SMS/SAM winbind
Stefan (metze) Metzmacher
metze at metzemix.de
Tue Jul 2 05:55:02 GMT 2002
Approach to handle the SID mapping.
I preferr to have a database (or config options in smb.conf) for the
following DATA:
(Builtin and OurDomain):
SID: S-1-5-21-4158354609-2045536973-4240204567
uid: 20000-30000
gid: 15000-25000
TrustDomainA: (with NT4 Server)
SID: S-1-5-21-4158354609-2045536973-4240204567
uid: 20000-30000
gid: 15000-25000
TrustDomainB: (with ADS Server)
SID: S-1-5-21-1354354609-4598675973-4240286745
uid: 40000-50000
gid: 40000-50000
------------------------------------------------------
I would preferr that every SAM packend has it's own sid mapping for the
secified domain SID or {u,g}id range. (e.g. sam_ldap would store it's
mapping's in ldap, sam_tdb stores it in a tdb, or do it with algorithmic
backend...)
And for Trusted domains winbind is doing the mapping for the domain sid and
{u,g}id ranges.
__________________________________________________________________
take a look at www.metzemix.de/projects/samba/index.html
metze
-----------------------------------------------------------------------------
Stefan "metze" Metzmacher <metze at metzemix.de>
More information about the samba-technical
mailing list