Alexander 'Leo' Bergolth
2009-Mar-09 21:37 UTC
[Samba] idmap_nss needed together with idmap_ldap?
Hi! In my samba controlled domain, most users are stored in an LDAP directory. The Unix boxes use nss_ldap but they also have a few local users (mostly system-users) whose user-ids are not synchronized. I've read the documentation about idmap_nss but I'm still not sure if this is needed for my setup. Will using idmap_nss in addition to idmap_ldap result in any benefit (e.g. when mapping local, non-ldap unix users)? I am thinking of a setup like: -------------------- 8< -------------------- idmap domains = NSS TRUSTEDDOMAINS # <is this needed?> idmap config NSS:backend = nss idmap config NSS:readonly = yes # </is this needed?> idmap config TRUSTEDDOMAINS:default = yes idmap config TRUSTEDDOMAINS:backend = ldap idmap config TRUSTEDDOMAINS:readonly = no idmap config TRUSTEDDOMAINS:ldap_url = ldap://127.0.0.1 idmap config TRUSTEDDOMAINS:range = 16777216-33554431 idmap alloc backend = ldap idmap alloc config:ldap_url = ldap://127.0.0.1 idmap alloc config:range = 16777216-33554431 -------------------- 8< -------------------- Thanks, --leo -- e-mail ::: Leo.Bergolth (at) wu-wien.ac.at fax ::: +43-1-31336-906050 location ::: IT-Services | Vienna University of Economics | Austria
Possibly Parallel Threads
- idmap ldap problems
- [obnox@samba.org: 3.6:idmap:Q2: get rid of (all/most) idmap alloc parameters for idmap_ldap ?]
- Problem with Samba-3.0.25rc3 & idmap_ldap (winbind dumps core)
- custom mail_location detection for dovecot lda
- SAMBA4 - Trusted relationship lost every Weeks
Wisdom of the Ancients
