[Samba] When do i need "idmap backend = " ???

Michael Gasch gasch at eva.mpg.de
Mon Jun 21 13:44:14 GMT 2004 

damn paul, excuse me

i always wrote DC instead of DM !!!!!

*ups*

sorry for that
it should be:

>> winbindd runs on a DM and looks up UID/SID by RPC Calls/NSS on a
>> different PDC (samba) machine

thx
bye

Paul Gienger schrieb:
> 
> 
> Michael Gasch wrote:
> 
>>> Winbind should not be running on a samba PDC at all.
>>
>>
>> uh, you misunderstood something =)
>>
>> winbindd runs on a DC and looks up UID/SID by RPC Calls/NSS on a 
>> different PDC (samba) machine
>>
> No, I wasn't very verbose.  It should not be running on a PURE samba 
> PDC.  If samba was running as a BDC or a member server in a windows 
> controlled network winbind does the UID/SID map from the master windows 
> server for you.  I inferred that windows was not running in a domain 
> control capacity by stating that samba was acting as the PDC.
> 
> If you would like to call me on that, I'll be happy to show you a 
> process list of a functioning samba 3 pdc that does not have winbindd in 
> it.
> 
>> bye
>>
>>>
>>> Michael Gasch wrote:
>>>
>>>> okay thank you very much !!!
>>>>
>>>> but i experienced, that winbind needs this parameter even when looking
>>>> up SIDs on samba PDC with LDAP backend
>>>> but this was not my question
>>>>
>>>> thx
>>>> bye
>>>>
>>>> Paul Gienger schrieb:
>>>>
>>>>>
>>>>>> i wonder, if i don't use winbind, do i really need the parameter 
>>>>>> "idmap backend = " in smb.conf on PDCs/BDCs ???
>>>>>> those machines find their SID/UID/GID via "passdb backend ="
>>>>>> don't they?
>>>>>>
>>>>> You are correct, the IDMAP parameters are only for when you are 
>>>>> connecting to a windows DC.  The idmap is used to map the windows 
>>>>> SID to UNIX uid.  If you are using a unix samba server as your DC 
>>>>> the uid comes from the system having every user defined wherever it 
>>>>> gets its name service info (ldap, NIS, passwd/shadow files, etc)
>>>>>
>>>>>> thx
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>
>>>
>>
> 

-- 


          "Matrix - more than a vision"

**************************************************
                  Michael Gasch

            - Central IT Department -

Max Planck Institute for Evolutionary Anthropology
Deutscher Platz 6
04103 Leipzig

Germany
**************************************************

More information about the samba mailing list