[Samba] Map sids to Unix UID and GID
drescherjm at gmail.com
Tue Feb 3 15:38:12 GMT 2009
>> Do you have idmap configured?
> Thanks for getting back. It looks like it is working now. I had idmap
> turned on and using tbd. All local account and groups on the system are
> managed via nss_ldap and a non windows directory. I turned on winbindd but
> did not configure it in nsswitch.conf for nss_ldap, so I could get SID to
> name mapping, but I it did not resolve SID to uid. I also do domain name to
> local name mappping using "username map script:".
> I found a note talking about the "nss" backend. I used "idmap backend = nss"
> in the configuration file and that seems to do the job. I can now use any
> group that is listed in "getent group" and "getent passwd" and when I do a
> getfacl I see the proper acls on the file.
> It took me awhile to find a reference to "idmap backend = nss". Is this a
> well known backend? Is there any information describing what it does and
> how it does it?
All I can say is I use that (nss backend) in a samba PDC domain (no
ADS) with linux and windows it fixed the problem that you describe. I
believe I found this via a google search but I did not find good
documentation on that.
More information about the samba