Mixed profiles w/Samba-PDC

Jeremy Allison jallison at whistle.com
Thu May 28 20:34:07 GMT 1998

Mark Funkenhauser wrote:
> So, if the Sambe PDC is to work with the POSIX subsystem(s)
> (the MS POSIX subsytem is *not* the only commercial POSIX subsystem
>  implementation)
> it has to ensure that RID's do not get any larger than 0x100000.

Hmmm. That's going to be a problem I think. Currently,
we plan to encode the UNIX account type (user or group)
in the RID, using the top 4 bits. We have to do this as
we need to determine, given a RID from an NT box, whether
this maps back to a UNIX uid_t or gid_t.

I suppose we could always encode the account type info
in the bottom bits instead, so the RID encoding would look
like (in big-endian format):

<----20 bits--------->|<-12 bits-->|
| uid_t or gid_t+1    |'known' user|
              or      |account type|

If the top 20 bits are 0 - then it's a 'well
known account', if the top 20 bits are != 0
then the account type (UNIX user or group)
is encoded in the bottom 4 bits.

This is still a bit tight for your POSIX
subsystem though, as it only gives 0xFFF
unique UNIX users or groups.

What does your POSIX subsystem do if it gets
a RID >0x100000 as a primary domain rid ? 
This is looking increasingly likely...... :-(.



Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.

More information about the samba-ntdom mailing list