On Mon, 29 Dec 2003, Craig White wrote:
> as long as I'm showing my ignorance here...the How-to doesn't
exactly
> make this clear to me, I'm not all that bright...
>
> It would appear that if using LDAP and authentication for PAM is
> properly working and that all of the uid/cn's and other necessary
fields
> for objectclass for both sambaSamAccount & posixAccount are within the
> same record that there isn't really any need for id mapping/group
> mapping or even winbind.
>
> Am I missing something here?
You are! :)
The group membership will be stored in LDAP groups entries.
The "net groupmap" stuff will live in LDAP, but mappings are still
applied.
Winbind is essential to handle SIDs from foreign domains, as well as from
workstations that are not domain members.
- John T.
--
John H Terpstra
Email: jht@samba.org