External idmap backend(s)
Gerald (Jerry) Carter
jerry at samba.org
Tue Feb 6 22:34:18 GMT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Matthew Mastracci wrote:
> This looks like exactly what we need: excellent!
>
> I originally tried to implement our system using
> nss_ldap on each of the servers, but we couldn't get
> the member servers to recognize the domain users
> without winbind running (which is why I ended up
> writing the external backend). I didn't realize this
> existed, much thanks to all the developers of this
> feature for the implementation.
Yup. This was added when Simo rewrote the idmap interface.
It replaces the 'winbind trusted domains only' option.
> From what I can tell, I'll just need to push my ldap.conf
> & smb.conf to each of the member servers, set up nsswitch
> to add LDAP and I should have exactly what we were doing
> the roundabout way before.
Yup. Sounds right. Let me know how it goes for you. This
current is in the SAMBA_3_0_25 tree (not released production
versions yet)
cheers, jerry
=====================================================================
Samba ------- http://www.samba.org
Centeris ----------- http://www.centeris.com
"What man is a man who does not make the world better?" --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFyQJqIR7qMdg1EfYRAlrjAKCWRdHpzq1bc9Dj0y8TGCZyHK+XJACfVRhz
+6YDO/SMGUoeUKJLnWoku5w=
=hw8d
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list