[prev in list] [next in list] [prev in thread] [next in thread] 

List:       samba
Subject:    [Samba] idmap_nss needed together with idmap_ldap?
From:       "Alexander 'Leo' Bergolth" <leo () strike ! wu-wien ! ac ! at>
Date:       2009-03-09 21:36:52
Message-ID: 49B58BF4.5050600 () strike ! wu-wien ! ac ! at
[Download RAW message or body]

Hi!

In my samba controlled domain, most users are stored in an LDAP
directory. The Unix boxes use nss_ldap but they also have a few local
users (mostly system-users) whose user-ids are not synchronized.

I've read the documentation about idmap_nss but I'm still not sure if
this is needed for my setup.
Will using idmap_nss in addition to idmap_ldap result in any benefit
(e.g. when mapping local, non-ldap unix users)?

I am thinking of a setup like:
-------------------- 8< --------------------
idmap domains = NSS TRUSTEDDOMAINS

# <is this needed?>
idmap config NSS:backend  = nss
idmap config NSS:readonly = yes
# </is this needed?>

idmap config TRUSTEDDOMAINS:default  = yes
idmap config TRUSTEDDOMAINS:backend  = ldap
idmap config TRUSTEDDOMAINS:readonly = no
idmap config TRUSTEDDOMAINS:ldap_url = ldap://127.0.0.1
idmap config TRUSTEDDOMAINS:range    = 16777216-33554431

idmap alloc backend                  = ldap
idmap alloc config:ldap_url          = ldap://127.0.0.1
idmap alloc config:range             = 16777216-33554431
-------------------- 8< --------------------

Thanks,
--leo
-- 
e-mail   ::: Leo.Bergolth (at) wu-wien.ac.at
fax      ::: +43-1-31336-906050
location ::: IT-Services | Vienna University of Economics | Austria

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba
[prev in list] [next in list] [prev in thread] [next in thread]