Hi, Just rejoined the list after many happy years of using samba in a production enviroment.
I'm having problems getting my head around samba 3.0, or specifically, the UID/GID/SID mapping. I've been RTFM'ing but am still uncertain about the best way to go... I have a Win 2003 controlled ADS domain with five thousand users and just over a thousand groups. Users and groups (users and most groups have identical names) are also in Unix /etc/passwd and /etc/group files. Users access the Unix servers via ssh, and NFS as well as (currently) samba 2. Passwords are authenticated against ADS/Kerberos. I'm happy to write some sort of script that pulls data out of the ADS (via LDAP) and regenerate some UID/GID/SID map somewhere. But after RTFMing it looks like I should: 1) Set up an OpenLDAP server just to handle the sambaSamAccount UID<-->SID mapping. This is OK but a bit strange as (it seems to me) this info already in the ADS LDAP server. 2) If I go with the OpenLDAP server, do I also use it to map the GID<-->SID as well? There is an objectclass "sambaGroupMapping" in samba.schema that looks like this is what I should do, but as well as the point made in 1) there doesn't seem to be anything in the how-to about this. 3)the objectclass "sambaDomain" - I can't seem to find out what this is for. Any pointers appreciated! Thanks Eddie -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
