[Samba] Re: Migrating Fileservers to LDAP

paul kölle paul at subsignal.org
Fri Jun 17 11:40:54 GMT 2005


Adam Engel wrote:

> 1) Some users have accounts on 1 or more of our fileservers, as well as
> an account with our LDAP server, same username but passwords aren't
> synched.  If I have the server join the domain, what consequences or
> problems will I have with the user accounts. Obviously the gid/uid's
> wont be the same on the servers. Will the 'Local' users be enforced
> instead of the domain user accounts when it comes to the files?
No, uid/gid stuff is simply managed by NSS and samba takes what is gets
from there. Depending on your nsswitch.conf, ldap users may come behind
local users but conceptually they are in the same namespace and you have
no unique mapping name <-> uid/gid anymore. In short: Don't do that,
instead point all your fileservers to your LDAP server, delete local
users if they exist in ldap and migrate the data to new uids/gids.

cheers
 Paul



More information about the samba mailing list