Hi! In my samba controlled domain, most users are stored in an LDAP directory. The Unix boxes use nss_ldap but they also have a few local users (mostly system-users) whose user-ids are not synchronized.
I've read the documentation about idmap_nss but I'm still not sure if this is needed for my setup. Will using idmap_nss in addition to idmap_ldap result in any benefit (e.g. when mapping local, non-ldap unix users)? I am thinking of a setup like: -------------------- 8< -------------------- idmap domains = NSS TRUSTEDDOMAINS # <is this needed?> idmap config NSS:backend = nss idmap config NSS:readonly = yes # </is this needed?> idmap config TRUSTEDDOMAINS:default = yes idmap config TRUSTEDDOMAINS:backend = ldap idmap config TRUSTEDDOMAINS:readonly = no idmap config TRUSTEDDOMAINS:ldap_url = ldap://127.0.0.1 idmap config TRUSTEDDOMAINS:range = 16777216-33554431 idmap alloc backend = ldap idmap alloc config:ldap_url = ldap://127.0.0.1 idmap alloc config:range = 16777216-33554431 -------------------- 8< -------------------- Thanks, --leo -- e-mail ::: Leo.Bergolth (at) wu-wien.ac.at fax ::: +43-1-31336-906050 location ::: IT-Services | Vienna University of Economics | Austria -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba