[PATCH] New idmap module idmap_rfc2307

steve steve at steve-ss.com
Fri Jun 22 04:10:17 MDT 2012

On 21/06/12 22:37, Christof Schmitt wrote:
> steve<steve at steve-ss.com>  wrote on 06/21/2012 11:28:54 AM:
>> On 06/21/2012 06:14 PM, Christof Schmitt wrote:
>>> yes, this will still be ok when the patches are applied. Nothing will
>>> change unless you enable the new id mapping modules in the config. You
>>> would enable it with the idmap parameter:
>>> idmap config DOMAIN : backend = rfc2307
>>> This module would allow you to also use the records in the LDAP
>>> directory for the Samba id mapping. See the patch that adds the
>>> manpage for some details how to enable and configure it.
>>> Regards,
>> Hi Christoph
>> Actually that is what we want. Under nfs for our Linux clients,
>> everything comes from the directory. Under s3fs, uidNumber and gidNumber
>> still have to come from idmap. I think your patch will allow s3fs to
>> also pull uidNumber:gidNumber from the directory if they are already
>> there. Have I got thhat right?
> I have not explicitly tested with s3fs, i am still using a setup
> without s3fs.
> And yes, it gets the id mapping by looking at the uidNumber and
> gidNumber in the LDAP records.
>> I shall surely look at the manpage patch but could you tell me if
>> idmap config DOMAIN : backend = rfc2307
>> goes into smb.conf global section?
> Yes, it goes in the global section. This is the setup i used for
> testing with a stand-alone LDAP server:

Hi Christof
I just tested the
idmap config DOMAIN : backend = rfc2307
on the latest git from today.

Under s3fs it doesn't seem to work. If a user creates a file in windows, 
the uidNumber and gidNumber come from idmap, not from the directory.

Under NFS on Linux clients everything works fine. All the rfc2307 
classes and attributes are exactly those set in the s4 LDAP directory, 
pulled via nss.

Maybe I have missed something?

More information about the samba-technical mailing list