[Samba] AD Auth, but Unix users and groups
Gerald (Jerry) Carter
jerry at samba.org
Mon Oct 22 14:04:08 GMT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Gary Algier wrote:
> Hello All:
>
> I have a Samba server (running 3.0.11) that uses an LDAP SAM for
> authentication. We now have AD (native mode) running in house.
> Since everyone has a login there, I would like to use the AD
> credentials for authentication. However, I would like to continue
> to use the Unix user ids and group ids, etc.
>
> All the documentation for AD authentication talks about ID mapping, etc.
> I don't think I need this. I already have ids. I don't need to map
> them.
>
> Is there an easy way to do what I want?
Yes. There are several ways. In Samba 3.0.25 and later there
is the idmap_nss plugin for winbind. Prior to that is the
"winbind trusted domains only" setting but that has some drawbacks.
or you can possible forego Winbind and use something like nss_ldap.
But you need to make sure that the user and group names in
you directory match the AD environment.
cheers, jerry
=====================================================================
Samba ------- http://www.samba.org
Centeris ----------- http://www.centeris.com
"What man is a man who does not make the world better?" --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFHHK3YIR7qMdg1EfYRAh0GAKCINcEPOwjpXWPyhDgNiMWi9/mnvQCfWty6
uqZRfbZHP7jHwVEzCkbpzEo=
=cO6d
-----END PGP SIGNATURE-----
More information about the samba
mailing list