[nflug] I am windows inept

Cyber Source peter at thecybersource.com
Thu Jul 3 08:09:30 EDT 2008 

1. Domain Account;
When a pc is part of a domain, it's "machine" (pc name) name is used in 
part of the authentication process for joining the domain, along with 
user and password which obtain user and group permissions.
2. User Account;
On the very same pc, you may also have a user account for using the pc 
without joining the domain, and based on permissions again, have access 
to whatever was granted by the admin of the pc.

In this thinking, everyone is a "roaming" user, whether logging onto the 
pc or the domain.

eric wrote:
> ok yes.
>
> Lets say I log into my domain called "ubuntu" with user "eric", I'm 
> not necessarily a roaming user however the machine is logged into the 
> domain with it said machine name "winxp" for example.
> Gathering what you said I should always create roaming users... but 
> what about adding a machine to the domain when would that be 
> necessary... or is it impossible to have roaming users on a machine 
> that was not added to a domain?
>
> thank you please keep going  :)
>
> Darin Perusich wrote:
>> When you say "machines with users" I'm going to assume that you mean 
>> local accounts on said workstation/laptop, and by "roaming users" 
>> network/domain users.
>>
>> IMHO in a networked environment where you have a domain controller 
>> there is almost never any reason for local user accounts with the 
>> exception of administrative accounts or local account which can 
>> perform admin tasks in the event the network user repository is 
>> unavailable. On Windows once you login to the system your domain 
>> username and password are cached temporarily which allows you to 
>> logoff, take the machine off-site and login with the domain account. 
>> You can do the same on Linux if you have certain pam modules installed.
>>
>> Eric Benoit wrote:
>>> Hi I configured an LDAP-Samba ADS which works perfectly now, except 
>>> I don't know that much about Windows and methods of configuring 
>>> workstations/users...
>>>
>>> I have my smb/ldap automatically adding machines when I authenticate 
>>> as admin and can add roaming users as well, but my issue is I don't 
>>> know if both can be the same...
>>>
>>> can a roaming user be apart of a machine... this doesn't seem likely 
>>> to me because they are both users in smb/ldap
>>>
>>> if this is true then my question would be..
>>>
>>> when should I use roaming users and when should I use machines with 
>>> users
>>>
>>> I would love to read something about this, but all the documentation 
>>> I can find is weighted towards setting up samba and LDAP.
>>>
>>> Can anyone point me in the right direction?
>>>
>>
>
> _______________________________________________
> nflug mailing list
> nflug at nflug.org
> http://www.nflug.org/mailman/listinfo/nflug

More information about the nflug mailing list