[Samba] Re: winbind capabilities

Jim Kusznir kusznir at eecs.wsu.edu
Mon Oct 31 23:50:52 GMT 2005

Rex Dieter wrote:

> Jim Kusznir wrote:
>> From what I undrestand, there is no feesable way of implementing winbind
>> in NSS and maintaining existing UID/GID mappings.
> AFAIK, If SFU is installed on your Windows AD domain controller, it 
> will extend the schema to allow you to define UID/GID/homedir for 
> winbind's use.  We're hopeing to use this soon, provided if I can ever 
> get our AD admins to install SFU.
> -- Rex

SFU30 is installed, and has extended the schema.  We've been storing the 
UID/GID in this schema.  My question is will winbind use that?  My 
reading (from the samba howto) indicates that it does not; that we need 
to use nss_ldap to resolve that information.  If we do, however, I also 
understand we loose the ability to use windows groups, which is a major 
issue for us.

Can anyone confirm or deny this information?  I know samba is a very 
active project, and the howtos may not match the actual state of the 
most current version.


More information about the samba mailing list