[Samba] winbind and existing UIDs
liam.gretton at leicester.ac.uk
Thu Feb 4 09:47:23 MST 2010
On 04/02/2010 15:00, Gaiseric Vandal wrote:
> On 02/04/10 04:07, Liam Gretton wrote:
>> What I've done to get round this is to use the ldap backend for
>> winbind, and create the mappings myself. This seems to work perfectly
>> well but I can't believe there's not a means within winbind to use the
>> account username to look up UIDs from an existing range.
> It looks like from the Samba how to documentation that you might want to
> use the RID backend- which would use the Active Directory to store the
> IDMAP info instead of a standalone LDAP server.
As I understand it, that will just derive a new UID from the RID. I need
winbind to use existing UIDs. Also, writing anything back to the AD is
probably out of the question in our environment.
> Also, MS Services for Unix uses relies on unix attributes - I don't
> think it has to expand the schema when installed. But if you install it
> it may give you the option to tweak the uid.
Installing SFU isn't an option, unfortunately.
> I would want to point out that under Sun's Samba 3.0.3x release I have
> had a lot of problems with domain trusts with a Windows 2003 server
> (mixed mode) and the idmapping cache- even with idmapping in LDAP. The
> PDC and one BDC are running 3.0.3x. I have a 2nd BDC running Samba
> 3.4.x (compiled from source) which seems to handle this a lot better.
I've only been testing so far but haven't encountered any problems yet
with 3.0.34 and 3.0.37. Doesn't mean I won't at some point though!
Liam Gretton liam.gretton at le.ac.uk
HPC Architect http://www.le.ac.uk/its/
IT Services Tel: +44 (0)116 2522254
University Of Leicester, University Road
Leicestershire LE1 7RH, United Kingdom
More information about the samba