[Samba] Re: ADS valid users can't map share
Gerald (Jerry) Carter
jerry at samba.org
Wed Oct 20 15:12:10 GMT 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Greg Adams wrote:
| How do you choose to authenticate using kerberos instead
| of NTLM? Is that when you map as "userid at DOMAIN.X.Y.Z"
| instead of "DOMAIN\userid"?
It depends on whether you are using 'security = ads' and
have a working kerberos installation or if you are using
'security = domain'.
| Is there another way for me to do user mapping than
| using the username map? I've seen some OpenLDAP method
| of doing it, but since my goal is to map a handful of
| ADS domain groups to individual unix id's, I
| figured it was easier to just use username map instead
| of setting up an LDAP schema.
You are talking about group mapping. This does not
require LDAP, but can be stored in and LDAP directory.
cheers, jerry
- ---------------------------------------------------------------------
Alleviating the pain of Windows(tm) ------- http://www.samba.org
GnuPG Key ----- http://www.plainjoe.org/gpg_public.asc
"If we're adding to the noise, turn off this song"--Switchfoot (2003)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFBdoBKIR7qMdg1EfYRAjQ9AKC5fMb6pQGPPUj9MElWnFhP+fXCQwCgm9Dw
bUYflDdIf8LOjflh3JWcYV8=
=3HkH
-----END PGP SIGNATURE-----
More information about the samba
mailing list