[Samba] Link AD to pre-existing UNIX accounts
Gerald (Jerry) Carter
jerry at samba.org
Fri Apr 27 13:41:40 GMT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Ralf Gross wrote:
> CG schrieb:
>> I'm trying to use winbindd to enumerate and link AD users to their pre-
>> existing UNIX accounts. Right now, winbindd creates new "users" for UNIX based
>> on windows username and groups.
>> What I can't figure out is how to explicitly map the AD users to their pre-
>> existing UNIX accounts. I'd like the users to be able to access their UNIX
>> accounts with their UNIX authentication information /and/ their AD
>> authentication information. I had hung my hat on the "username map" smb.conf
>> directive, but I find now that it doesn't apply to winbindd.
See the idmap_nss backend in Samba 3.0.25. But it is an all
or none. You cannot have winbindd allocate a uid for some
users in a domain and use existing Unix accounts for others.
On older versions, see the "winbind trusted domains only" option.
I also have a pending username map plugin for winbindd that might
be available in 3.0.26. it's still under discussion.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the samba