Samba4 idmap using uidNumber/gidNumber

steve steve at steve-ss.com
Tue Jun 12 09:34:39 MDT 2012


On 06/10/2012 02:21 PM, Andrew Bartlett wrote:
> On Sun, 2012-06-10 at 09:39 +0200, Gémes Géza wrote:
>> On 2012-06-10 08:02, Andrew Bartlett wrote:
>>> Steve,
>>>
>>> Attached is a patch that I know you and a number of our users will be
>>> interested in.  This patch makes Samba4 honour the uidNumber/gidNumber
>>> attributes in the directory, when present.
>>>
>>> This is done in a simple manner - we simply search the directory first.
>>> No attempt at resolving conflicts with the idmap.ldb is done, the
>>> directory simply wins.
Hi Andrew. I'm a little confused here because we can already do that. 
The schema has all the objectClasses and attributes we need. e.g.
With each user entry in the directory one can store:
uid
gid
uidNumber
gidNumber
posixAccount
unixHomeDirectory
loginShell

A similar set for groups

We then map uid to samAcccountName using nss. It pulls everything else 
directly from the directory. No winbind.
We don't touch idmap.ldb anywhere as far as I can tell.
Cheers,
Steve



More information about the samba-technical mailing list