[Samba] Does anybody use idmap_adex?

Gerald Carter jerry at plainjoe.org
Mon Jun 28 09:24:13 MDT 2010

On 06/28/2010 10:13 AM, simo wrote:

>> There's some confusion here.  The idmap_adex() doesn't have
>> anything to do with Likewise Cells.  It's just an rfc2307
>> idmap module with support for domain trusts.  The comments
>> in the code are misleading only because it was derived from
>> my original code at Likewise.
>> That said, if no one is using it, my suggestion is to remove
>> it on the basis that it is currently unmaintained.
> Jerry, are there other modules that would allow us to do one way trust
> while keeping info on AD ?

Hey Simo,

The idmap_adex trust support was for cross-forest transitive

You can't do one-way trusts like this anyways (neither does
idmap_adex).  The one-way trust support is (was) in winbindd
core code and made use of the rpc SID/Name translation.
You just can't obtain any attribute information from the
wrong side on a one-way trust.

cheers, jerry
Director of Engineering                      http://www.likewise.com/

More information about the samba mailing list