[Samba] When do i need "idmap backend = " ???
Paul Gienger
pgienger at ae-solutions.com
Mon Jun 21 13:25:12 GMT 2004
Michael Gasch wrote:
>> Winbind should not be running on a samba PDC at all.
>
> uh, you misunderstood something =)
>
> winbindd runs on a DC and looks up UID/SID by RPC Calls/NSS on a
> different PDC (samba) machine
>
No, I wasn't very verbose. It should not be running on a PURE samba
PDC. If samba was running as a BDC or a member server in a windows
controlled network winbind does the UID/SID map from the master windows
server for you. I inferred that windows was not running in a domain
control capacity by stating that samba was acting as the PDC.
If you would like to call me on that, I'll be happy to show you a
process list of a functioning samba 3 pdc that does not have winbindd in it.
> bye
>
>>
>> Michael Gasch wrote:
>>
>>> okay thank you very much !!!
>>>
>>> but i experienced, that winbind needs this parameter even when looking
>>> up SIDs on samba PDC with LDAP backend
>>> but this was not my question
>>>
>>> thx
>>> bye
>>>
>>> Paul Gienger schrieb:
>>>
>>>>
>>>>> i wonder, if i don't use winbind, do i really need the parameter
>>>>> "idmap backend = " in smb.conf on PDCs/BDCs ???
>>>>> those machines find their SID/UID/GID via "passdb backend ="
>>>>> don't they?
>>>>>
>>>> You are correct, the IDMAP parameters are only for when you are
>>>> connecting to a windows DC. The idmap is used to map the windows
>>>> SID to UNIX uid. If you are using a unix samba server as your DC
>>>> the uid comes from the system having every user defined wherever it
>>>> gets its name service info (ldap, NIS, passwd/shadow files, etc)
>>>>
>>>>> thx
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>
>>
>
--
Paul Gienger Office: 701-281-1884
Applied Engineering Inc. Cell: 701-306-6254
Information Systems Consultant Fax: 701-281-1322
URL: www.ae-solutions.com mailto:pgienger at ae-solutions.com
More information about the samba
mailing list