samba - May 2011 - Connecting to AD and OpenLDAP

We are trying to connect a file server to our AD for sid info, while 
trying to use our OpenLDAP server for uid, gid and other posix info. Is 
there any way to do this? We already have uids, gids, and sids so we 
can't dynamically create them.

From: Neil L Thackeray <neilt at illinois.edu>
Date: Tue, 03 May 2011 12:34:00 -0500
> We are trying to connect a file server to our AD for sid info, while 
> trying to use our OpenLDAP server for uid, gid and other posix info. Is 
> there any way to do this? We already have uids, gids, and sids so we 
> can't dynamically create them.
Though I do not try to work, simply to join AD without Winbind and set
nss_ldap correctly to resolve uid and gid will be what you want?

---
TAKAHASHI Motonobu <monyo at samba.gr.jp>

security = ADS
realm = REALM.COM
idmap backend =  ldap:ldap://ldap.realm.com
idmap uid = 15000-675000
idmap gid = 15000-675000

This does most but not all of what you want.
ldap provides sid mapping.
Issues are 
idmap gid constantly increases if set to automatically map, doesn't sound
like you need this.
other posix info, you would need to play with nsswitch and pam to see if you
could make it work.

I am leaning to populating AD unix extensions and getting rid of LDAP myself.

On May 3, 2011, at 1:34 PM, Neil L Thackeray wrote:
> We are trying to connect a file server to our AD for sid info, while trying
to use our OpenLDAP server for uid, gid and other posix info. Is there any way
to do this? We already have uids, gids, and sids so we can't dynamically
create them.
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba