[Samba] multiple passdb backends: ldaps for users, everything else locally?

Marc Petitmermet petitmermet at mat.ethz.ch
Sun Jun 20 21:54:19 GMT 2004

dear list members

is it possible to only have the users authenticate against an external 
ldap server and everything else managed locally on the samba server? 
the problem is that i only can authenticate against the central ldap 
but not write to it. this means that samba "root" as well as all 
machine accounts have to be managed locally and the users' homes 
information is retrieved by nis.

in the manual page of smb.conf i read the following:

"Multiple backends can be specified, separated by spaces. The backends 
will be searched in the order they are specified. New users are always 
added to the first backend specified."

now, when i define the passdb backends as following in this order does 
my intention work?

   passdb backend = tdbsam ldapsam:ldaps://ldaps01.domain.com

"root" is defined locally in tdbsam, all users in ldap. machines are 
also added locally.


More information about the samba mailing list