Mapping of RIDs to uid_t and gid_t
Luke Kenneth Casson Leighton
lkcl at switchboard.net
Fri Apr 3 14:48:40 GMT 1998
On Fri, 3 Apr 1998, Jean-Francois Micouleau wrote:
> On Fri, 3 Apr 1998, Jeremy Allison wrote:
>
> > To generate new machine accounts, we
> > junk the algorithm I'm using at the
> > moment and create them starting at
> >
> > 2^28 - 1001
> >
> > going down.
>
> I'm still not convince by this idea. I know several sites (like where I
> worked in a previous life) where the uid are allocated in blocks to make
> some delegations to other sysadmin.
>
> Having each machine it's own uid can come in collision with how some
> sysadmins manage their accounts. I know about NIS+ doing the same thing.
>
> Do we really need one uid by machine ?
yes, you absolutely _must_ have one NT user RID per machine: machine trust
accounts _are_ actually users, after all. if you don't think so, have a
look at the SAM part of the registry (see posting yesterday about adding
read permission OH - you _have_ to use regedt32.exe _not_ regedit.exe to
do that).
luke
More information about the samba-technical
mailing list