thr3ads.net - samba - [Samba] How to use ldapsam backend without storing any user SID? [Jan 2005]

If this information is useful, please help other people find it:
Share via:

Dominique Petitpierre

2005-Jan-27 15:32 UTC

[Samba] How to use ldapsam backend without storing any user SID?

Hello,

When Samba is configured to use smbpasswd as a backend,
it uses an algorithm to construct SIDs from uid/gids.
The SIDs are not stored anywhere.

But when ldapsam is used as a backend,
without changing anything else to the configuration,
a SID *has to* be stored in the entry of each user.
I don't need nor want that.

- Is it possible to have a LDAP backend but still use
the algorithm to construct SIDs? How?

You'll find below the complete [global] section
of the smb.conf used by samba 3.0.10
(on Mandrake Linux 10.1).

Thanks in advance!

Mr Dominique Petitpierre       Email: User@Domain
Division Informatique                 User=Dominique.Petitpierre
University of Geneva                  Domain=adm.unige.ch

Annexe: complete [global] section of the smb.conf
[global]
         workgroup = VPNGROUP
         server string = Samba Server %v
         passdb backend = ldapsam:ldaps://foobar.unige.ch
         log level = 3 passdb:5 auth:10 winbind:2
         log file = /var/log/samba/log.%m
         max log size = 50
         socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
         domain logons = Yes
         local master = No
         dns proxy = No
         ldap admin dn = cn=admin,ou=foobar,dc=unige,dc=ch
         ldap group suffix = ou=Group
         ldap idmap suffix = ou=Idmap
         ldap machine suffix = ou=Hosts
         ldap suffix = dc=unige,dc=ch
         ldap user suffix = ou=People
         hosts allow = 127.0.0.1, 192.168.

Gerald (Jerry) Carter

2005-Jan-31 13:58 UTC

head link

[Samba] How to use ldapsam backend without storing any user SID?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Dominique Petitpierre wrote:
| Hello,
|
| When Samba is configured to use smbpasswd as a backend,
| it uses an algorithm to construct SIDs from uid/gids.
| The SIDs are not stored anywhere.
|
| But when ldapsam is used as a backend,
| without changing anything else to the configuration,
| a SID *has to* be stored in the entry of each user.
| I don't need nor want that.
|
| - Is it possible to have a LDAP backend but still use
| the algorithm to construct SIDs? How?

Not currently.




cheers, jerry
====================================================================Alleviating
the pain of Windows(tm)      ------- http://www.samba.org
GnuPG Key                ----- http://www.plainjoe.org/gpg_public.asc
"I never saved anything for the swim back."     Ethan Hawk in Gattaca
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFB/jlNIR7qMdg1EfYRAmqAAJ47zbl5kJt1dnLAmV1EBlfbaAJrpwCgtZgE
Z/JvByAanAQrwofL311RXcY=ApOE
-----END PGP SIGNATURE-----

Maybe Matching Threads

Search for more seemingly similar threads

samba - Jan 2005 - How to use ldapsam backend without storing any user SID?

[Samba] How to use ldapsam backend without storing any user SID?

[Samba] How to use ldapsam backend without storing any user SID?

Maybe Matching Threads