'On the Fly' mappings and PDC/BDC interactions

Andrew Bartlett abartlet at samba.org
Thu Oct 17 11:01:01 GMT 2002

I'm just wondering if anybody has considered the impact of creating 'on
the fly' mappings for groups/users (uid->sid stuff) and how this plays
with PDC/BDC relationships...

If we have a BDC that is asked for a not-yet-mapped group, and gives it
a SID, how do we get that information back to the PDC?

In particular, I don't like the idea that the BDC must contact the PDC
in real time here - that would seem to defeat the point of having a
PDC/BDC.  (In particular, I can imagine setups where the BDC simply
cannot contact the PDC ever, and just assumes LDAP handles the

Also, it would of course need to play with 'net rpc vampire'

Anyway, this area is messy.

Andrew Bartlett
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net

More information about the samba-technical mailing list