[Samba] Winbindd as NIS replacement in heterogen environement

Benoit Panizzon benoit.panizzon at imp.ch
Wed Oct 27 10:10:30 GMT 2004

Hi all

We have the following environement:

Microsoft ADS for Windows Users, NIS for Un*x Users.
Samba 3.x Fileservers.

Win2k/XP Clients which use CIFS to connect to the Fileserver.
FreeBSD/Linux Clients which use NFS to connect to the Fileserver.

For the moment, Windows User authenticate against the ADS and Un*x users 
authenticate against a NIS Server. Everything runs fine.

But we would like to merge the two existing user bases into one central place.

So the first idea was to get rid of NIS and start using winbind and Kerberos 
on all Un*x clients.
But in the default settings every client would generate it's own set of user 
ID's and that would end up in a huge mess on the NFS servers.

Is there a way to integrate the Posix Account Data in to the ADS so that it 
can be used by winbind or maybe something like a LDAP authenticated login on 
the unix clients?
Or is the only way to solve this problem by setting up a openldap server and 
get winbindd to store username => Posix uid's into this directory?

Has somebody allready got such an environement running? I'm not so interrested 
in theoretical possibilities to solve it, I've read them too :-)

Benoît Panizzon, <bp at imp.ch>
ImproWare AG, UNIXSP & ISP                     Phone: +41 61 826 93 00
Zurlindenstrasse 29                            Fax:   +41 61 826 93 01
CH-4133 Pratteln                               Net:   http://www.imp.ch/

More information about the samba mailing list