Hi Mike, Thank you for your response.
It makes sense to me. And your solution is exactly as I have done it so far. However, there still is one problem to be solved. When I have defined the groups I wish to use for Samba in the ldap database, then I still need to know how to handle existing (unix) users. When my passd backend is the ldap database, I will have to add them in there too (for their password), right? But when I do this, they are assigned a new uid and gid number. I can't figure out how to solve this. The user has to be in ldap for his ntpasswd, home directory, profile directory, etc. Is the only option to add a new username for samba purposes only? Weird...... Eddie. ----- Original Message ----- From: "Mike Brady" <[EMAIL PROTECTED]> To: "Eddie Lania" <[EMAIL PROTECTED]> Sent: Saturday, September 28, 2002 11:25 AM Subject: Re: Groups in ldap and /etc/group? > Eddie > > I have been through this and think that I understand it, so here goes. > Someone correct me if I am wrong. > > First of all, as of 3.0Alpha19 (I haven't looked at 20 yet) Samba does not > store group data in LDAP as such. Samba Groups (meaning NT Domain and local > Groups) are mapped to Unix groups using the smbgroupedit command. > > The Unix groups may be stored where ever /etc/nsswitch.conf says they are > (files, LDAP, NIS, ...). The smbldap-groupadd.pl script is actually adding a > Unix group, not a Samba group. So, for Samba to use the Unix groups that you > have added in LDAP you first need to install and configure nss_ldap. You > then need to use smbgroupedit to map the Samba group to the Unix group. > > I hope that that all made sense. > > By the way the documentaton for smbgroupedit is way out of date. Have a > look at the source for the actual options. > > Mike > > On Sat, 28 Sep 2002 18:37, Eddie Lania wrote: > > Hello, > > > > Using smbgroupedit, should I link groups to ldap groups, those in > > /etc/group (if I also would define them in there) or both? > > Or none? (If using ldap) > > > > Eddie. >
