[Samba] Samba 3 + Win2k = Headache

tms3 tms3 at fsklaw.net
Thu May 20 21:30:21 GMT 2004

Yep.  And you can populate ADS with the ldap stuff, automatically, but 
only one way.  From ldap to W2k.  I've got an overview on this form the 
University of Michigain, but at the office.  On vacation till tuesday.

Paul Gienger wrote:

> Shannon Johnson wrote:
>>> From what I can gather, you've got
>>> 2003 AD doing user management
>>> RHEL for a (home) fileserver
>>> Clients of all flavors
>>> Have you thoroughly investigated just using nfs and autofs to do home
>>> directory mounting and decided you can't use it for one reason or
>>> another?  What are those reasons?  You'd probably have less headache
>>> using nfs in a unix client - unix server environment, after all,
>> that's
>>> what NFS is good for.
>> Win2000 server, not 2k3... but essentially correct. NFS won't work
>> because since we're doing authentication through winbind, all of the
>> uid's are different on each linux client. We've tried loading the
>> Services for Unix on the server, and assigning UID's, then using the
>> idmap_ad as the idmap backend, but I'm actually not sure how it works,
>> so I can't thoroughly explore it (the documentation apparently doesn't
>> exist?). The only thing I can check is "getent passwd" which returns the
>> UID winbind came up with on its own (through its own methods... not from
>> AD).
> For that I would suggest using a central LDAP repository for your 
> idmap backend on all machines.  If that's all you need to do to get it 
> going with nfs, that's a not-too-tough situation to solve.  You don't 
> have to go through the (somtimes painful) samba/ldap setup, you just 
> need a basic ldap server with one idmap tree in it.  What are you 
> using for your unix auth now?  since it sounds like you've got a few 
> unix machines, ldap is a good fit there too, unless you've got 
> something else that's tied in to your organization that you'd have to 
> rebuild... 
>> Also, we are sharing files in a cross-platform environment... We needed
>> to have the same file space, using the same quota for all of the users
>> in the department.
> What is enforcing your quotas?  2K or unix machine?
>> That's why Samba seemed like such a perfect fit.
>> Windows maps the user's home directory from the Samba server via SMB,
>> and the Linux users do the same. That's when the symbolic and hard link
>> problems come into play...

More information about the samba mailing list