External idmap backend(s)

Matthew Mastracci matt at aclaro.com
Tue Feb 6 22:31:59 GMT 2007

Gerald (Jerry) Carter wrote:
>> I think you just want the idmap_nss backend then right?
> To clarify, the new idmap backend (just merged to SAMBA_3_0_25)
> allows this kind of configuration
This looks like exactly what we need: excellent!

I originally tried to implement our system using nss_ldap on each of the 
servers, but we couldn't get the member servers to recognize the domain 
users without winbind running (which is why I ended up writing the 
external backend).  I didn't realize this existed, much thanks to all 
the developers of this feature for the implementation.

 From what I can tell, I'll just need to push my ldap.conf & smb.conf to 
each of the member servers, set up nsswitch to add LDAP and I should 
have exactly what we were doing the roundabout way before. 


More information about the samba-technical mailing list