[Samba] Samba as member of multi domain AD (nss/pam)

steve steve at steve-ss.com
Thu May 24 02:36:51 MDT 2012

On 24/05/12 10:06, Marcel Ritter wrote:
> Hi list,
> I'm looking for someone out there, using samba as a member
> server in a multi-domain Active Directory forest (maybe even
> with nss_/pam_winbind for unix users/groups).
> It took quite a long time to get things working at all here, and we're
> still not really comfortable with our current solution (especially
> the unix nss/pam part).
> I'd be glad if someone out there was interested in exchanging
> information on that topic.
> So please don't hesitate to contact me, if you are :)
> Bye,
>     Marcel
Hi Marcel
Not as part of a multi domain no but we have bypassed winbind in favour 
of storing attributes in the directory instead of an external winbind 
mapping. It works fine using nss-pam-ldapd (I think this is libnss-ldapd 
and libpam-ldapd on Debian).

It not officially supported but it works a treat.

Cheers and hth a bit with your nss qn.

More information about the samba mailing list