[Samba] What exactly IS the winbind daemon?

Discussion:

(too old to reply)

Oliver Heering

2005-07-28 11:40:10 UTC

Hi,

maybe this is a newbie-question, but ... here we go:

I read the documentation for winbindd several times now but didn't get
far. We run Samba as primary domain controller for several dozen
clients and over 3000 users and never used winbind, so my question is
quite simple:

What does winbind provide and when do i need it?
I assume that winbind is only used when i use samba as a client in a
domain with a MS domain controller, is that correct?

mfg,
Oliver Heering
Medienzentrum der Universität Dortmund
http://www.medienzentrum.uni-dortmund.de

--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba

Josh Lindenmuth

2005-07-28 13:10:10 UTC

Permalink

You are correct, you don't need winbindd unless you are connecting a Windows
domain.

-----Original Message-----
From: samba-bounces+jlindenmuth=***@lists.samba.org
[mailto:samba-bounces+jlindenmuth=***@lists.samba.org] On
Behalf Of Oliver Heering
Sent: Thursday, July 28, 2005 7:32 AM
To: ***@lists.samba.org
Subject: [Samba] What exactly IS the winbind daemon?

Hi,

maybe this is a newbie-question, but ... here we go:

I read the documentation for winbindd several times now but didn't get
far. We run Samba as primary domain controller for several dozen
clients and over 3000 users and never used winbind, so my question is
quite simple:

What does winbind provide and when do i need it?
I assume that winbind is only used when i use samba as a client in a
domain with a MS domain controller, is that correct?

mfg,
Oliver Heering
Medienzentrum der Universität Dortmund
http://www.medienzentrum.uni-dortmund.de

--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba

Raj Kumar

2005-07-28 14:30:15 UTC

Permalink

A related question:

If you are not using winbind you wouldn't be using
idmap (identity mapping) either. Correct?

I have a Samba PDC w/ LDAP backend that serves few
windows computers. I also have Linux clients that
authenticate using LDAP. All user accounts are both
windows (sambaSAMAccount) and unix accounts (posix,
shadow Accounts). So users can login to windows or
linux. Do I need to use LDAP idmap?

Let's say I add another samba server to PDC domain
that also **allows** unix logins using LDAP
authentication. Do I have to run winbind on this
domain samba member? (my guess: No)

Let's say I add another samba server to PDC domain
that **doesn't** allow unix logins using LDAP
authentication. Do I have to run winbind on this
domain samba member? (my guess: Yes)

Thank you for the help!
Cheers,
Raj

Post by Josh Lindenmuth
You are correct, you don't need winbindd unless you
are connecting a Windows
domain.
-----Original Message-----
On
Behalf Of Oliver Heering
Sent: Thursday, July 28, 2005 7:32 AM
Subject: [Samba] What exactly IS the winbind daemon?
Hi,
I read the documentation for winbindd several times
now but didn't get
far. We run Samba as primary domain controller for
several dozen
clients and over 3000 users and never used winbind,
so my question is
What does winbind provide and when do i need it?
I assume that winbind is only used when i use samba
as a client in a
domain with a MS domain controller, is that correct?
mfg,
Oliver Heering
Medienzentrum der Universität Dortmund
http://www.medienzentrum.uni-dortmund.de
--
To unsubscribe from this list go to the following
URL and read the
https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following
URL and read the
https://lists.samba.org/mailman/listinfo/samba

__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com

--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba

Michael Gasch

2005-08-02 10:30:12 UTC

Permalink

first: winbindd offers the ability to authenticate users and map sids to
uid/gids

if you have a working ldap tree and serve (nss) your clients (members,
dcs, clients) with ldap (uid, gid, sid) you don't need winbindd. all
information is in the ldap tree and authentication is done bei smbd if
you connect to a smb/cifs share (passdb backend).

if you want to login on the commandline with your dc-password you need
winbindd (pam_winbind) or you can use unixPassword in ldap (pam_ldap).
if you work with foreign domains and "non-domain" members you must use
idmap...more can be found in the documentation.

hope that helps

greez
--
Michael Gasch
Max Planck Institute for Evolutionary Anthropology
Department of Human Evolution
Deutscher Platz 6
D-04103 Leipzig
Germany

Phone: 49 (0)341 - 3550 137

--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba