[Samba] winbind / ldap

Michael Gasch gasch at eva.mpg.de
Thu Aug 19 06:22:34 GMT 2004 

 > - Winbind isn't needed any more.
don't we need winbind to MAP SIDs to UIDs, if the server is a DOMAIN 
MEMBER Server ???
cause the idmap backend parameter in smb.conf is for winbind i thought

greez

rignier at cpe-chartreux.com schrieb:
> Hello!
> 
> I have an AD domain configured with this :
> 1 - win2k server with AD and NIS server for Windows (from SFU
> http://www.microsoft.com/windows/SFU)
> 2- a linux debian sarge box with samba3.0.4 and lib_nss-ldap
> 
> With SFU, AD Schema is changed and Unix Information such as UID GID home an
> Shell can be set on each User.
> Linux can access user database either with
> - ypbind (nis client) : the simpliest but Some security holes
> 
> - libnss_ldap : better but difficult to opperate with AD I have succeded
> with almost all default Debian package I have tried with RedHat without
> success.
> 
> - Samba is in ADS security mode and member of domain.
> 
> - Winbind isn't needed any more.
> 
> 
> -> -----Message d'origine-----
> -> De : samba-bounces+rignier=cpe-chartreux.com at lists.samba.org 
> -> [mailto:samba-bounces+rignier=cpe-chartreux.com at lists.samba.o
> -> rg] De la part de Manfred Odenstein
> -> Envoyé : jeudi 12 août 2004 13:16
> -> À : samba at lists.samba.org
> -> Objet : Re: [Samba] winbind / ldap
> -> 
> -> 
> -> its on 
> -> http://us4.samba.org/samba/docs/man/Samba-Guide/happy.html#ch
> 6-ldifadd
> 
> Am Donnerstag, 12. August 2004 11:19 schrieb Hamish:
> 
>>Hello
>>Im not sure how to ask the question i need, but let me try:
>>
>>Background:
>>SuSE 9.0
>>Samba from rpms: samba 3.0.3pre2-SuSE
>>Role: domain member server (winbind)
>>
>>I am having a lot of trouble upgrading samba and I'm thinking of 
>>moving to another server. I have found that if I move the 
>>winbindd_idmap.tdb across, the AD / UID mappings are saved but would 
>>like to know:
>>a) Is this safe? (is there anything that will bomb out a few months down
>>the line?)
>>b) can this be done with LDAP instead (I know close to nothing of LDAP,
>>I have assumed it is for use as a PDC, but could it be used to store UID
>>mappings as well? How 'interesting' would this be to set up?)
>>
>>Thanks,
>>H

-- 


          "Matrix - more than a vision"

**************************************************
                  Michael Gasch

            - Central IT Department -

Max Planck Institute for Evolutionary Anthropology
Deutscher Platz 6
04103 Leipzig

Germany
**************************************************

More information about the samba mailing list