<div>Exactly my point. You want setup a second Linux server to participate in AD, yeah? This is exactly what sadms is designed to do. I wish I knew about this tool when I first attempted to this. Save yourself the manual labour and the possible pitfalls, check out <a onclick="return top.js.OpenExtLink(window,event,this)" href="http://sadms.sourceforge.net/" target="_blank">http://sadms.sourceforge.net/</a> <div> </div> <div>Thank me later.</div> <div> </div></div> <div>On 7/9/07, john <<a href="mailto:lists.john@gmail.com">lists.john@gmail.com</a>> wrote: <blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">Hi Conrad and Les, Here's the thing. I have been running 1 server with auth to AD via winbind and kerberos for 6 months. Now I want to install another server, but short of creating a whole other domain with SAMBA as a PDC and setting up a trust, I can't see how to do it. PLEASE point me at the simple "just edit pam to use" AD howto! Thanks! John On 7/9/07, Conrad Lawes <<a href="mailto:pxeboot@gmail.com">pxeboot@gmail.com</a>> wrote: > Here's a thought: > > Why not have your Samba servers participate as member servers in Active > Directory? > In so doing, you can administer all your Windows and Linux computer and user > accounts using the standard Windows MMC. > > You can configure your Samba servers to be ldap/winbind clients > authenticating to AD. > The beauty of the Linux PAM stack is that you can point it to an AD > authentication source via winbind and/or LDAP. > > Why maintain 2 user directories when one will suffice? Administration is > much easier if you can keep all your computer and user objects in a single > directory. > > I assume that you have no plans to get rid of AD in the near future, if at > all. > > Check out <a href="http://sadms.sourceforge.net/">http://sadms.sourceforge.net/</a> for more information. > > > On 7/9/07, john <<a href="mailto:lists.john@gmail.com">lists.john@gmail.com</a>> wrote: > > > > Hi all, > > > > Is it possible to have two samba servers on a win2k3 domain without > > using NT style trusts? Put another way, must one of the Samba servers > > always be a PDC for its own domain and host something like LDAP for > > all other samba servers? > > > > Is there someone out there who REALLY groks SAMBA? > > > > Thanks! > > > > John > > > > _______________________________________________ > > K12OSN mailing list > > <a href="mailto:K12OSN@redhat.com">K12OSN@redhat.com</a> > > <a href="https://www.redhat.com/mailman/listinfo/k12osn">https://www.redhat.com/mailman/listinfo/k12osn</a> > > For more info see < <a href="http://www.k12os.org">http://www.k12os.org</a>> > > > > > > -- > Regards, > Conrad Lawes > > _______________________________________________ > K12OSN mailing list > <a href="mailto:K12OSN@redhat.com">K12OSN@redhat.com</a> > <a href="https://www.redhat.com/mailman/listinfo/k12osn">https://www.redhat.com/mailman/listinfo/k12osn</a> > For more info see < <a href="http://www.k12os.org">http://www.k12os.org</a>> > _______________________________________________ K12OSN mailing list <a href="mailto:K12OSN@redhat.com">K12OSN@redhat.com</a> <a href="https://www.redhat.com/mailman/listinfo/k12osn"> https://www.redhat.com/mailman/listinfo/k12osn</a> For more info see <<a href="http://www.k12os.org">http://www.k12os.org</a>> </blockquote></div> -- Regards, Conrad Lawes PXE Guru