[Samba] is winbind needed if i provide unix attributes?

Angel Bosch abosch at cilma.net
Thu Jan 19 13:59:42 MST 2012

> We're running s3/LDAP with uid:gid, shell and home directory all in 
> LDAP. No winbind anywhere.

is this the only samba server? do you have any samba server as member of that one?

anyway, i've read more carefully the docs and found that(1):

"it stores mappings between UNIX UIDs, GIDs, and NT SIDs. This mapping is used only for users and groups that do not have a local UID/GID"

so i can assume that local unix attributes are always looked first and winbind is used only if that first resolution fails. the key is that "local" here means any account seen by NSS (getent passwd), for example LDAP.

i found much more usefull and even easy to configure NSS/PAM against LDAP than winbind, but in the docs(2), when talking about adding members, it seems that winbind is the only way to go.

i think it would be really usefull that official docs provides an example of this other kind of setup.


1 - http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/winbind.html
2 - http://www.samba.org/samba/docs/man/Samba-Guide/unixclients.html

More information about the samba mailing list