[Samba] LDAP: Mixing local and LDAP-Users
Gaiseric Vandal
gaiseric.vandal at gmail.com
Tue Oct 4 13:17:59 MDT 2011
On 10/04/2011 01:21 PM, Felipe Augusto van de Wiel wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> On 04-10-2011 04:16, Daniel Müller wrote:
>> When you use LDAP?! Why do you need local users and ldap users?
>> Just you need LDAP that’s all.
> I'm pretty sure different networks have differents demands.
>
> This is not "one rule fit them all".
>
> Kind regards,
> - --
> Felipe Augusto van de Wiel<felipe.wiel at hpp.org.br>
> Tecnologia da Informação (TI) - Complexo Pequeno Príncipe
> http://www.pequenoprincipe.org.br/ T: +55 41 3310 1747
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.11 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iQIcBAEBCgAGBQJOi0CdAAoJECCPPxLgxLxPRoEP/Rk3cGxiHjKSoIG4RZfWICAL
> HcjT1L+tjpsUswgjupVnN4xQT5tAG92BfUoQJ0Qtw9ZMSjW3JOnGsp2BHfhAehrZ
> 7dZ+vsKjFSNrK2HmfCIQUiIxe1RZ5Gipsp7IVtJMEtUfQYah2bMdLp78JyGDEERT
> ojMc97DWhRL1do2bE1MnNCVDU5o93OdZzEIAOo5jhj3yjqsGxnqnzPAy9TMvfpDD
> RIeCFlM6jKHvlrHfUmgQAA7b83MS7tPSAQoJTxAPVmXW98JeAuhhAfGPoowd5K+d
> xoHCaGwLrbhBvCJmWogos/yXPPwXs3g72Dn2tBwbWUZd6YtsZzEb1Gdv4umq/G1m
> UZMkafPjRPGjo45MeqOFiH/W1HuUB/FjYi5oRbPVzyYwalPexl+Jh3dgBxq0tB3B
> MM2gmCu+v3S+PFbB6mDa3Z2S9yiRUY2eQZQvgfwvlGb2Bssdclj5adQBu/Y9GvWi
> W+IeDtHxMWu7G0M0XLNg/oHWLNSOE4XkQceSu6G6T6BnkgCGM2PkXY+hP3JY4epf
> 2Y2J65eY08L8nnpQkDL3oSrvaEc8+YuvM174E0mq/WPenoDcdBWVta1ixXOeVcqi
> zq3RqPtZzulqYeTv4iWgYjN1TMToWlyHcxQmDD37RAUIRvtvlhDLSqTvKIw1DTGD
> 75OXG/sYRLlWSkRFSLkC
> =HJdF
> -----END PGP SIGNATURE-----
Windows OS domain members will at least have a local Administrator
account. I have two member servers and two DC's. All use LDAP for
unix backends. One member server uses TBD backed for the one local user
(Administrator) - though the unix account for the Administrator is
actually the same as the domain Administrator. It also uses tbd for
group mappings. The 2nd member server does not have any local samba
accounts or groups. The samba shares are pretty open since we rely on
the local unix permissions for security, and set them via unix not
windows. But if I wanted to manage perms from windows clients I would
probably need to define the local Administrator user, local Admins
group, and local users group.
More information about the samba
mailing list