problem with FUS
Authored by: tetsuotheironman on Jun 04, '04 12:13:30PM

Only problem with the soluion of using fast user switching is that in the context of LDAP or directory based logins can't have more than one network user logged in at a time.

problem with FUS
Authored by: nassy on Jun 05, '04 12:17:01PM

if your network home directory sharepoints are shared via nfs instead of afp you can use fast user switching with LDAP based logins.

Incorrect: multiple AD logins are allowed with FUS
Authored by: Jaharmi on Jun 06, '04 07:56:19AM

I haven't tried this with LDAP logins, but if your directory service is Active Directory, you can have multiple directory logins simultaneously. I haven't stressed the limits, but with FUS, I have personally had about 10 AD users logged into my Mac at the same time.

This is something that I don't believe Windows XP can do with Active Directory, but you can do it on Panther!

You have to make sure, then, that you only grant admin access to those AD groups who really need access to that computer. Why? Because if you grant admin access to a group in AD, they can use this feature -- which I approve of -- to get into a system. This is a godsend in public/shared environments; we need to have the ability to get into a screensaver-locked system on a pretty regular basis.

To do this with LDAP-based logins, you might have to do a lot of scripting at the loginhook. In my experience, the LDAPv3 plugin is a lot less flexible than the AD plugin. The AD plug creates new local home directories (by default) at first login time for each user, based on their short AD username. It also will created a local NetInfo entry for each user if you turn on cached accounts (and that entry stays synchronized to AD, so it's very different than a normal NI local account).


