Setting "ldap trust id" in smb.conf to "Yes", Samba still disallows me to log into an account which exists in ldap directory but not in /etc/passwd. In log file, it shows : [2003/08/26 09:55:15, 4] auth/auth_sam.c:sam_password_ok(218) sam_password_ok: Checking NT MD4 password [2003/08/26 09:55:15, 4] auth/auth_sam.c:sam_account_ok(324) sam_account_ok: Checking SMB password for user boxtest01 [2003/08/26 09:55:15, 1] auth/auth_util.c:make_server_info_sam(795) User boxtest01 in passdb, but getpwnam() fails! I looked into the source code of samba 3.0rc1, in auth/auth_sam.c, make_server_info_sam() is called regardless whether "ldap trust id" is set or not. "make_server_info_sam()" in turns calls getpwnam().
Yup. There is no way this parameter can work any more given the current architecture. It will most likely be removed before RC2, but I'm checking that there are no other options before I do.
'ldap trust ids' is being removed
The only role of 'ldap trust ids' now is to allow the primary group id to be based entirely on the posix primary group, without being explictly set (using the mapping). This is probably worth keeping. All other benifits are indeed absent.
it's already been removed
originally reported against one of the 3.0.0rc[1-4] releases. Cleaning up non-production versions.