samba idmap rfc2307/SFU and others

simo idra at
Fri Jan 23 00:43:33 GMT 2009

On Fri, 2009-01-23 at 02:37 +0200, Sassy Natan wrote:
> at the moment samba doens't have support for the rfc2307
> the posix account schema class is not in the samba schema (yet)
> This means you can not have unix machine grab the info form the samba
> machine
> you can use winbind, but I guess the nss_ldap is much better for this task
> sassy
> On Fri, Jan 23, 2009 at 2:27 AM, zeropoint <jpsergent at> wrote:
> >
> > I have samba setup and working very well with SFU r2 rfc2307, and I am
> > pleased with how it is working. I am making a file server for a mixed
> > environment, linux and windows. I was wondering if anybody knew if it is
> > possible for samba to allocate UIDs and GIDs on users and groups that do
> > not
> > have the services for unix tab populated in the active directory. I want to
> > avoid "needing" to populate that tab for users that don't use linux/unix
> > systems, but do want access to the file server from windows. Thank you in
> > advanced.
> > --
> > View this message in context:
> >
> > Sent from the Samba - samba-technical mailing list archive at
> >

Sassy, samba 3.x does support using rfc2307 against AD domain
controllers, what zeropoint is asking is something completely different.

Zeropoint, no what you ask cannot be done at this moment, and it would
lead to potential conflicts as your samba server may allocate ids later
on introduced in AD.
Although annoying it is certianly better to put all eggs in one basked
and add the posix attributes to all windows accounts that need to access
your samba server.


Simo Sorce
Samba Team GPL Compliance Officer <simo at>
Principal Software Engineer at Red Hat, Inc. <simo at>

More information about the samba-technical mailing list