On Friday, 26 March 2010 11:27:28 Götz Reinicke - IT-Koordinator wrote: > Buchan Milne schrieb:
>> For the rgc2307 vs rfc2307bis group issue, I don't think samba > > supports rfc2307bis, so you should go with rfc2307 (using memberUid for > > denoting members of groups, holding the username, not the DN). > "The nss_ldap library from PADL software (http://www.padl.com) supports > this by enabling the library’s RFC2307bis extensions (pass the > --enable-rfc2307bis option to the nss_ldap configure script when > compiling) ..." > > > And http://www.padl.com/OSS/nss_ldap.html mentions also Support for the > RFC 2307/RFC 2307bis. > > Or do I get something wrong? nss_ldap supports rfc2307bis, but samba does not (AFAIK). If you are using Samba as a Domain Controller, the groups visible on windows clients (for local ACLs on windows computers, rights etc.) will not align with your unix groups if you use rfc2307bis. Regards, Buchan
