Am 18.02.2010 18:23, schrieb Jordan Brown: > > > Florian Manschwetus wrote: >> Am 18.02.2010 17:05, schrieb Jordan Brown: >>> Florian Manschwetus wrote: >>>>> Just add 'ad' to the end of the passwd and group lines >>>>> in /etc/nsswitch.conf: >>>>> >>>>> passwd: files nis ad >>>>> group: files nis ad >>>> Uhm does this method support directory based mapping? Afaik it is only >>>> for generated mapping usable currently. >>> I don't know of any restrictions on the kinds of mapping supported by >>> nss_ad. It makes the usual calls to idmap. >>> >> And here we come to the problem idmap himself requires for directory >> based mapping unixusers and the corresponding ad user, so it is obvious >> where it comes to some pain. > > I'm sorry, I don't follow. Could you elaborate? > Directory based mapping looks for the unix attributes of a user in AD but it seems not able to enumerate them, so if there is no unix user there is nothing mapped (or a generated mapping is used, not the numeric uid from ad)
Florian
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ cifs-discuss mailing list cifs-discuss@opensolaris.org http://mail.opensolaris.org/mailman/listinfo/cifs-discuss
