About ldapsam:editposix

Volker Lendecke Volker.Lendecke at SerNet.DE
Thu Mar 2 22:11:12 GMT 2006

On Thu, Mar 02, 2006 at 08:48:25PM +0100, Stéphane Purnelle wrote:
> Actually, I have a PDC which use nss_ldap & pam_ldap for posix account
> and idealx-tools for manage user/machine and groups account coupled
> with webmin.  I never used winbind for that and the nested group
> functionnality is not used !

So this is perfectly fine.

ldapsam:editposix gives you just an additional option to
live without external tools. If you don't enable that
option, everything just works as it did before.

The ldapsam:editposix=yes makes the setting of "add user
script", "add group script" and so on unnecessary, smbd
changes LDAP directly. We require winbind for this, as when
creating new users and groups we have to find a fresh,
unused uid/gid for them. And winbind naturally is a source
for uids and gids. That's all.

It has nothing to do with "internal" or "external" tools, it
is simply an option to live without external scripts like
those from idealx.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20060302/e1fcc758/attachment.bin

More information about the samba-technical mailing list