samba-technical@lists.samba.org
[Top] [All Lists]

Re: samba idmap rfc2307/SFU and others

Subject: Re: samba idmap rfc2307/SFU and others
From: zeropoint
Date: Thu, 22 Jan 2009 16:47:51 -0800 PST
I agree, I feel this is the best approach and I do understand the conflicts
that could arise. I just though maybe have 2 different ID map ranges kind of
like you can have different ID maps for different domains. Thanks for the
info, I'll stop my endless testing and searching.


simo-7 wrote:
> 
> On Fri, 2009-01-23 at 02:37 +0200, Sassy Natan wrote:
>> at the moment samba doens't have support for the rfc2307
>> 
>> the posix account schema class is not in the samba schema (yet)
>> This means you can not have unix machine grab the info form the samba
>> machine
>> 
>> you can use winbind, but I guess the nss_ldap is much better for this
>> task
>> 
>> sassy
>> 
>> On Fri, Jan 23, 2009 at 2:27 AM, zeropoint <jpsergent@xxxxxxxxx> wrote:
>> 
>> >
>> > I have samba setup and working very well with SFU r2 rfc2307, and I am
>> > pleased with how it is working. I am making a file server for a mixed
>> > environment, linux and windows. I was wondering if anybody knew if it
>> is
>> > possible for samba to allocate UIDs and GIDs on users and groups that
>> do
>> > not
>> > have the services for unix tab populated in the active directory. I
>> want to
>> > avoid "needing" to populate that tab for users that don't use
>> linux/unix
>> > systems, but do want access to the file server from windows. Thank you
>> in
>> > advanced.
>> > --
>> > View this message in context:
>> >
>> http://www.nabble.com/samba-idmap-rfc2307-SFU-and-others-tp21616576p21616576.html
>> > Sent from the Samba - samba-technical mailing list archive at
>> Nabble.com.
>> >
> 
> Sassy, samba 3.x does support using rfc2307 against AD domain
> controllers, what zeropoint is asking is something completely different.
> 
> Zeropoint, no what you ask cannot be done at this moment, and it would
> lead to potential conflicts as your samba server may allocate ids later
> on introduced in AD.
> Although annoying it is certianly better to put all eggs in one basked
> and add the posix attributes to all windows accounts that need to access
> your samba server.
> 
> Simo.
> 
> 
> -- 
> Simo Sorce
> Samba Team GPL Compliance Officer <simo@xxxxxxxxx>
> Principal Software Engineer at Red Hat, Inc. <simo@xxxxxxxxxx>
> 
> 
> 

-- 
View this message in context: 
http://www.nabble.com/samba-idmap-rfc2307-SFU-and-others-tp21616576p21616806.html
Sent from the Samba - samba-technical mailing list archive at Nabble.com.

<Prev in Thread] Current Thread [Next in Thread>