[Samba] winbind and existing UIDs
liam.gretton at leicester.ac.uk
Thu Feb 4 02:07:56 MST 2010
I'm implementing a Samba service on Solaris (the native CIFS service
being unreliable in our environment); all is working well but I have a
couple of questions regarding winbind which I can't find answers to in
the documentation. I'm using 3.0.37 at the moment, but it wouldn't be a
big deal to use a more recent version if necessary.
The system will join an existing Windows AD.
We have Unix UIDs/GIDs already assigned, so I really need winbind to NOT
allocate UIDs on its own, but to use our existing ones. We don't have
the option of extending the AD schema to include UIDs; our existing Unix
accounts are all in LDAP.
What I've done to get round this is to use the ldap backend for winbind,
and create the mappings myself. This seems to work perfectly well but I
can't believe there's not a means within winbind to use the account
username to look up UIDs from an existing range.
My questions are therefore:
1. Can I rely on winbind to never delete mappings from its database?
I.e. if I've created its backend LDAP database myself, can I be sure
that those mappings won't ever need to be recreated?
2. I wonder if the 'idmap alloc' options would actually do what I want,
but I can't find a simple explanation of what alloc backends actually
do. Am I barking up the wrong tree thinking that an appropriate alloc
backend will do what I want?
Liam Gretton liam.gretton at le.ac.uk
HPC Architect http://www.le.ac.uk/its/
IT Services Tel: +44 (0)116 2522254
University Of Leicester, University Road
Leicestershire LE1 7RH, United Kingdom
More information about the samba