb or smbpasswd makes very little difference.

You can create inter-domain trusts between the two remaining domains, which 
will allow users from one domain to access services in the other domain. 
Please see the samba documentation on inter-domain trusts.