Mapping of RIDs to uid_t and gid_t

Luke Kenneth Casson Leighton lkcl at switchboard.net
Fri Apr 3 14:48:40 GMT 1998


On Fri, 3 Apr 1998, Jean-Francois Micouleau wrote:

> On Fri, 3 Apr 1998, Jeremy Allison wrote:
> 
> > To generate new machine accounts, we
> > junk the algorithm I'm using at the
> > moment and create them starting at
> > 
> > 2^28 - 1001
> > 
> > going down.
> 
> I'm still not convince by this idea. I know several sites (like where I
> worked in a previous life) where the uid are allocated in blocks to make
> some delegations to other sysadmin. 
> 
> Having each machine it's own uid can come in collision with how some
> sysadmins manage their accounts. I know about NIS+ doing the same thing. 
> 
> Do we really need one uid by machine ?

yes, you absolutely _must_ have one NT user RID per machine: machine trust
accounts _are_ actually users, after all.  if you don't think so, have a
look at the SAM part of the registry (see posting yesterday about adding
read permission OH - you _have_ to use regedt32.exe _not_ regedit.exe to
do that).

luke





More information about the samba-technical mailing list