Re: [Samba] Description of LDAP-attribute sambaSIDList

[Daniel Wilson]

So does this mean that everyone for example in GroupA could then also be 
a member of GroupB if you added GroupA's SID into GroupB's 
sambaSIDList...if so this would help us out soooo much as then we dont 
need to keep adding people into multiple groups!

could you give me the syntax so i can update my schema file (were using 
Sun Directory Server 5.2 as our LDAP backend...)

Regards
Tony Earnshaw wrote:
Matthias Eichler wrote:
[...]
We all can read.  But sometimes we need others to help us to 
comprehend what
it is that we are looking at.  Have you considered that the OP is 
asking you
for help to understand what it is he is looking at????  Not how to 
look at
it. 
Regards Geoff Scott

Ok, maybe I am just not really pointing at my problem:
The post said
---cut---
sambaSIDList
Description:    Security ID List
Usage:  User applications
---cut---
and that it may be used in sambaGroupMapping-objects.
Well, ok, I can list SIDs with this attribute in a Groupmapping,
but what for?!? The group-object itself has a gidnumber for the
unix side and a sid to map this for windows.
For what do I need the sambaSIDList-attribute then?!? I really
cant figure out what meaning "User applications" should have here
for me.

Well, in a Norwegian language Samba-LDAP howto by Hallvor Engen 
(http://www.kvarteret.no/etjenesten/e-dok/howtos/howtos/ldap-howto.html) 
it says:

"All Unix groups in LDAP can become Unix groups and vice versa. The most 
important point to recognize is that certain accounts (Domain Admins, 
Domain Users and Domain Guests) must /always/ exist, that one uses the 
attribute sambaSidList instead of the memberUid entries in order to list 
the members, and that both groups and users may be present in such a list."

Using a GUI tool such as GQ helps both to visualize this and to see what 
objectClasses contain what attributes (and the other way around).

[...]
--Tonni.
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Daniel Wilson
Systems Administrator
IT & Communications Service
University of Sunderland
Unit 1a Technology Park
Chester Road
Sunderland
SR2 7PT
Tel: 0191 515 2695
This e-mail contains information which is confidential and may be 
privileged and is for the exclusive use of the recipient.
It is the responsibility of the recipient to ensure that this message 
and its attachments are virus free.
Any views or opinions presented are solely those of the author and do 
not necessarily represent those of the University, unless otherwise 
specifically
stated.

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba