Web lists-archives.com

Re: [Samba] multiple passdb backends for standalone fileserver?




On Mon, 20 Aug 2018 18:02:32 +0200
Harry Jede via samba <samba@xxxxxxxxxxxxxxx> wrote:

> Am Montag, 20. August 2018, 16:43:24 CEST schrieb Matthias Leopold
> via samba:
> > Hi,
> > 
> > i (naively) would like to have local AND ldap users (and groups...)
> > on my standalone fileserver (security = user). "passdb backend =
> > ldapsam" already works OK and i found some old posts on the internet
> > about "chaining" passdb backends.
> Round about 12 years ago "chaining passdb backends" was removed! But 
> their are other possibilities:
> 
> 1. You can map local unix users and groups to their windows entrys.

Well, yes you can, but the OP wanted to use users stored in ldap and
users stored in /etc/passwd, but you cannot do both at the same time.

> 
> 2. You can use winbind's idmap feature; obey the "idmap ranges" and 
> honor that the syntax has changed several times.

The OP referred to a 'standalone server' and these do not need to run
winbind and if it is running, all the idmap backends need SID's, there
might not be any in the OP's ldap.

> 
> Just read the man pages of the samba version you are using!!! before 
> searching the web.

Very wise words, most web pages get something wrong ;-)

Rowland


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba