I was doing some research on this a couple months ago for FreeBSD.
FreeBSD's NSS implementation was designed just for small things like
LDAP and the like. It wasn't fully implemented. As such, I was not
able to find a way to implement the dynamic accounts that windbind
provides. Hopefully this has changed, but from what I know, if there
is no complete NSS implementation, then this is not possible -- AIX
might be an exception. :( Anyone out there have any better news?
> -----Original Message-----
> From: samba-bounces+chris=digitaldeck.com@lists.samba.org
> [mailto:samba-bounces+chris=digitaldeck.com@lists.samba.org]
> On Behalf Of
> Roylance, Stephen D.
> Sent: Tuesday, March 18, 2003 12:46 PM
> To: samba@lists.samba.org
> Subject: [Samba] winbind on AIX
>
>
> I'm trying to get Samba on AIX 5.1 to work in
> appliance-like mode.  I would
> like NT domain users to get automatically and persistently mapped to
> AIX/Unix users.  This stuff seemed to work fine without
> much effort on
> Solaris 9, but AIX is a different story, and I'm new to AIX
> as well.  AIX
> 5.1 doesn't use nss so winbind, in its current form, can't
> work.  I saw a
> post from January that indicated winbind needed to be
> re-expressed as an AIX
> 'loadable authentication module', can anyone tell me how
> much work that will
> be, and if there is anyone working on it?
>
> Can someone point me to information on how smbd and
> winbindd interact?  How
> does smbd ask winbind to map a new NT user that hasn't been
> seen before?
> How does smbd access the mapping from NT sid to Unix uid,
> does it access
> winbind's database directly somehow?  I don't need to be
> able to resolve the
> Unix uid's corresponding to windows users from Unix.  It is
> OK that files on
> samba shares appear only with numeric uids from unix.  Is
> there a mode where
> smbd interacts directly with winbind, avoiding going
> through the nss layer,
> which doesn't exist on AIX?
>
> I've tried both 2.2.8 and3-alpha22 with pretty similar
> results.  I can
> configure and run winbindd, wbinfo works, but smbd won't
> authenticate NT
> users unless they map to existing Unix users already in the
> passwd file.
>
> Any guidance is appreciated,
> Steve Roylance
>
> P.S.- A couple minor issues w/ 3-alpha22
> SWAT's http authentication doesn't seem to work correctly
> in 3-alpha22.
> I input a WINS server IP address and set WINS mode to
> 'client of another
> WINS server' on the wizard pane in swat.  After I committed
> the changes the
> WINS server textbox contained a few high-ascii characters
> instead of the
> dotted-quad IP address.  The IP address was correct in
> smb.conf, however.
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  http://lists.samba.org/mailman/listinfo/samba
>