[Samba] idmap confusion
Gémes Géza
geza at kzsdabas.hu
Fri Aug 3 05:39:49 MDT 2012
2012-08-03 13:07 keltezéssel, steve írta:
> Three unfathormable questions:
> 1.
> What's the difference between:
>
> idmap_ldb : use rfc2307 = Yes
It is a samba4 winbind setting, so you need it on the Samba4 AD
controller only
> and
> idmap config * : backend = ad
the correct form is:
idmap config SOMEDOMAINNAME : backend =ad
and instructs the winbind from the samba3 suite to look up the uids gids
from AD for accounts in SOMEDOMAINNAME
>
> 2.
> Do the terms in (1) above apply equally to Samba4 beta6 and Samba 3.6.3?
>
> 3.
> If I specify either in (1) then
> idmap config : range = abc-xyz
> becomes meaningless.
No. With idmap_ad you map all not specifically configured domains using:
idmap backend = tdb
idmap uid = some uninteresting range
idmap gid = some uninteresting range
then for each DOMAIN you want to get the idmap information from the AD,
you specify:
idmap config INTERESTINGDOMAIN1 : backend = ad
idmap config INTERESTINGDOMAIN1 : range = first range
idmap config INTERESTINGDOMAIN2 : backend = ad
idmap config INTERESTINGDOMAIN2 : range = second range
and so on.
>
> Cheers,
> Steve
Regards
Geza
More information about the samba
mailing list