[Samba] winbind and NIS+NFS
Gerald (Jerry) Carter
jerry at samba.org
Wed Jul 2 18:19:24 GMT 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wed, 2 Jul 2003, Harry wrote:
> On Wed, 2 Jul 2003 00:54:07 -0500 (CDT)
> "Gerald (Jerry) Carter" <jerry at samba.org> wrote:
>
> > There is no winbindd<->NIS gateway. It has been considered, but we're
> > developing an alternative solution using an LDAP backend for winbindd
> > in Samba 3.0.
>
> I thought that might be the case.
>
> Another option I have thought about is to have both *nix servers run winbind
> to authenticate users of their respective services against w2k3/ads. My
> understanding is that there is no guarantee that 2 separate instances of
> winbind will necessarily map uid/gids the same. So my question - is there
> *some* way to ensure a consistent map between 2 winbind installations, perhaps
> by taking some extra steps during account creation? Perhaps something like
> manually syncing the file that stores that map, or manually editing that map
> file.
For 2.2, it you setup winbindd on one server and run
getent passwd
getent group
then stop winbindd, copy winbindd_idmap.tdb to the second server,
the mappings should be the same. However, you will have to do this
everytime a new user or group is created on the DC.
In theory, this should work, but I haven't tested it.
cheers, jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/
iD8DBQE/AyIvIR7qMdg1EfYRAgoRAJ9t/s9btsMQS7YvXT9BTQrqxoOeKACgohzk
K7dbi1S3r8VJlBznPDA518M=
=9n3B
-----END PGP SIGNATURE-----
More information about the samba
mailing list