[Samba] vampire fails because of Debian smbldap-tools problem

tom burkart alsa at aussec.com
Wed Nov 24 23:13:19 GMT 2004

On Nov 24, John H Terpstra wrote:

>> The other really useful thing I found while looking for the above
>> reference is in the Samba-Guide/happy.html#id2536161 where in the note it
>> says that having separate containers for users and computers does not yet
>> work, yet examples appear to use this (hence I got the crazy idea it
>> should just work and it didn't).
> Smile. :) It can be made to work by moving the basedn up the tree. The
So I noticed... ;-(

> performance impact works against that.
Yeah, which could be significant if you are using LDAP for other things as 

>> This brings me to my last point about the LDAP issue that seemed to bring
>> this thread up:
>> Why is samba using NSS when it has all the necessary information to do the
>> proper LDAP search itself?  This does not appear to make sense.
> Surely you realize that Samba stores files in the file system. The file system
> is completely divorced from Samba. Who would own the files if the UID and GID
> Identities are NOT resolved via NSS?
No argument with that.

> You are completely correct that Samba can do an LDAP lookup to get user and
> group ID information, but that is not the issue. How do you propose to
> resolve IDs within the OS if not through NSS?
The issue of this thread was authenticating machine accounts if I remember 


More information about the samba mailing list