[Samba] idmap_nss needed together with idmap_ldap?
Alexander 'Leo' Bergolth
leo at strike.wu-wien.ac.at
Mon Mar 9 21:36:52 GMT 2009
Hi!
In my samba controlled domain, most users are stored in an LDAP
directory. The Unix boxes use nss_ldap but they also have a few local
users (mostly system-users) whose user-ids are not synchronized.
I've read the documentation about idmap_nss but I'm still not sure if
this is needed for my setup.
Will using idmap_nss in addition to idmap_ldap result in any benefit
(e.g. when mapping local, non-ldap unix users)?
I am thinking of a setup like:
-------------------- 8< --------------------
idmap domains = NSS TRUSTEDDOMAINS
# <is this needed?>
idmap config NSS:backend = nss
idmap config NSS:readonly = yes
# </is this needed?>
idmap config TRUSTEDDOMAINS:default = yes
idmap config TRUSTEDDOMAINS:backend = ldap
idmap config TRUSTEDDOMAINS:readonly = no
idmap config TRUSTEDDOMAINS:ldap_url = ldap://127.0.0.1
idmap config TRUSTEDDOMAINS:range = 16777216-33554431
idmap alloc backend = ldap
idmap alloc config:ldap_url = ldap://127.0.0.1
idmap alloc config:range = 16777216-33554431
-------------------- 8< --------------------
Thanks,
--leo
--
e-mail ::: Leo.Bergolth (at) wu-wien.ac.at
fax ::: +43-1-31336-906050
location ::: IT-Services | Vienna University of Economics | Austria
More information about the samba
mailing list