Bug 242 - Retrieving UNIX UID/GID directly through ActiveDirectory from schema extension
Summary: Retrieving UNIX UID/GID directly through ActiveDirectory from schema extension
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: winbind (show other bugs)
Version: 3.0.0preX
Hardware: All Solaris
: P3 enhancement
Target Milestone: none
Assignee: Gerald (Jerry) Carter (dead mail address)
QA Contact:
Depends on:
Reported: 2003-07-21 07:01 UTC by Dietrich Streifert
Modified: 2005-08-24 10:15 UTC (History)
0 users

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Dietrich Streifert 2003-07-21 07:01:10 UTC
Using direct retrieval of the UID/GID of the user and group objects in AD would 
eliminate the need of a SID to UID/GID mapping which is done separately by a 
LDAP server or a local database.

We currently use SAMBA 2.2 wich retrieves GIDs/UIDs through nss_ldap and 
pam_ldap from PADL Software (http://www.padl.com). GIDs and UIDs are stored in 
schema extensions compatible to the UNIX Services from Windows from Microsoft.
GIDs and UIDs are managed through a mmc plugin (AD4UNIX) on the AD servers 
available at http://www.css-solutions.ca/ad4unix.

The goal would be to have winbind and the corresponding nss and pam module do 
everything directly to Active Directory. This would be a great enhancement.

Thank you for your attendance.

Comment 1 Luke Howard 2003-08-10 02:29:57 UTC
Although we have not tested this against Active Directory, the idmap_ad plugin at http://
www.padl.com/download/xad_oss_plugins.tar.gz should in theory resolve this.
Comment 2 Gerald (Jerry) Carter (dead mail address) 2004-10-29 07:30:16 UTC
closing this one .  We can either use the XAD plugin or 
the idmap_rid plugin added for 3.0.8
Comment 3 Gerald (Jerry) Carter (dead mail address) 2005-02-07 08:40:03 UTC
originally reported against 3.0.0beta2.  CLeaning out 
non-production release versions.
Comment 4 Gerald (Jerry) Carter (dead mail address) 2005-08-24 10:15:23 UTC
sorry for the same, cleaning up the database to prevent unecessary reopens of bugs.