[Samba] Multiple winbind idmap stanzas?

Rowland Penny rpenny at samba.org
Fri May 6 14:02:48 UTC 2022

On Fri, 2022-05-06 at 13:33 +0000, Vaughan, Robert J via samba wrote:
> Hello everyone
> Is it possible to have multiple winbind idmap stanzas (if that is the
> right word) in the smb.conf such that one domain can be split amongst
> different backends (unique ranges of course)?


> For example, if I wanted to use ad or rfc2307 for most of my users
> but also wanted to use a local passwd file for a shared account where
> we want different passwords on different servers?

You have described it fairly well, do not create the user in AD, just
create the user on each server with a different password.
> How do you tell winbind to use a local passwd file - is that backend
> nss?

You don't really, it would entail setting up a trust between the local
domain and AD and I don't think this is possible.


More information about the samba mailing list