[Samba] Configuring idmap backends
swazup at gmail.com
Thu Apr 5 15:22:23 MDT 2012
I am playing with samba 3.6 and am wondering what is the best method for
configuring an LDAP idmap backend?
I would like my system to work with both local users, AD users, and AD
users that already have unix attributes.
I also have multiple trusted domains. So users could be cross-forest or
Would something like the following work for this setup?
ldap admin dn = CN=IdmapAdmin
idmap config * : range = 1 - 1000
idmap config * : backend = tdb
idmap config ALLDOMAINS : backend = ldap
idmap config ALLDOMAINS : range = 1001-2147483647
idmap config ALLDOMAINS : ldap_url = ldap://localhost
idmap config ALLDOMAINS : read only = yes
Is ALLDOMAINS a valid entry to say "all trusted domains" or do I need to
list each and every trusted domain in a separate idmap config?
Also is the ldap admin a global setting that will work with the idmap
backend when set to ldap, or do I also need to set
idmap config ALLDOMAINS : ldap_user_dn = CN=IdmapAdmin
More information about the samba