[Samba] Restricting winbind to the default domain
Etienne Goyer
etienne.goyer at videotron.ca
Tue May 17 15:37:15 GMT 2005
Greetings,
I want to use winbind in conjunction with nsswitch in a pretty large AD.
I would like winbind to only map users in the default domain. As it
is, winbind map users in other trusted domain of the AD too, which is
*not* what I want.
I am not sure I made myself very clear, so here is an example. Let's
say I have an AD called ACME.COM. There are the domains PROD.ACME.COM
and ADMIN.ACME.COM in this AD. I made my Samba server join the
PROD.ACME.COM domain. When I have nsswitch.conf configured correctly,
"getent passwd@ return all the users in both domains. I would prefer it
return only users in the PROD.ACME.COM domain, and not those in
ADMIN.ACME.COM. Is that possible ?
I know about "winbind enum users" and "winbind enum groups", but this is
not what I want. I do not want account outside the default domain to be
valid on my this server for services other than Samba.
I am running Samba 3.0.10 on RHEL 4.
Thanks a lot !
Etienne Goyer
More information about the samba
mailing list