[nflug] I am windows inept

Eric Benoit eric at bootz.us
Thu Jul 3 09:15:43 EDT 2008


ok.  So, what would be the point of joining a machine to a domain but 
only having local accounts, or would you have both in case the Domain 
server goes down?  Sorry, I'm just trying to find the reasoning, so I 
can set up my systems here appropriately.

Cyber Source wrote:
> Yes, a "machine" with local accounts can also join a domain.
>
> Eric Benoit wrote:
>> Cyber Source wrote:
>>> 1. Domain Account;
>>> When a pc is part of a domain, it's "machine" (pc name) name is used 
>>> in part of the authentication process for joining the domain, along 
>>> with user and password which obtain user and group permissions.
>>> 2. User Account;
>>> On the very same pc, you may also have a user account for using the 
>>> pc without joining the domain, and based on permissions again, have 
>>> access to whatever was granted by the admin of the pc.
>> so what your saying in the above statement is a machine can be 
>> "logged in" to the Domain, but still have local users?
>>
>>
>>>
>>> In this thinking, everyone is a "roaming" user, whether logging onto 
>>> the pc or the domain.
>>>
>>> eric wrote:
>>>> ok yes.
>>>>
>>>> Lets say I log into my domain called "ubuntu" with user "eric", I'm 
>>>> not necessarily a roaming user however the machine is logged into 
>>>> the domain with it said machine name "winxp" for example.
>>>> Gathering what you said I should always create roaming users... but 
>>>> what about adding a machine to the domain when would that be 
>>>> necessary... or is it impossible to have roaming users on a machine 
>>>> that was not added to a domain?
>>>>
>>>> thank you please keep going  :)
>>>>
>>>> Darin Perusich wrote:
>>>>> When you say "machines with users" I'm going to assume that you 
>>>>> mean local accounts on said workstation/laptop, and by "roaming 
>>>>> users" network/domain users.
>>>>>
>>>>> IMHO in a networked environment where you have a domain controller 
>>>>> there is almost never any reason for local user accounts with the 
>>>>> exception of administrative accounts or local account which can 
>>>>> perform admin tasks in the event the network user repository is 
>>>>> unavailable. On Windows once you login to the system your domain 
>>>>> username and password are cached temporarily which allows you to 
>>>>> logoff, take the machine off-site and login with the domain 
>>>>> account. You can do the same on Linux if you have certain pam 
>>>>> modules installed.
>>>>>
>>>>> Eric Benoit wrote:
>>>>>> Hi I configured an LDAP-Samba ADS which works perfectly now, 
>>>>>> except I don't know that much about Windows and methods of 
>>>>>> configuring workstations/users...
>>>>>>
>>>>>> I have my smb/ldap automatically adding machines when I 
>>>>>> authenticate as admin and can add roaming users as well, but my 
>>>>>> issue is I don't know if both can be the same...
>>>>>>
>>>>>> can a roaming user be apart of a machine... this doesn't seem 
>>>>>> likely to me because they are both users in smb/ldap
>>>>>>
>>>>>> if this is true then my question would be..
>>>>>>
>>>>>> when should I use roaming users and when should I use machines 
>>>>>> with users
>>>>>>
>>>>>> I would love to read something about this, but all the 
>>>>>> documentation I can find is weighted towards setting up samba and 
>>>>>> LDAP.
>>>>>>
>>>>>> Can anyone point me in the right direction?
>>>>>>
>>>>>
>>>>
>>>> _______________________________________________
>>>> nflug mailing list
>>>> nflug at nflug.org
>>>> http://www.nflug.org/mailman/listinfo/nflug
>>> _______________________________________________
>>> nflug mailing list
>>> nflug at nflug.org
>>> http://www.nflug.org/mailman/listinfo/nflug
>>
>> _______________________________________________
>> nflug mailing list
>> nflug at nflug.org
>> http://www.nflug.org/mailman/listinfo/nflug
> _______________________________________________
> nflug mailing list
> nflug at nflug.org
> http://www.nflug.org/mailman/listinfo/nflug



More information about the nflug mailing list