samba idmap rfc2307/SFU and others

zeropoint jpsergent at
Fri Jan 23 00:47:51 GMT 2009

I agree, I feel this is the best approach and I do understand the conflicts
that could arise. I just though maybe have 2 different ID map ranges kind of
like you can have different ID maps for different domains. Thanks for the
info, I'll stop my endless testing and searching.

simo-7 wrote:
> On Fri, 2009-01-23 at 02:37 +0200, Sassy Natan wrote:
>> at the moment samba doens't have support for the rfc2307
>> the posix account schema class is not in the samba schema (yet)
>> This means you can not have unix machine grab the info form the samba
>> machine
>> you can use winbind, but I guess the nss_ldap is much better for this
>> task
>> sassy
>> On Fri, Jan 23, 2009 at 2:27 AM, zeropoint <jpsergent at> wrote:
>> >
>> > I have samba setup and working very well with SFU r2 rfc2307, and I am
>> > pleased with how it is working. I am making a file server for a mixed
>> > environment, linux and windows. I was wondering if anybody knew if it
>> is
>> > possible for samba to allocate UIDs and GIDs on users and groups that
>> do
>> > not
>> > have the services for unix tab populated in the active directory. I
>> want to
>> > avoid "needing" to populate that tab for users that don't use
>> linux/unix
>> > systems, but do want access to the file server from windows. Thank you
>> in
>> > advanced.
>> > --
>> > View this message in context:
>> >
>> > Sent from the Samba - samba-technical mailing list archive at
>> >
> Sassy, samba 3.x does support using rfc2307 against AD domain
> controllers, what zeropoint is asking is something completely different.
> Zeropoint, no what you ask cannot be done at this moment, and it would
> lead to potential conflicts as your samba server may allocate ids later
> on introduced in AD.
> Although annoying it is certianly better to put all eggs in one basked
> and add the posix attributes to all windows accounts that need to access
> your samba server.
> Simo.
> -- 
> Simo Sorce
> Samba Team GPL Compliance Officer <simo at>
> Principal Software Engineer at Red Hat, Inc. <simo at>

View this message in context:
Sent from the Samba - samba-technical mailing list archive at

More information about the samba-technical mailing list