[Samba] How to use ldapsam backend without storing any user SID?

Dominique Petitpierre Dominique.Petitpierre at adm.unige.ch
Thu Jan 27 15:32:37 GMT 2005


When Samba is configured to use smbpasswd as a backend,
it uses an algorithm to construct SIDs from uid/gids.
The SIDs are not stored anywhere.

But when ldapsam is used as a backend,
without changing anything else to the configuration,
a SID *has to* be stored in the entry of each user.
I don't need nor want that.

- Is it possible to have a LDAP backend but still use
the algorithm to construct SIDs? How?

You'll find below the complete [global] section
of the smb.conf used by samba 3.0.10
(on Mandrake Linux 10.1).

Thanks in advance!

Mr Dominique Petitpierre       Email: User at Domain
Division Informatique                 User=Dominique.Petitpierre
University of Geneva                  Domain=adm.unige.ch

Annexe: complete [global] section of the smb.conf
         workgroup = VPNGROUP
         server string = Samba Server %v
         passdb backend = ldapsam:ldaps://foobar.unige.ch
         log level = 3 passdb:5 auth:10 winbind:2
         log file = /var/log/samba/log.%m
         max log size = 50
         socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
         domain logons = Yes
         local master = No
         dns proxy = No
         ldap admin dn = cn=admin,ou=foobar,dc=unige,dc=ch
         ldap group suffix = ou=Group
         ldap idmap suffix = ou=Idmap
         ldap machine suffix = ou=Hosts
         ldap suffix = dc=unige,dc=ch
         ldap user suffix = ou=People
         hosts allow =, 192.168.

More information about the samba mailing list