I've been working with the Samba Howto ( http://directory.fedora.redhat.com/wiki/Howto:Samba).
In it the ldap user suffix is set to "ou=People".
Later, it walks through the creation of Samba Domain Groups, including Domain Users.
I am confused by these two. When do user accounts go in ou=People and when do they go in cn=Domain Users?
If someone could explain the difference between these two I would greatly appreciate it.
Thanks, -Mont
On Fri, 2006-03-31 at 11:22 -0800, Mont Rothstein wrote:
I've been working with the Samba Howto (http://directory.fedora.redhat.com/wiki/Howto:Samba).
In it the ldap user suffix is set to "ou=People".
Later, it walks through the creation of Samba Domain Groups, including Domain Users.
I am confused by these two. When do user accounts go in ou=People and when do they go in cn=Domain Users?
cn=Domain Users is a Group. Users are added as members of the Group. ou=People is an Organizational Unit. It is just that - for organization. Just because a user is under an OU, doesn't necessarily mean that they have any additional rights (though you might tie some type of security to the user account being under a specific OU). Think about it like this, if your org has an office in NYC and another office in LA, you might have a separate phone list for each office. The people in NYC generally don't care about the people in the LA office.
OK, thanks. I guess what I then don't understand is role of the ldap user/machine/group suffixes in smb.conf. I'll have to go do some more digging.
Thanks, -Mont
On 3/31/06, David Hollis dhollis@davehollis.com wrote:
On Fri, 2006-03-31 at 11:22 -0800, Mont Rothstein wrote:
I've been working with the Samba Howto (http://directory.fedora.redhat.com/wiki/Howto:Samba).
In it the ldap user suffix is set to "ou=People".
Later, it walks through the creation of Samba Domain Groups, including Domain Users.
I am confused by these two. When do user accounts go in ou=People and when do they go in cn=Domain Users?
cn=Domain Users is a Group. Users are added as members of the Group. ou=People is an Organizational Unit. It is just that - for organization. Just because a user is under an OU, doesn't necessarily mean that they have any additional rights (though you might tie some type of security to the user account being under a specific OU). Think about it like this, if your org has an office in NYC and another office in LA, you might have a separate phone list for each office. The people in NYC generally don't care about the people in the LA office.
-- David Hollis dhollis@davehollis.com
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQBELYl9xasLqOyGHncRAh0uAJ99wanqeczLF8v712hZNqTM2iyiPACfT3Sb 4fGEU8ypGH/Zx3cQK+w2YVo= =aX47 -----END PGP SIGNATURE-----
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
389-users@lists.fedoraproject.org
-
David Hollis -
Mont Rothstein