On Friday 04 March 2005 11:30, Samba wrote: > I disagree. According to the Release Notes the idmap_rid does NOT > require an LDAP server. The way I understand it is uses the last part > of your SID to derive what your UID will be, thus you will have > consistancy across your Sambas.
Correct. The idmap_rid facility uses the RID as the UID. > > I compiled my samba the same way and it is working however I am > encountering problems with the winbind daemon while in this mode. I > have submitted another topic on this problem. Please check the documentation in the chapter I added to the Samba-HOWTO-Collection that is available on the Samba web site. If you have a large number of users or groups it is necessary to disable winbind user and group enumeration - otherwise performance issues will eat sambas' heart out. :) NOTE the above point please. In a site with a single domain and around 20,000 users user and group enumeration would kill the ability to use idmap_rid. With these turned off everything seems to work OK. > > Did you setup your /etc/nsswitch.conf file ? From the posting I am guessing the original poster had done that. - John T. > > Josh > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > Paul Gienger > Posted At: Friday, March 04, 2005 8:39 AM > Posted To: Samba > Conversation: [Samba] idmap backend problems > Subject: Re: [Samba] idmap backend problems > > >After reading the docs, I get the impression that I should use a idmap > >backend to have consistent uid's. Am I correct? > > Not so much, you're on the right path tho. The idmap is primarily to > give a mapping between unix uids and windows SIDs when the users come > from an AD system or something of that nature. Basically if you don't > have real unix users you use winbind and idmap to get it done... if I > understand correctly. I don't use either. > > >I don't have an LDAP server, and I'd prefer not to add another service > >to the chain, so I recompiled samba with > > That's essentially what you need to do unfortunately. You need to store > the mapping someplace globally accessable for both machines to read it. > > I see the light bulb going off in your head WRT storing the idmap file > on an nfs mount or some other shared filesystem, don't do it, it won't > work. > > -- > Paul Gienger Office: 701-281-1884 > Applied Engineering Inc. > Systems Architect Fax: 701-281-1322 > URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/listinfo/samba -- John H Terpstra Samba-Team Member Phone: +1 (650) 580-8668 Author: The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556 Samba-3 by Example, ISBN: 0131472216 Hardening Linux, ISBN: 0072254971 Other books in production. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
