On 03/11/2009, at 12:24 PM, Erin O'Meara wrote:
I have Installed an OpenBSD 4.6 Server with Samba + Active Directory
+ Cups.
The OpenBSD Server is a Member Server in the Active Directory and
Everything
is working great.
I have read about automatic ID mapping using Winbind. I realize that
OpenBSD
does not have Windbind, is there a way to have the Samba server
automatically create or map local accounts so I don't have to create
user on
the OpenBSD server for every Active Directory User.
I have search with no luck, can anyone point me in the right
direction. I
feel the answer is right in front of me but I'm missing it.
i was looking into this recently.
the solution i came up with was to populate AD users with the rfc2307
attributes, basically assigning them unix user ids, shells, homedirs
etc centrally in the directory. i then used ypldap to make the openbsd
box aware of the AD users with those attributes.
samba could then do its authentication for users against an AD server,
and used the parameters from ypldap to map those users back to the
local machine.
if you want to provide shells for AD users, you can use the login_ldap
or login_krb5 stuff to handle the auth.
winbind isn't necessary.