Yes, configure your nsswitch and your libnss to query your LDAP server and you will get your LDAP accounts as UN*X accounts.
Thanks for your reply. Are you essentially suggesting me to replace my /etc/passwd authentication completely with with LDAP backend? I know about this possibility, but I have two issues with it: 1) I am not sure if this is going to work for the "root" and a couple of other (not related to Samba) UN*X accounts that do not exist on the LDAP server. Or will such accounts be untouched and continue to be working from /etc/passwd file? 2) Also, the LDAP idea is generally not that great because, as I said in my previous post, my intention is to replace ANY samba user who is mapping the share with the same UN*X account (that does not exist in LDAP database). Like this: "user1", "user2", etc. are auhenticated by Samba (via ADS/LDAP) and become the same "samba_user:samba_group" for the actual file operations through the "force user" and "force group" directives. The "samba_user" exists only in /etc/passwd and not in LDAP database and that is the way I want it. What I want to avoid is having "user1", "user2", etc. in my /etc/passwd file because they are NOT needed for any authentication or permissions settings. In another words, why is there a need to have "user1", "user2" locally *at all* if I use "force user/force group" directives for permissions settings and LDAP for password checking? -- Regards, A\N -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
