Status of LDAP support in Samba

Luke Kenneth Casson Leighton lkcl at
Fri Jan 22 18:51:26 GMT 1999

>   Yes, I know.  But it leaves many fields empty or sticks defaults in.
>   I want to specify the values that go in those other fields.

addgroup Groupname1 groupname2 etc.
> > 
> >>  One part I'm still trying to puzzle out is group managment and user
> >> mapping.  If I add a group that is predefined in SAMBA (e.g., Domain
> >> Admins) rpcclient shows two instances of it and none of the changes
> >> I
> >> make with rpcclient actually go in.
> > 
> > SAMBA is read-only for account management.
> >
>   Doesn't this contradict what you said up top?

no.  rpcclient has read/write capabilities: smbd has only read-only.

>  Also, that wasn't what
> I really trying to get at.

oh, ok.

>   What I'm curious about, is does SAMBA currently rely only on the
> domain group map, domain user map, and local group map parameters for
> putting people into groups and mapping SMB ids to unix ids?

there's a little bit of additional logic, but yes.
>   By putting the same information into LDAP shouldn't SAMBA be able to
> get it from there instead?


More information about the samba-technical mailing list