[Samba] Samba PDC and Samba domain member - LDAP/Winbind/Idmap confusion

Stefan Dengscherz stefan.dengscherz at gmx.net
Wed Apr 16 19:44:07 GMT 2008

Hello List,

I have the following scenario:

1x Samba PDC with LDAP backend
1x Samba member server
1x Samba member server (Openfiler)

However, I'm confused about Idmapping. I want to use ACLs on the PDC and
both member servers.

Are my thoughts correct?

- Samba member server knows the unix users through LDAP (added in
- Authentication when accessing a member server share is performed by
   the PDC
- ACLs won't work without a proper Idmapping backend setup (i want to
   use LDAP for this) - how does Idmapping fit into here?
- Would it be possible to achieve my scenario with winbind?
- Could I spare the LDAP configuration on the member servers then?

Thanks in advance for enlightening me,


More information about the samba mailing list