AdEx: New idmap/nss_info plugin

Gerald (Jerry) Carter jerry at samba.org
Fri Sep 19 17:43:21 GMT 2008 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Folks,

Rather than rewriting idmap_ad, I adapted the Likewise
Enterprise plugin.  This may be of interest to some ppl.
Current it does not support the SFU schema but I could
probably plumb that in if really required.

Also, this requirement to add certain attributes to the
PAS for global catalog is completely acceptable to me.
But I'm sure this will involve some discussion.  I'm
not willing to rewrite this without the global catalog
support.

- From the commit msg:

The adex idmap/nss_info plugin is an adapation of the Likewise
Enterprise plugin with support for OU based cells removed
(since the Windows pieces to manage the cells are not available).

This plugin supports

  * The RFC2307 schema for users and groups.
  * Connections to trusted domains
  * Global catalog searches
  * Cross forest trusts
  * User and group aliases

Prerequiste: Add the following attributes to the Partial Attribute
Set in global catalog:

  * uidNumber
  * uid
  * gidNumber

A basic config using the current trunk code would look like

 [global]
      idmap backend = adex
      idmap uid = 10000 - 19999
      idmap gid = 20000 - 29999
      idmap config US:backend = adex
      idmap config US:range = 20000 - 29999
      winbind nss info = adex

       winbind normalize names = yes
       winbind refresh tickets = yes
       template homedir = /home/%D/%U
       template shell = /bin/bash





cheers, jerry
=====================================================================
Samba                                    ------- http://www.samba.org
Likewise Software          ---------  http://www.likewisesoftware.com
"What man is a man who does not make the world better?"      --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFI0+S5IR7qMdg1EfYRAkQGAKCimiVjHmTYoXKhOZikOFFQDc7BLwCfUGNV
DqG8F8fXh5EYfmUIBHrmRYk=
=7JxG
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-idmap_adex-Add-new-idmap-plugin-for-support-RFC2307.patch
Type: text/x-diff
Size: 104458 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20080919/af8dc0e6/0001-idmap_adex-Add-new-idmap-plugin-for-support-RFC2307.bin

More information about the samba-technical mailing list