IMHO: Winbind in Samba4

Stefan (metze) Metzmacher metze at
Sun Jan 9 01:42:40 GMT 2005

Hash: SHA1

Richard Sharpe schrieb:
| On Sun, 9 Jan 2005, Simo Sorce wrote:
|>On Sat, 2005-01-08 at 18:25 -0800, Richard Sharpe wrote:
|>>On Sun, 9 Jan 2005, Simo Sorce wrote:
|>>>On Sat, 2005-01-08 at 16:22 +0100, Gémes Géza wrote:
|>>>>If I'm not wrong you suggest that Samba4 ADS will implement the posix
|>>>>account stuff through winbind?
|>>>>Something like in the attached ASCII graphic?
|>>>Even better in some situations (eg. NAS boxes) Samba4 will not even need
|>>>to ask the system for users as it will know it is the primary source for
|>>>users account, so you will not need to do the round-trip. In other
|>>>system you will probably only need to check unix accounts for some
|>>>users, in others /etc/passwd will be the master.
|>>Well, some NAS boxes will be like that. Probably the smaller stand-alone
|>>NAS boxes. However, larger NAS boxes are most likely to be a member
|>Same thing, the NAS box will have a local SAM anyway, and may well
|>consider its SAM + the DC SAM to be authoritative, and never require you
|>to do the round-trip, but go directly to ask winbindd.
| Ummm, we do not want a local SAM. All account and group information should
| be in LDAP or NIS and the PDC's SAM.

then just don't use it, there'll be only the builtin aliases and the local administrator
and guest (disabled) by default.
(just like a just installed windows member server)

- --

Stefan Metzmacher <metze at>
Version: GnuPG v1.2.3-nr1 (Windows XP)
Comment: Using GnuPG with Thunderbird -


More information about the samba-technical mailing list