[Samba] How to keep idmapping, when Samba servers becomes part of a Windows AD from a larger organisation.
Laurent.Hubert at USherbrooke.ca
Tue Nov 26 10:53:53 MST 2013
Since 2006, I used in my departement a Samba solutions based on NT4 style PDC, 2 BDCs and some files servers, desserving one hunderd persons. The backends for passwords and idd are a master and two slave openldap. Now i have to integrate a much larger organisation, an University Hospital, running with Windows AD. For political reasons, I should not maintain DCs anymore, but I will still maintain Windows stations, Linux stations and Linux servers. One point then is to see if there is a way to keep the idmapping of users and groups I already have, in order to reduced interventions on file servers and stations to a minimum while migrating. For now, I dont know how to do it. (Note : new users and groups may have any Linux « id » we want)
One point here is that I succeeded to test the integration of a samba member into the AD with samba 4.x, winbind and idmap config DOMAIN : backend = rid. Now I want to go further and look for a solution for this problem of keeping idmaps of current users. Is it possible to have a coherent configuration together for /etc/ldap.conf, /etc/nsswitch.conf and /etc/samba/smb.conf for this solution?
Thanks to help
and warm thanks for Samba
Laurent Hubert, PhD
Professionnel de recherche
Administration de systèmes Linux, déploiement de solutions Open Source
Centre d'imagerie moléculaire de Sherbrooke
Centre hospitalier universitaire de Sherbrooke
819 346 1110 x 11836
More information about the samba