[PATCH] sam backend parameter

Simo Sorce simo.sorce at xsec.it
Thu Oct 3 11:24:01 GMT 2002

On Thu, 2002-10-03 at 08:47, Andrew Bartlett wrote:
> jra at dp.samba.org wrote:
> > Well it's not being used really, as it's not in a production
> > release. We don't make guarentees until it gets into a production
> > release. What "non-passdb" users are being mapped into the system
> > via this method ?  Surely as a PDC we need passdb entries for every
> > user we're exporting ?
> I mean it's being used by code.
> The problem is mainly on the fileserver:  For the DC side of things,
> every user is in the SAM, or they can't really do much.  But on the
> fileserver side, we have the problem that a user may select to view the
> Owner or the ACL entries of a file.

I think we should simply document the fact the admins should really map
each user or groups that own files on the shares, and if they do not do
it they may get in troubles.

When they do not do it, I think we should simply return a simple
"Unknown" SID allocated for that purpose. This will eliminate the
problem and make us not need algorithmic mapping at all, that is however
wrong solution, as today also the uid/gid space is 32 bit as rid space
so that we can go out of mapping space anyway and need to handle that
situation too.
Algorithmic mapping should go away completely imho.


Simo Sorce - simo.sorce at xsec.it
Xsec s.r.l.
via Durando 10 Ed. G - 20158 - Milano
tel. +39 02 2399 7130 - fax: +39 02 700 442 399
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20021003/09b7f73e/attachment.bin

More information about the samba-technical mailing list