Markus Krause
2007-Apr-04 07:28 UTC
[Samba] SambasSID with 1 ldap-server and 3 samba-servers
hi list!
we are storing our user data in one central ldap database. to handle
the big amount of data (some hundred terabytes) we are using currently
3 samba servers (called cindy01, cindy02 and cindy03 , and more to
come!) which (of course?) have diffrent SIDs. right now the
credentials are stored in identical smbpasswd files on every samba
server but we want to migrate wo ldap. the problem i see is that in
ldap i can only store one SambaSID per user, so which SID should i
take? the last part of the SambaSID (from unix uid) would be the same
for all samba servers, but what about the leading part?
we do not need any domain controller functionality, our users just
mount their samba shares. is it possible to use only on SID on all
samba servers or what would be the side effects?
thanks in advance for any hints!
regards
markus
+-----------------------------------------------------------------+
| Markus Krause, Mogli-Soft |
| Support for Mac OS X, Webmail/Horde, LDAP, RADIUS, MySQL |
| by order of the |
| Computing Center of the Max-Planck-Institute of Biochemistry |
+--------------------------------+--------------------------------+
| E-Mail: krause@biochem.mpg.de | Tel.: 089 - 89 40 85 99 |
| markus.krause@mac.com | Fax.: 089 - 89 40 85 98 |
| Skype: markus.krause | iChat: markus.krause@mac.com |
+--------------------------------+--------------------------------+
----------------------------------------------------------------------
This message was sent using https://webmail2.biochem.mpg.de
If you encounter any problems please report to rz-linux@biochem.mpg.de
Bert Burgemeister
2007-Apr-04 08:18 UTC
[Samba] Re: SambasSID with 1 ldap-server and 3 samba-servers
> the last part of the > SambaSID (from unix uid) would be the same for all samba servers, but > what about the leading part?I guess this is why you need a PDC so I suggest what works for me: Set up a Samba PDC, using LDAP. Have the other severs get unix user credentials from PDC via winbind. Now SIDs are consistent on all servers. If you need consistent Unix uids as well use an Ldap Idmap which is accessed by all your servers. Bert