IDMAP LDAP Backend for 3.0 release

Anthony Liguori aliguor at
Thu Apr 24 15:57:40 GMT 2003

I wanted to start a discussion re: how/if an IDMAP LDAP backend should go 
into 3.0.

Having two seperate backend logics between winbind and the new idmap code 
seems like a bad idea.  If the new idmap code is going to make it into 
3.0, I could port the ldap backend to the idmap code.

If not, I think it would be a good idea at least to use the same 
parameters that idmap is going to use to avoid introducing more unneeded 

I agree that an LDAP IDMAP backend isn't the best long term solution 
(particularily if untrusted clients are to be using winbind) but for the 
senario where only servers or trusted clients are interested in ID 
mapping, it seems to be a solution to the problem.

What's the general consensis?

Anthony Liguori
Linux/Active Directory Interoperability
Linux Technology Center (LTC) - IBM Austin
E-mail: aliguor at
Phone: (512) 838-1208
Tie Line: 678-1208

More information about the samba-technical mailing list