[Samba] distributing samba users to the local systems
Xen
list at xenhideout.nl
Tue Jul 12 00:10:41 UTC 2016
I want to ask what is the most common approach, and most functional
smallest-subset-technology approach to achieving the following.
- a samba server is using different users for its clients and these
users are general unix users, owning files and whatnot on the fs.
- a linux system as client now wants to "import" the users from the
server without making them /fixed/ unix/passwd users on the local system
- the users need to be imported from a kind of directory service (ldap
or whatever) or perhaps "active directory" or whatever it might be, and
those extra virtual users are only valid for as long as the samba shares
themselves are valid and accessible.
Mind you, I know nothing about "active directory" or "domain
controllers" or what it might be. I also have very little understanding
of what "nsswitch" is and the documentation for it and the entire system
itself seems to be rather arcane.
It would require on the client:
- an additional source of local users that cannot actually be logged in
to, but only serve as user interface elements.
Perhaps these local users would need to be mapped onto random numbers or
something, but normally with unix extensions you see the raw numbers of
the users on the central system (server).
So either those numbers would need to be replaced by names at domain while
crossing the link and then mapped back to new numbers on the local
system, that has imported the names at domain, or you'd need to find a
fixed "range" of numbers for users that can stay fixed from system to
system.
I haven't even been able to get idmapping to work for NFS, it just won't
work. I was using a "static" file for that but the thing would never
read the static maps.
It would require on the server:
- a set of local users transformed into a directory service that clients
can import or know about.
Is this possible and what technologies would I need for it?
More information about the samba
mailing list