[nflug] I am windows inept
Eric Benoit
eric at bootz.us
Thu Jul 3 09:15:43 EDT 2008
ok. So, what would be the point of joining a machine to a domain but
only having local accounts, or would you have both in case the Domain
server goes down? Sorry, I'm just trying to find the reasoning, so I
can set up my systems here appropriately.
Cyber Source wrote:
> Yes, a "machine" with local accounts can also join a domain.
>
> Eric Benoit wrote:
>> Cyber Source wrote:
>>> 1. Domain Account;
>>> When a pc is part of a domain, it's "machine" (pc name) name is used
>>> in part of the authentication process for joining the domain, along
>>> with user and password which obtain user and group permissions.
>>> 2. User Account;
>>> On the very same pc, you may also have a user account for using the
>>> pc without joining the domain, and based on permissions again, have
>>> access to whatever was granted by the admin of the pc.
>> so what your saying in the above statement is a machine can be
>> "logged in" to the Domain, but still have local users?
>>
>>
>>>
>>> In this thinking, everyone is a "roaming" user, whether logging onto
>>> the pc or the domain.
>>>
>>> eric wrote:
>>>> ok yes.
>>>>
>>>> Lets say I log into my domain called "ubuntu" with user "eric", I'm
>>>> not necessarily a roaming user however the machine is logged into
>>>> the domain with it said machine name "winxp" for example.
>>>> Gathering what you said I should always create roaming users... but
>>>> what about adding a machine to the domain when would that be
>>>> necessary... or is it impossible to have roaming users on a machine
>>>> that was not added to a domain?
>>>>
>>>> thank you please keep going :)
>>>>
>>>> Darin Perusich wrote:
>>>>> When you say "machines with users" I'm going to assume that you
>>>>> mean local accounts on said workstation/laptop, and by "roaming
>>>>> users" network/domain users.
>>>>>
>>>>> IMHO in a networked environment where you have a domain controller
>>>>> there is almost never any reason for local user accounts with the
>>>>> exception of administrative accounts or local account which can
>>>>> perform admin tasks in the event the network user repository is
>>>>> unavailable. On Windows once you login to the system your domain
>>>>> username and password are cached temporarily which allows you to
>>>>> logoff, take the machine off-site and login with the domain
>>>>> account. You can do the same on Linux if you have certain pam
>>>>> modules installed.
>>>>>
>>>>> Eric Benoit wrote:
>>>>>> Hi I configured an LDAP-Samba ADS which works perfectly now,
>>>>>> except I don't know that much about Windows and methods of
>>>>>> configuring workstations/users...
>>>>>>
>>>>>> I have my smb/ldap automatically adding machines when I
>>>>>> authenticate as admin and can add roaming users as well, but my
>>>>>> issue is I don't know if both can be the same...
>>>>>>
>>>>>> can a roaming user be apart of a machine... this doesn't seem
>>>>>> likely to me because they are both users in smb/ldap
>>>>>>
>>>>>> if this is true then my question would be..
>>>>>>
>>>>>> when should I use roaming users and when should I use machines
>>>>>> with users
>>>>>>
>>>>>> I would love to read something about this, but all the
>>>>>> documentation I can find is weighted towards setting up samba and
>>>>>> LDAP.
>>>>>>
>>>>>> Can anyone point me in the right direction?
>>>>>>
>>>>>
>>>>
>>>> _______________________________________________
>>>> nflug mailing list
>>>> nflug at nflug.org
>>>> http://www.nflug.org/mailman/listinfo/nflug
>>> _______________________________________________
>>> nflug mailing list
>>> nflug at nflug.org
>>> http://www.nflug.org/mailman/listinfo/nflug
>>
>> _______________________________________________
>> nflug mailing list
>> nflug at nflug.org
>> http://www.nflug.org/mailman/listinfo/nflug
> _______________________________________________
> nflug mailing list
> nflug at nflug.org
> http://www.nflug.org/mailman/listinfo/nflug
More information about the nflug
mailing list