[Samba] Questions about the new idmap interface
Marc Muehlfeld
Marc.Muehlfeld at medizinische-genetik.de
Tue Sep 11 12:39:08 GMT 2007
Hi,
I tried to configure the new idmap interface. Currently without much success.
I have two samba domains, trusting each other. Each PDC using it's own LDAP
server. I tried
idmap domains = DOM1, DOM2
idmap config DOM1:default = yes
idmap config DOM1:backend = ldap
idmap config DOM1:ldap_base_dn = ou=Idmap,dc=dom1,dc=mydomain,dc=de
idmap config DOM1:ldap_url = ldap://192.168.0.1
idmap config DOM1:range = 10000 - 20000
idmap alloc backend = ldap
idmap config DOM2:default = no
idmap config DOM2:backend = ldap
idmap config DOM2:ldap_base_dn = ou=Idmap,dc=dom2,dc=mydomain,dc=de
idmap config DOM2:ldap_url = ldap://192.168.1.1
idmap config DOM2:range = 10000 - 20000
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind separator = +
winbind enum users = yes
winbind enum groups = yes
template homedir = /home/%U
template shell = /bin/false
winbind nested groups = yes
winbind cache time = 300
winbind nss info = template
winbind use default domain = yes
But then I have the problem, that samba used the "ldap admin dn" account and
password for both LDAP server, but each have it's own. How can I configure a
second password for my trusted domain?
Is there any usefull documentation, best would be with different samples, of
the new idmap interface? The manpage didn't helped me much for understanding this.
Regards
Marc
More information about the samba
mailing list