[Samba] move to Idmap with ldap
Caleb O'Connell
caleb at privacyassociation.org
Thu Nov 10 10:59:47 MST 2011
I have a functioning samba & ldap setup. I'm using smbldap-tools and I want
to move to using Idmap as a backend.
Currently Ldap looks like:
dc=domain,dc=org
+--ou=Computers,dc=domain,dc=org
-- --uid=name$,ou=Computers,dc=domain,dc=org
+--ou=Groups,dc=domain,dc=org
-- --cn=group,ou=Groups,dc=domain,dc=org
+--ou=Idmap,dc=domain,dc=org
+--ou=Users,dc=domain,dc=org
-- --uid=name,ou=Users,dc=domain,dc=org
Currently Idmap is empty, and all the other entries hold computer accounts,
user accounts and group listings as expected.
I have all the built in accounts in Users and Groups.
Looking at the configs on the samba wiki for Idmap, it doesn't look like I
have to do much to move over.
What goes in the Idmap container? do I have to move the users, computer and
groups under that entry? Do new users get created within that container?
I couldn't find a howto for specifically what I'm looking for.
Any advice would be great, thanks.
More information about the samba
mailing list