[Samba] NT/ADS and UNIX user convergence using Samba
pubsyssamba at bbc.co.uk
Tue Apr 6 14:32:25 GMT 2004
I'd like this fileserver set up so that files created from either type of client have the same ownership. Basically I need to somehow map my ADS UID/GID's to my UNIX UID/GID's.
It is *not* important that users have login accounts on the fileserver ... so one idea I had was this: - Remove NIS from the nsswitch.conf entries on the fileserver. - Edit my /etc/passwd file on my NIS server so that UID/GID entries for a user are the same as they ones generated by winbind
I think you have two options, use winbind and bin NIS or vice versa.
If you choose to use winbind as you identified you have to worry about mappings being different on individual
Samba servers, the only way to get around this currently is to use LDAP as your idmap backend. This stores
the UID to SID mappings centrally for multiple Samba servers to share.
If you choose to use NIS you will have to mess around with smbpasswd and net groupmap to make users and
groups visiable as valid accounts for Samba. Also your NTLM passwords will not be sync'd to the domain but
Kerberos auth will work seemlessly. AFAIK
Hope that helps,
BBCi at http://www.bbc.co.uk/
This e-mail (and any attachments) is confidential and may contain personal views which are not the views of the BBC unless specifically
If you have received it in error, please delete it from your system. Do not use, copy or disclose the information in any way nor act in
reliance on it and notify the sender immediately. Please note that the BBC monitors e-mails sent or received.
Further communication will signify your consent to this.
More information about the samba