Hi, Thanks to those who got back to me the last time I posted.
I've been reading up on LDAP and piecing together the puzzle using the Samba By-Example doc and other pieces of information found on the web. I'm now up to the stage where I believe I have a working LDAP directory configured - ldapsearch yields expected results - and Samba can connect to it OK - tested by changing LDAP password and checking logs for connect errors. The NSS tools from PADL are also compiled and configured as per Samba By-Example. What I haven't found clear though is how Samba/Winbind populate the LDAP directory with the ID mappings. Do I have to use the user/group add scripts - bearing in mind the box is a domain member and is not going to be acting as a PDC? Or should Winbind add the ID mapping when a user attempts to connect to a share? At the moment wbinfo -t, wbinfo -u and wbinfo -g work OK but getent passwd/group only displays local users and groups. If a domain user attempts to connect to a share with full access permissions they are prompted for login information. How can Winbind add the user to LDAP if the user cannot connect to the share as they currently don't exist? If required I can post conf files for LDAP/Samba/NSS_LDAP, Thanks, Simon -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba