Daily Archives: April 15, 2012
Network browsing is convenient but causing a lot of headaches for administrator. The most 1st rule is setting up a WINS server could help a lot. When your network environment having multiple-domains and some of them are crossing multiple-subnets will cause you a lot or troubles.
The file access control in NT is much more complex than UNIX. In general, UNIX only support the ACL in read/write/execute for User/Group/Other of a file or directory. While NT could be far more complex than that, e.g. granting read permission for group1 and all access for group2.
In conclude, our setup should meet the following requirement: ADS domain controller is not supported Domain user DB is stored in the LDAP User entries are shared with UNIX Password of the user for windows & Linux are synchronized Domain group is supported
User operation To add/delete/modify user in the DOMAIN you could using Running USRMGR.exe in a domain workstation with privilege user pdbedit net sam set, e.g, force user to change their password Group operation Running USRMGR.exe in a domain workstation with privilege user net rpc group Windows joining the domain Windows machine could join the domain as usual, there are no special precaution. Samba joining the domain Some notes for Samba domain member server. Since, Samba require physical user passwd entries exist for correct operation. To let samba joining the domain, the samba member server should install nss_ldap & configure the