FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 02-10-2010, 10:18 PM
Craig White
 
Default CentOS 5.4 x86_64 authenticating against AD (Server 2008r2)

On Wed, 2010-02-10 at 09:50 -0500, Ross Walker wrote:
> On Feb 10, 2010, at 8:11 AM, Chan Chung Hang Christopher <christopher.chan@bradbury.edu.hk
> > wrote:
>
> >
> >> If you have hundreds or thousands of users and hundreds of groups,
> >> well good luck. It is extremely hard to automate assigning these
> >> uids/
> >> gids and making sure they don't collide with each other or other unix
> >> systems and doing it by hand is a torture reserved for the ninth
> >> circle of hell.
> >>
> >> If only nss_ldap had a SID->UID/GID mapping like samba has.
> >>
> >
> > How about winbind with a ldap backend? winbind creates the uids/gids
> > and
> > the rest just run nss_ldap?
> >
> > I currently use an ldap directory to store the rids but I don't
> > remember
> > if they have been translated to uids/gids or whether the winbind
> > modules
> > do that...
>
> I don't know either, but if they do, that would work.
>
> Can samba update uid/gidNumbers of existing LDAP directory CNs?
>
> I still like the RID mapping, but if samba can write back uidNumbers
> based on RID map generated uids that would solve the problem.
----
In essence, samba knows nothing about writing anything to LDAP but
normally people would install smbldap-tools (not part of samba) to
provide a toolset to write to LDAP.

If smbldap-tools doesn't do what you want, modify it.

Craig


--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 02-11-2010, 11:43 AM
Chan Chung Hang Christopher
 
Default CentOS 5.4 x86_64 authenticating against AD (Server 2008r2)

Craig White wrote:
> On Wed, 2010-02-10 at 09:50 -0500, Ross Walker wrote:
>> On Feb 10, 2010, at 8:11 AM, Chan Chung Hang Christopher <christopher.chan@bradbury.edu.hk
>> > wrote:
>>
>>>> If you have hundreds or thousands of users and hundreds of groups,
>>>> well good luck. It is extremely hard to automate assigning these
>>>> uids/
>>>> gids and making sure they don't collide with each other or other unix
>>>> systems and doing it by hand is a torture reserved for the ninth
>>>> circle of hell.
>>>>
>>>> If only nss_ldap had a SID->UID/GID mapping like samba has.
>>>>
>>> How about winbind with a ldap backend? winbind creates the uids/gids
>>> and
>>> the rest just run nss_ldap?
>>>
>>> I currently use an ldap directory to store the rids but I don't
>>> remember
>>> if they have been translated to uids/gids or whether the winbind
>>> modules
>>> do that...
>> I don't know either, but if they do, that would work.
>>
>> Can samba update uid/gidNumbers of existing LDAP directory CNs?
>>
>> I still like the RID mapping, but if samba can write back uidNumbers
>> based on RID map generated uids that would solve the problem.
> ----
> In essence, samba knows nothing about writing anything to LDAP but
> normally people would install smbldap-tools (not part of samba) to
> provide a toolset to write to LDAP.

Impossible. winbind certainly knows all about writing to LDAP otherwise
it won't be a backend database for rid maps and especially for
maintaining the same rids across boxes (okay, this got solved at a
higher level and thus an ldap backend is not needed for maintaining
identical rids across boxes) and I cannot imagine how that would be
accomplished without knowing anything about writing to ldap.


>
> If smbldap-tools doesn't do what you want, modify it.
>

??? What's that? ???
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 03:59 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org