[prev in list] [next in list] [prev in thread] [next in thread] 

List:       pamldap
Subject:    [pamldap] Fwd: Replacing AD nss_ldap and pam_ldap with samba 3, winbind and XAD OSS Plugins?
From:       Dietrich Streifert <dietrich.streifert () visionet ! de>
Date:       2003-08-12 8:29:23
[Download RAW message or body]

Hello list!

I recently read a little bit further into Samba 3.0 docs and
especially the winbindd and the corresponding name service modules.

Winbind is able to get all we need to set up naming and authentication through
ActiveDirectory. In the standard version it lacks the retrieval of
uidNumber and gidNumber from AD. This is done by the idmap part of
winbind.

I created an enhancement issue in the Samba Bugzilla:

https://bugzilla.samba.org/show_bug.cgi?id=242

I got the answer that there is an idmap plugin (?) in the XAD platform/project at PADL
which does exactly what we need. The idmapper module does the
retrieval of uidNumber and gidNumber from the user and group objects
in ActiveDirectory:

http://www.padl.com/Research/XAD.html

The plugins source is downloadable from here:

http://www.padl.com/download/xad_oss_plugins.tar.gz

Now to my question: Has anybody a running installation with Samba 3
and windinbd nss and pam modules? There is little (ore nearly no)
documentation how the XAD plugins are integrated into samba.

Please share your information with the mailing list.

Currently we have our Solaris servers running Samba 2.2 and
nss_ldap/pam_ldap from PADL for naming and authentication services.
Having just one point (Samba/winbind) of configuration would be great.
Our solaris servers are mostly used as file servers through samba. No
needs for interactive logins in the most cases.

-- 
Best regards,
 Dietrich  Streifert       mailto:dietrich.streifert@visionet.de

[prev in list] [next in list] [prev in thread] [next in thread]