[Samba] making manual idmap mapping
Rowland Penny
rpenny at samba.org
Wed Sep 28 13:57:07 UTC 2016
On Wed, 28 Sep 2016 09:07:55 -0400 (EDT)
Paul Raines via samba <samba at lists.samba.org> wrote:
>
> I am being forced by the upper management to tie our Linux system
> logins to the corporate Windows Active Directory accounts. The
> problem is our UNIX accounts do not match our corporate AD
> accounts in either name or underlying UID. For just plain
> Linux login I solved this issue using OpenLDAP with SASL PassThru
> so I can set my 'raines' user password in LDAP to be "{SASL}per2"
> where per2 is my corporate account.
>
> This does not help though with SAMBA. I was hoping there was a way
> to use samba idmap/winbind such that when someone logins into samba
> on one of my Linux boxes configures to use our corporate AD realm
> with say the 'per2' account it remaps that user to 'raines' in
> file operations on the box. Is there a way to do this with the
> idmap ldap backend by manually editting each user record there
> with the right mapping? I can find no examples of this.
>
>
Read the 'username map' portion of 'man smb.conf'
Rowland
More information about the samba
mailing list