According to the smb.conf man page in samba 3.0.28a, the only two
legal settings for 'winbind nss info' are 'template' and
'sfu':
---8<---
winbind nss info (G)
This parameter is designed to control how Winbind
retrieves Name Service Information to construct a
user's home directory and login shell. Currently the
following settings are available:
o template - The default, using the parameters of
template shell and template homedir)
o sfu - When Samba is running in security = ads
and your Active Directory Domain Controller does
support the Microsoft "Services for Unix" (SFU)
LDAP schema, winbind can retrieve the login
shell and the home directory attributes directly
from your Directory Server. Note that retrieving
UID and GID from your ADS-Server requires to use
idmap backend = idmap_ad as well.
Default: winbind nss info = template
Example: winbind nss info = template sfu
--->8---
However, it appears that 'rfc2307' is a kosher value, too. [1] Is
the smb.conf man page incorrect?
-David
[1] http://us1.samba.org/samba/security/CVE-2007-4138.html
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 David Eisner wrote:> According to the smb.conf man page in samba 3.0.28a, the only two > legal settings for 'winbind nss info' are 'template' and 'sfu': >...> However, it appears that 'rfc2307' is a kosher value, too. [1] Is > the smb.conf man page incorrect?Yeah. Man page needs to be updated. Thanks. I'll fix this. cheers, jerry - -- ====================================================================Samba ------- http://www.samba.org Likewise Software --------- http://www.likewisesoftware.com "What man is a man who does not make the world better?" --Balian -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFH6920IR7qMdg1EfYRAkOlAJ90W3/SOuG7OmzAMB72AjuqsSF0hACfSKJc qtk+9cS/B8K8VtliTAg0Io0=6zJu -----END PGP SIGNATURE-----