[Samba] Re: Need help with IDMAP storage in LDAP using Winbind

paul kölle paul at subsignal.org
Fri Sep 30 12:31:10 GMT 2005

Kristof Bruyninckx wrote:

> But I have one more question, I configured a LDAP client, and on this
> machine I can see all the normal NIS users, but I don't see any windows
> users. This might sound stupid but this was what how I expected it to
> work. Sometimes it takes a while for the brain to catch a clue :).
;), if I recall your setup correctly you don't have the windows "users"
in LDAP. They are comming from AD and nss_winbind makes them available
for the OS. Idmap provides a means to share SID -> UID mappings across
multiple servers. Something like:

> Now my question would be, how to setup the client, to use the mapping
> stored into the LDAP server. 
This largely depends on the definition of "use".

> If this is possible, since at the moment
> I'm a bit confused. Do I have to perform this setup on every server to
> Unify SID to UID/GID mapping. Or how can I use the LDAP server I just
> setup for this purpose,
For your samba servers you just point every member server to your
ou=Idmap, ... branch. You *can* add another LDAP server as slave to add
redundancy but that's another story.


More information about the samba mailing list