Teaching winbindd to use uidNumber/gidNumber attributes

Andrew Bartlett abartlet at samba.org
Tue May 11 23:08:18 GMT 2004


On Wed, 2004-05-12 at 02:10, Johann Hanne wrote:
> Hi Jerry,
> 
> thanks for the hint. All "documentation" on xad I was able to find is 
> http://www.netsys.com/pamldap/2003/08/msg00008.html .
> 
> The bottom line is:
>   idmap backend = ad:ldap://someserver/
> 
> So it looks like I will still have to specify an single LDAP server. I'd 
> prefer to let winbind choose the server, for simplicity and redundancy (there 
> is more than one AD domain contoller) reasons. If this is not possible with 
> xad, is there chance to get "my way" in, or do you insist on implementing it 
> as an idmap backend?

Basically, we just need to bring that module into samba, and make it ask
winbindd for the existing LDAP handle to the DC, rather than making it's
own.  You can see how that's done in the winbindd_ads.c code - that just
needs to be used from idmap_ad.  It's been on my TODO list for a while,
but I'm not likely to get to it soon.  Patches (along these lines)
welcome :-)

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20040512/993e90e2/attachment.bin


More information about the samba-technical mailing list