[nflug] I am windows inept

Eric Benoit eric at bootz.us
Thu Jul 3 08:41:04 EDT 2008 

Cyber Source wrote:
> 1. Domain Account;
> When a pc is part of a domain, it's "machine" (pc name) name is used 
> in part of the authentication process for joining the domain, along 
> with user and password which obtain user and group permissions.
> 2. User Account;
> On the very same pc, you may also have a user account for using the pc 
> without joining the domain, and based on permissions again, have 
> access to whatever was granted by the admin of the pc.
so what your saying in the above statement is a machine can be "logged 
in" to the Domain, but still have local users?


>
> In this thinking, everyone is a "roaming" user, whether logging onto 
> the pc or the domain.
>
> eric wrote:
>> ok yes.
>>
>> Lets say I log into my domain called "ubuntu" with user "eric", I'm 
>> not necessarily a roaming user however the machine is logged into the 
>> domain with it said machine name "winxp" for example.
>> Gathering what you said I should always create roaming users... but 
>> what about adding a machine to the domain when would that be 
>> necessary... or is it impossible to have roaming users on a machine 
>> that was not added to a domain?
>>
>> thank you please keep going  :)
>>
>> Darin Perusich wrote:
>>> When you say "machines with users" I'm going to assume that you mean 
>>> local accounts on said workstation/laptop, and by "roaming users" 
>>> network/domain users.
>>>
>>> IMHO in a networked environment where you have a domain controller 
>>> there is almost never any reason for local user accounts with the 
>>> exception of administrative accounts or local account which can 
>>> perform admin tasks in the event the network user repository is 
>>> unavailable. On Windows once you login to the system your domain 
>>> username and password are cached temporarily which allows you to 
>>> logoff, take the machine off-site and login with the domain account. 
>>> You can do the same on Linux if you have certain pam modules installed.
>>>
>>> Eric Benoit wrote:
>>>> Hi I configured an LDAP-Samba ADS which works perfectly now, except 
>>>> I don't know that much about Windows and methods of configuring 
>>>> workstations/users...
>>>>
>>>> I have my smb/ldap automatically adding machines when I 
>>>> authenticate as admin and can add roaming users as well, but my 
>>>> issue is I don't know if both can be the same...
>>>>
>>>> can a roaming user be apart of a machine... this doesn't seem 
>>>> likely to me because they are both users in smb/ldap
>>>>
>>>> if this is true then my question would be..
>>>>
>>>> when should I use roaming users and when should I use machines with 
>>>> users
>>>>
>>>> I would love to read something about this, but all the 
>>>> documentation I can find is weighted towards setting up samba and 
>>>> LDAP.
>>>>
>>>> Can anyone point me in the right direction?
>>>>
>>>
>>
>> _______________________________________________
>> nflug mailing list
>> nflug at nflug.org
>> http://www.nflug.org/mailman/listinfo/nflug
> _______________________________________________
> nflug mailing list
> nflug at nflug.org
> http://www.nflug.org/mailman/listinfo/nflug

More information about the nflug mailing list