I was doing some research on this a couple months ago for FreeBSD. FreeBSD's NSS implementation was designed just for small things like LDAP and the like. It wasn't fully implemented. As such, I was not able to find a way to implement the dynamic accounts that windbind provides. Hopefully this has changed, but from what I know, if there is no complete NSS implementation, then this is not possible -- AIX might be an exception. :( Anyone out there have any better news?
> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] > On Behalf Of > Roylance, Stephen D. > Sent: Tuesday, March 18, 2003 12:46 PM > To: [EMAIL PROTECTED] > Subject: [Samba] winbind on AIX > > > I'm trying to get Samba on AIX 5.1 to work in > appliance-like mode. I would > like NT domain users to get automatically and persistently mapped to > AIX/Unix users. This stuff seemed to work fine without > much effort on > Solaris 9, but AIX is a different story, and I'm new to AIX > as well. AIX > 5.1 doesn't use nss so winbind, in its current form, can't > work. I saw a > post from January that indicated winbind needed to be > re-expressed as an AIX > 'loadable authentication module', can anyone tell me how > much work that will > be, and if there is anyone working on it? > > Can someone point me to information on how smbd and > winbindd interact? How > does smbd ask winbind to map a new NT user that hasn't been > seen before? > How does smbd access the mapping from NT sid to Unix uid, > does it access > winbind's database directly somehow? I don't need to be > able to resolve the > Unix uid's corresponding to windows users from Unix. It is > OK that files on > samba shares appear only with numeric uids from unix. Is > there a mode where > smbd interacts directly with winbind, avoiding going > through the nss layer, > which doesn't exist on AIX? > > I've tried both 2.2.8 and3-alpha22 with pretty similar > results. I can > configure and run winbindd, wbinfo works, but smbd won't > authenticate NT > users unless they map to existing Unix users already in the > passwd file. > > Any guidance is appreciated, > Steve Roylance > > P.S.- A couple minor issues w/ 3-alpha22 > SWAT's http authentication doesn't seem to work correctly > in 3-alpha22. > I input a WINS server IP address and set WINS mode to > 'client of another > WINS server' on the wizard pane in swat. After I committed > the changes the > WINS server textbox contained a few high-ascii characters > instead of the > dotted-quad IP address. The IP address was correct in > smb.conf, however. > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
