samba - Jul 2002 - do I need winbind ?

I'm going to implement ACLs with my Samba PDC that runs LDAP on
backend. Do I need to run winbind ? I've heard that winbind is mandatory
for ACLs to work, All my users and groups reside in LDAP database, hence
they have same names in bot Unix and Windows realms. Do I still need
winbind ?


	TIA.

> 	I'm going to implement ACLs with my Samba PDC that runs LDAP on
> backend. Do I need to run winbind ? I've heard that winbind is
mandatory
> for ACLs to work, All my users and groups reside in LDAP database, hence
> they have same names in bot Unix and Windows realms. Do I still need
> winbind ?
Winbind is for allowing the Unix system to recognize domain users
and groups when the account information is held on a Windows server.
Since your Unix system already recognizes the user accounts that your
Windows clients use, you do not need it.

Samba has some minor support for ACLs built-in, without additional
configuration options specified. If you open a shared folder's
Properties, you can access this from Windows NT/2000/XP.  But,
it is a strange mapping between Windows ACLs/attributes and Unix
owner, group, world permissions, and can be confusing to Windows
users.  By adding ACL support, the ACLs on the Unix/Samba shared
folders and files will act more like Windows NT/2000/XP ACLs.

Jay Ts
author, Using Samba, 2nd edition.

On Thu, Jul 25, 2002 at 09:27:01PM -0400, Yura Pismerov
wrote:
> 
> 	I'm going to implement ACLs with my Samba PDC that runs LDAP on
> backend. Do I need to run winbind ? I've heard that winbind is
mandatory
> for ACLs to work, All my users and groups reside in LDAP database, hence
> they have same names in bot Unix and Windows realms. Do I still need
> winbind ?
You don't need winbind for a PDC - the requirement for winbind is when we
are a member server.  (Without winbind on the member server it doesn't get
the SIDs right).

Andrew Bartlett