[Samba] winbind and getent

Gabriel Petrescu gabrielescu at gmail.com
Wed Jul 29 06:28:13 MDT 2009

based on all the info i found: books and how to's

if you have a samba server member of the domain you don't need ldap / openldap.

you need samba, samba-common, winbind

add samba server to domain and authentificate user / groups from domain.

i wanted to one samba share to be accesible to only one ad group.

i could have access for users, in their homes, but not for groups.

do i need ldap / openldap? why?


On Wed, Jul 29, 2009 at 2:08 PM, Quinn Fissler<qfissler at gmail.com> wrote:
> The different behaviours are caused by the fact that the two methods
> do different things...
> They use different libraries and configuration files.
> I'm not near a linux box with SaMBa today so I can't show you examples.
> You should tell us more about what you're running...
> In any case, the first thing to check is /etc/nsswitch.conf
> Then look at how you configured AD integration - was it with OpenLDAP?
> Check your ldap.conf - you might find more than one...
> /etc/ldap.conf?
> /etc/openldap/ldap.conf?
> Which binding credentials do you use?
> How about the TLS options?
> What about if you query the ldap server with ldapsearch?
> A quick web search yields some articles which might help you check
> your approach:
> http://www.networkcomputing.com/showArticle.jhtml?articleID=55301455
> http://technet.microsoft.com/en-us/magazine/2008.12.linux.aspx
> http://www.linux.com/archive/articles/40983

More information about the samba mailing list