does ldapsam:trusted=yes really work?

Tomasz Chmielewski mangoo at
Mon Jan 30 12:30:32 GMT 2006

Volker Lendecke schrieb:
> On Mon, Jan 30, 2006 at 11:00:31AM +0100, Tomasz Chmielewski wrote:
>>Why does Samba still want to use NSS with "ldapsam:trusted=yes" in smb.conf?
> Right now ldapsam:trusted is mainly a speed feature, you still need to have the
> Unix users from nss around. Very slowly but steadily I'm finding my way through 
> the code to possibly make that unnecessary, although I'm not sure if that is
> desirable.

Ahh, now I understand.

Well, it may be desirable, just imagine systems without NSS.

If you're wondering what systems on this Earth don't support NSS 
nowadays: all systems which use uClibc instead of glibc.

This means all really small, embedded systems running Samba.

Right now I have to generate /etc/passwd and /etc/shadow from the LDAP 
content, which is not that nice.

Generally, what needs to be done to make this work (users in LDAP 
without NSS)?
Perhaps there could be an "ugly" hack (comment out checking for a user 
via NSS etc.), or is it more complicated?

Tomasz Chmielewski

More information about the samba-technical mailing list