External idmap backend(s)
matt at aclaro.com
Tue Feb 6 22:31:59 GMT 2007
Gerald (Jerry) Carter wrote:
>> I think you just want the idmap_nss backend then right?
> To clarify, the new idmap backend (just merged to SAMBA_3_0_25)
> allows this kind of configuration
This looks like exactly what we need: excellent!
I originally tried to implement our system using nss_ldap on each of the
servers, but we couldn't get the member servers to recognize the domain
users without winbind running (which is why I ended up writing the
external backend). I didn't realize this existed, much thanks to all
the developers of this feature for the implementation.
From what I can tell, I'll just need to push my ldap.conf & smb.conf to
each of the member servers, set up nsswitch to add LDAP and I should
have exactly what we were doing the roundabout way before.
More information about the samba-technical