idmap in 'security = samba-controlled domain' with nss_ldap
Gerald (Jerry) Carter
jerry at samba.org
Tue Dec 16 15:07:48 GMT 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Gerald (Jerry) Carter wrote:
| I've already fixed this in 3.0.1 (a month oago I think).
| Run winbindd on the domain member and set
|
| winbind trusted domains only = yes
|
| This causes winbindd to resolve SID's against local
| accounts. You just better make sure that every account
| in your domain has a local unix account.
As background, the original patch was done to get acls
working with nss_ldap against AD using SFU. But it will
also work against NIS.
cheers, jerry
~ ----------------------------------------------------------------------
~ Hewlett-Packard ------------------------- http://www.hp.com
~ SAMBA Team ---------------------- http://www.samba.org
~ GnuPG Key ---- http://www.plainjoe.org/gpg_public.asc
~ "If we're adding to the noise, turn off this song" --Switchfoot (2003)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE/3x/EIR7qMdg1EfYRAhhcAKDp+xxOvbcb2xjySQn83FqmM5x9fgCgkVlJ
txjnUUkJsUk0dgBI3I7h+xo=
=6G06
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list