[Samba] using winbind to map existing unix to AD users

Kums kumaran.rajaram at gmail.com
Tue Feb 24 23:47:49 GMT 2009

On Tue, Feb 24, 2009 at 9:23 AM, Tom Lieuallen <toml at engr.orst.edu> wrote:

> On our campus, we have an AD forest.  Our particular department has a
> number of samba servers that authenticate to one tree of that AD forest.
> All of our users have accounts in LDAP for unix and AD for windows.
> We don't want/need winbind for authentication.  However, we would like the
> ability of setting ACLs on the samba server from windows clients.  So, I
> assume I need a mapping of unix uid to AD SID.
> It seems winbind is the solution for this, however it seems to want to
> generate the uids rather than using getpwent to look that up.
> Is there something simple that I'm overlooking?

May be you can use "idmap backend = rid" to use RID of the user SID to
generate the UID and GID?



More information about the samba mailing list