Bug 3838 - Documentation on idmap storage in LDAP incorrect
Summary: Documentation on idmap storage in LDAP incorrect
Status: NEW
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: Docs (show other bugs)
Version: 3.0.22
Hardware: Other Linux
: P3 normal
Target Milestone: none
Assignee: Samba Bugzilla Account
QA Contact: Samba Documentation QA Contact~
Depends on:
Reported: 2006-06-14 08:51 UTC by Erik Forsberg
Modified: 2006-06-14 08:51 UTC (History)
0 users

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Erik Forsberg 2006-06-14 08:51:00 UTC
I have a case where several Linux machines, all of them fetching information about users and groups from an AD domain via winbind, share home directories via an NFS export from a Linux server. Therefore, I need consistent uid/gid mapping among all machines. I tried to implement idmap storage via LDAP following Chapter 13 in the official howto. 

To me, http://us3.samba.org/samba/docs/man/Samba-HOWTO-Collection/idmapper.html#id2573773 ("IDMAP Storage in LDAP Using Winbind") seems plain wrong. It talks about using nss_ldap to fetch uid/gid information, but with the setup described in that section, no uid/gid information is stored in LDAP. Instead, only the mapping between SID and uid/gid is stored, just as in the case where a local .tdb is used as winbind idmap backend.

The same goes for the following section, "IDMAP and NSS Using LDAP from ADS with RFC2307bis Schema Extension"

To me, it seems like all information about nss_ldap should be removed. Instead, you should use nss_winbind to fetch the required information.