[email protected]
[Top] [All Lists]

Re: Winbind - functionality extension needed&In-Reply-To=4A54AF7C.702060

Subject: Re: Winbind - functionality extension needed&
From: Andrew Bartlett
Date: Thu, 09 Jul 2009 08:17:08 +1000
On Wed, 2009-07-08 at 12:36 -0500, MICHAEL BROWN wrote:
> Hello,
> will it be, or is it, possible to add the rfc2307 schema attributes
> extension to SAMBA 4's AD back-end so that a SAMBA 3 server can join a
> SAMBA 4 AD server and do these lookups from there?  Meaning, SAMBA 3
> can be joined to Windows 2003 R2 so that the UIDs/GIDs are stored in
> AD for POSIX resolution with nss-ldap and would like to know if this
> is possible with SAMBA 4 instead of Windows 2003?  We do not use
> winbind and opted to use OpenLDAP for keeping all of the UIDs/GIDs the
> same over multiple SAMBA servers (version 2).  I have tested SAMBA 3
> joined to Windows 2003 AD but, naturally, would like to use SAMBA 4's
> AD to keep this POSIX information, as well as nss-ldap so that the UID
> and GID information is the same everywhere.  OpenLDAP with MS schema
> and POSIX schema possibly?

Samba4 already has the Windows 2008 schema loaded for this exact
purpose.  We have not yet taken any steps to automatically allocate
uidNumber values into the directory (nor do we use those for the Samba4
file server), but both a very much the plan.

If you fill in the uidNumber attribute, the rest *should* work (do let
me know how well it works, please). 

Andrew Bartlett

Andrew Bartlett
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Cisco Inc.
<Prev in Thread] Current Thread [Next in Thread>