[Samba] Samba as AD member & without winbind...

Rowland penny rpenny at samba.org
Fri Oct 30 11:39:56 UTC 2020

On 30/10/2020 11:20, Ralph Boehme wrote:
> Am 10/30/20 um 12:11 PM schrieb Rowland penny via samba:
>> On 30/10/2020 11:06, Ralph Boehme via samba wrote:
>>> Am 10/30/20 um 10:20 AM schrieb Thomas Besser via samba:
>>>> Can I configure winbind to use 'local' users and groups from NSS?
>>> there's idmap_nss that may work for you.
>>> -slow
>> Already mentioned that, problem is it is an allocating backend, unless I
>> am reading the manpage wrong.
> ah, missed that. :)
> idmap_nss is not an allocating backend, I guess the manpage text might
> be a bit misleading.
> -slow
A bit ?

'while using allocation to create new mappings'

I have never used this backend, but what you are saying is that it will 
use the SID from AD  and map this to a Unix user or group. For the OP 
this would probably entail creating Unix users & groups with the 
uidNumber or gidNumbers from LDAP. If this is the case, you might just 
as well add these *idNumbers to AD and use the winbind 'ad' backend.


More information about the samba mailing list