On Thu, 2006-07-06 at 13:31 -0400, Danny Wall wrote: <SNIP> > I suspect I need to use idmap with winbind. > >Yup, your best bet is to use a different idmap setting. Either setup an >LDAP backend for SID-uid mappings, or if you don't have any trusted >domains that need access to your server, you can use the idmap_rid >backend to generate one from the RID. (see idmap backend in the >smb.conf man page) >Also, you could put the tdb files on the shared storage as well, but >using ldap or RID would probably be better in the long run. That way >your uid values are constant across all your samba servers, this cluster >or otherwise. >Thanks, >Eric Kerin Thanks for the reply, Eric. I was starting to look at using idmap_rid. I have read that an LDAP backend for this is not the best way, and I really did not want another LDAP directory to maintain. I do not have to worry about trusted domains, so that is good. I was considering putting the tdb files on the shared storage, but I think your comment about keeping the uid values consistent across all samba servers is an important consideration. I will probably research and implement the idmap_rid solution, unless anyone can provide a better solution. Thanks Danny Wall ******************************************** ############################################################## This message is for the named person's use only. It may contain confidential, proprietary, or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please immediately delete it and all copies of it from your system, destroy any hard copies of it, and notify the sender. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. Health First reserves the right to monitor all e-mail communications through its networks. Any views or opinions expressed in this message are solely those of the individual sender, except (1) where the message states such views or opinions are on behalf of a particular entity; and (2) the sender is authorized by the entity to give such views or opinions. ############################################################## -- Linux-cluster@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/linux-cluster
