ADS/Kerberos/LDAP/Win2K

Gerald (Jerry) Carter jerry at samba.org
Thu Jan 19 16:14:22 GMT 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jason Gerfen wrote:
> I have been looking for some information regarding a specific mapping of
> user accounts or something similar.  I do believe it has been discussed
> here before and there is little if anything in the Samba 3 HOWTO or the
> Samba 3 by example.
> 
> The setup:
> Windows 2k with ADS4Unix & Kerberos authentication
> Samba 3 .20 as ADS member server
> Windows/Linux clients perform Kerberos authentication from Windows 2k
> (which actually is a trusted domain member of a Kerberos Realm), user
> account info is generated from AD
> 
> I saw on here somewhere about a type of user account mapping for this
> type of setup but it wasn't included in the HOWTO due to lack of
> information or something.  Any help on the correct terminology, or how
> to accomplish this is appreciated.

I think you want to look at 'idmap backend = ad', and 'winbind nss
support = sfu'




cheers, jerry


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFDz7reIR7qMdg1EfYRAmHSAKDr18YpYSexgVCGagOBGGFei9kUywCfadWr
J1XiP9DWBPjwkqcXFr5nE6E=
=wMXX
-----END PGP SIGNATURE-----


More information about the samba-technical mailing list