[Samba] How to keep idmapping, when Samba servers becomes part of a Windows AD from a larger organisation.

Hubert, Laurent Laurent.Hubert at USherbrooke.ca
Tue Nov 26 10:53:53 MST 2013


Since 2006, I used in my departement a Samba  solutions based on  NT4 style PDC, 2 BDCs and some files servers, desserving one hunderd persons. The backends for passwords and idd are a master and two slave openldap. Now i have to integrate a much larger organisation, an  University Hospital,   running with Windows AD. For political reasons, I should not maintain DCs anymore, but I will still maintain  Windows stations, Linux stations and Linux servers.  One point then is to see if  there is a way to keep the idmapping of users and groups I already have, in order to reduced interventions on file servers and stations to a minimum while migrating. For now, I dont know how to do it.  (Note : new users and groups may  have any Linux « id » we want)

One point here  is that  I succeeded to test the integration of  a samba member into the AD with  samba 4.x,  winbind and idmap config DOMAIN : backend = rid.  Now I want to go further and look for  a solution for this problem of keeping  idmaps of current users.   Is it possible to have a coherent configuration together for  /etc/ldap.conf, /etc/nsswitch.conf  and /etc/samba/smb.conf for this solution?

Thanks to help 
and warm thanks for Samba

Laurent Hubert, PhD
Professionnel de recherche
Administration de systèmes Linux, déploiement de solutions Open Source
Centre d'imagerie moléculaire de Sherbrooke
Centre hospitalier universitaire de Sherbrooke
819 346 1110 x 11836
pagette: 6475

More information about the samba mailing list