[Samba] anouncing getent passwd database as domain users without winbind?

Jochen Schmidt jochen.schmidt at millenux.com
Wed Jan 7 14:10:37 GMT 2004


does anyone know if it is possible to implement a samba-Setup using Domain
users without the use of Winbind?

If've the following environment:

- Ldap-Server with every Userinformation (Single Point of Administration)
- Group and User (also the Mappings and the Passwords) are replicated into the ADS Domain
- The ADS is needed to get group Policies working.
- The fileserver is Linux with pam_ldap and nss_ldap so all users are always there.

If i use winbind, i have every user twice on the Linux-System. Second the
User generated by winbind (used from windows client) and first the
"normal" Ldap-User (used from any Unix-Workstations).

Since the Usernames and Group-Memberships are defined in Ldap i want to
use only the ldap-Userdatabase.

If i disable winbind i will no longer able to use add/modify/delete
Security Record (or simple ACL's) using the Windows GUI.
If i enable winbind this is possible, but the UID used is the one
generated by winbind and not the unix-UID so that the user can't access
his files from Unix :(

Is the a working solution for this?



Jochen Schmidt                           jochen.schmidt at millenux.com
Mi||enux GmbH                                mobile: +49.175.5752483
Lilienthalstraße 2                          phone: +49.711.88770.300
70825 Stuttgart-Korntal                       fax: +49.711.88770.349
      -= linux without limits -=- http://linux.zSeries.org/ =-
PGP Fingerprint:  6F9A 85CE 78EA 7EF1 B2BA  3559 8FA1 2B13 098D 20B5

More information about the samba mailing list