Hi Simon,
I thnik it is not the error in documentation (I don't know about which
chapter we are talking :)).
If you use winbdind authentication (+ idmap/ldap) only, you don't need
the NSS_LDAP.
But if you build a domain, where all user data is stored in LDAP, then
you may authenticate users (from *nix) directly to LDAP database - and
then you should use the NSS_LDAP (and Windows clients are using
(SAMBA)Domain authentication. .... And the Samba guides are more
explaining how to build the full Samba domain with LDAP backend.
About winbind*tdb. I have too such files and I think it is expected (it
speeds up resolving the id's). My setup with W2K as domain controller
and SAMBA servers with winbind+idmap_ldap works fine for ~2 year without
any trouble for 900 users (Thanks for Samba team!).
Gints
Gibbs, Simon wrote:
Hi Gints,
Changing nsswitch.conf from:
passwd: files ldap
group: files ldap
to
passwd: files winbind
group: files winbind
did the trick. Running getent passwd/group began populating LDAP and I can
search all the records using ldapsearch and slapcat.
Would this be an error in the documentation as (unless I was reading the
wrong section) it uses the ldap entries in it's example?
My one concern is that when winbind is stopped and restarted the
winbindd_idmap.tdb and winbindd_cache.tdb files are recreated and entries
are added. Would this be expected?
I guess I can test this today when I begin configuring a second node.....
Thanks for your help.
Simon
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
