Winbind - functionality

Wed Jul 22 13:34:23 MDT 2009

Correct me if I am wrong here guys, but this does not seem to work with the new schema on SAMBA 4 - Alpha 8?  Meaning, this may work on Windows 2003 extended schema (rfc2307) but this does not seem to work for SAMBA 4's schema that has the new attributes for storing GID/UID information, or rather the same way the POSIX schema used in OpenLDAP stored this information.  Hence, why I wanted to use nss-ldap.  All existing IDs still get mapped new UID/GID numbers per the "idmap uid =" setting when SAMBA 3 is joined to SAMBA 4.


>>> On Wednesday, July 22, 2009 at 9:26 AM, in message
<4A672187.4070109 at>, Ondrej Valousek <webserv at> wrote:

>> OpenLDAP backend.  I may be wrong here but If we introduce winbind, the UID 
> and GID numbers will be changed based off of winbind
>> using the SID and multiplying, etc., to get a new UID/GID value that is not 
> even close to our existing production environment.  No groups
>> or users would be recognized on folders and files due to incorrect UID/GID 
> numbers.  I am talking about a lot of production file servers here.
> Wrong!
> Try:
>     winbind nss info = rfc2307
> That will force winbind to use rfc2307 attributes in AD instead -> will 
> deliver the same UID/GIDs as your nss_ldap but much more effectively.
> Ondrej

NOTICE - This communication may contain confidential and privileged information that is for the sole use of the intended recipient. Any viewing, copying or distribution of, or reliance on this message by unintended recipients is strictly prohibited.  If you have received this message in error, please notify us immediately by replying to the message and deleting it from your computer.

More information about the samba-technical mailing list