[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Where to start a migration from passwd/shadow/smbpasswd to openldap
On Friday, 26 March 2010 11:27:28 Götz Reinicke - IT-Koordinator wrote:
> Buchan Milne schrieb:
>> For the rgc2307 vs rfc2307bis group issue, I don't think samba
> > supports rfc2307bis, so you should go with rfc2307 (using memberUid for
> > denoting members of groups, holding the username, not the DN).
> "The nss_ldap library from PADL software (http://www.padl.com) supports
> this by enabling the library’s RFC2307bis extensions (pass the
> --enable-rfc2307bis option to the nss_ldap configure script when
> compiling) ..."
>
>
> And http://www.padl.com/OSS/nss_ldap.html mentions also Support for the
> RFC 2307/RFC 2307bis.
>
> Or do I get something wrong?
nss_ldap supports rfc2307bis, but samba does not (AFAIK). If you are using
Samba as a Domain Controller, the groups visible on windows clients (for local
ACLs on windows computers, rights etc.) will not align with your unix groups
if you use rfc2307bis.
Regards,
Buchan