[K12OSN] smbldap - adding ldap users to local groups
Rob Owens
rowens at ptd.net
Thu Oct 25 01:00:07 UTC 2007
On Wed, Oct 24, 2007 at 05:18:03PM -0700, Craig White wrote:
> On Wed, 2007-10-24 at 20:02 -0400, David Hopkins wrote:
> > Perhaps I am missing something here, but I thought the whole reason
> > for using a central ldap authentication approach is that all groups
> > and users are defined in the ldap server and every local machine uses
> > that server for authentication and association of rights to local
> > resources (files and such) for all accounts, except for local system
> > accounts and root? The global groups being added to local groups is
> > something that I am familiar with from Microsoft's view of how to
> > assign rights to files, and local resources, but I have never seen it
> > used that way in *nix.
> >
> > As an aside, isn't the purpose of newgrp so you can switch what group
> > your associated with on a local system?
> >
> ----
> the mysql user is a local user/group by Red Hat packaging and I am
> presuming by the OP, the same is true of Debian/Ubuntu.
>
> the issue becomes the toolset that you use to maintain users and groups
> and the suggestion of smbldap makes me think that OP is using Windows
> tools to maintain user accounts which isn't going to know about the
> local users/groups on a specific server.
>
I'll be using tools such as smbldap-useradd and smbldap-usermod, etc. One of my networks is Linux-only, but I'm still using smbldap simply because it made it easier for me to set up ldap (being new to this stuff).
-Rob
More information about the K12OSN
mailing list