(sorry...I keep sending from my work address which is not subscribed to the lists)
Hey Simo, On 06/28/2010 10:29 AM, simo wrote:
Ok, for some reason I thought information was maintained on your side of the trust using the cells.
Sort of correct. But these are specific OU cells and not a forest wide cell. At the risk of digressing into a Likewise specific thing, an OU cell stores the meta data for objects in a container inside the OU. So you can add a user or group across a one-way trust to an OU cell and the UNIX attribute information is stored inside the OU in *your* domain. So in this case, you don't send LDAP queries across a one-way trust. In the RFC2307 forest cell case, the UNIX attribute information is stored *on* the actual user and group object. Idmap_adex only supported the RFC2307 forest "cell" since this was easy to do using the MS "Identity Services for Unix" management tools. Make sense? cheers, jerry -- Director of Engineering http://www.likewise.com/ -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba