On Sun, 2009-03-22 at 19:58 -0400, jeff sacksteder wrote: > I'm having trouble wading through the various documents that only > partially apply to my situation. > I have an exsting LDAP instance providing NSS login data to my small > group of linux machines. I want to also now provide domain logins > against those user accounts. > So far I have determined that I need to > 1. add the samba schema to the directory > 2. set the attribute access appropriately > 3. add unix groups corresponding to the well known windows groups
That is pretty much it. > My immediate questions are 'what groups?' You need to map the well-known domain groups. > and 'do I add them to passwd > or in the directory?'. "passwd"? If NSS is working from LDAP you don't *need* anything in passwd/groups; the best solution is to configure a ldapsam:trusted = yes setup. > If there is a document for this configuration, a pointer would help me out. <http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/> <http://us1.samba.org/samba/docs/man/Samba-Guide/> I'd avoid using any other documents as most are inaccurate or at best out-of-date. -- OpenGroupware developer: awill...@whitemice.org <http://whitemiceconsulting.blogspot.com/> OpenGroupare & Cyrus IMAPd documenation @ <http://docs.opengroupware.org/Members/whitemice/wmogag/file_view> -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba