-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
[EMAIL PROTECTED] wrote:
Eric,If there's a better way to do it, let me know -- I couldn't find anything so I rolled my own and I'd like to offer back the solution to anyone else who needs it. I'm aware that perhaps in the future Samba will use an algorithm based UID to GID mapping making this setup unnecessary.
Thanks for passing thsi along.
There are 2 official solutions for this sceanrio in Samba 3.0
(a) store the uid/gid mappings in LDAP for access by multiple
winbindd installations. or
(b) Have existing UNIX accounts for windows users, run winbindd
and set 'winbind trusted domains only = yes'.Solution (a) does not require pam_ldap or nss_ldap or any support for the RFC2307 schema so you don't have to migrate to from NIS -> LDAP for this.
And note that (b) only works for users/groups in the domain to which the samba server is joined.
cheers, jerry ---------------------------------------------------------------------- Hewlett-Packard ------------------------- http://www.hp.com SAMBA Team ---------------------- http://www.samba.org GnuPG Key ---- http://www.plainjoe.org/gpg_public.asc "If we're adding to the noise, turn off this song" --Switchfoot (2003) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD4DBQFAAtMiIR7qMdg1EfYRAh+qAJdvmFHaS6nk4OInPxCgrItMkw/sAJ9V21jk HHqK07+BLfSUCZmVSGUt1w== =I64W -----END PGP SIGNATURE-----
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
