[Samba] Re: Winbind usage PDC and Domain menber ?

Gerald (Jerry) Carter jerry at samba.org
Fri Oct 31 17:59:43 GMT 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jérôme Fenal wrote:
| Gerald (Jerry) Carter wrote:
|
|> -----BEGIN PGP SIGNED MESSAGE-----
|> Hash: SHA1
|>
|> Alban Browaeys wrote:
|>
|> | Is winbind recommended on a multi file services network
|> | (SMB+NFS+AFS+etc) and when ACL are used:
|> | from various it seems not , winbind get the name only
|> | from the PDC and set a random id in the idmap, so id differs
|> | on pdc and menbers, also between menbers
|>
|> This can be corrected using the ldap backend for
|> winbindd.  It's not really well documented I'm afraid.
|
|
| Wow, had not seen that. Cool.
| I've just had a look at the documentation, it should be
| ok, but would just need the schema used, and some example
| of association (LDIF format).

The schema is included in exampls/LDAP/samba.schema
You don't have to create the entries.  winbindd will do
that for you.  You just need to make sure that the 'ldap idmap suffix'
is set correctly and exists in the DIT.

If you get stuck, let me know and I'll dig up some
more information for you.

| (I have not looked at the code) Is it using the posixAccount schema ?
| (my idea is to get the answer here, then on the Web via mail-archives ;-)
|
| Could it use a part of an AD LDAP server ? (in the context of an
| NT4-compatible DC ADS)

Not currently but Luke Howard @ PADL has written an AD
plugin for winbindd that you could use.  Check http://padl.com/.





cheers, jerry
~ ----------------------------------------------------------------------
~ Hewlett-Packard            ------------------------- http://www.hp.com
~ SAMBA Team                 ---------------------- http://www.samba.org
~ GnuPG Key                  ---- http://www.plainjoe.org/gpg_public.asc
~ "You can never go home again, Oatman, but I guess you can shop there."
~                            --John Cusack - "Grosse Point Blank" (1997)

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE/oqMPIR7qMdg1EfYRAh08AJsFnJTx8Uz7fl6ptd8xm8CfQku/KgCePZ8N
0rCxvBrLOUUzYIdABwWsg6Q=
=Rh3c
-----END PGP SIGNATURE-----




More information about the samba mailing list