LDAP status

Jean Francois Micouleau Jean-Francois.Micouleau at dalalu.fr
Wed Nov 25 08:40:53 GMT 1998

On Wed, 25 Nov 1998, Jeremy Allison wrote:

> Luke Kenneth Casson Leighton wrote:
> > please remember not to tie it down to the unix password database, thanks!

> On the contrary, until we have the capabilities of abstracting
> users out completetly (so that an ordinary 'ls' sees the correct
> user names/uid_t's  that Samba is using) it is *imperative* that
> it be tied to the unix password database.

Hum, Hum, Hum. It's more complex than that, it's dependant on what the
sysadmin wants, and what we define.

If Samba only uses it own schema (basically more or less the user_info_21
struct and some group stuff) when you need to tie it to the unix security
(/etc/passwd, /etc/group and the NT<->Unix translation files)

If Samba uses the samba Schema+the RFC 2307 Schema, then you don't
necessary require the use of the unix security, as the Unix infos are
stored in the LDAP database. This case supposes that the unix machine also
uses some LDAP backend for Unix security (either as a LDAP-NIS client or
by the libc-nss LDAP extension).

The third case is when Samba uses an Active Directory (AD) schema, but
that's the same as the first case.

If something is unclear or wrong here, you can only blame my coffee 
machine ...

	Jean Francois

More information about the samba-technical mailing list