So much for moving rid-> ntSid, what about the primaryGid we
left behind?
Gerald (Jerry) Carter
jerry at samba.org
Mon May 5 07:01:02 GMT 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 5 May 2003, Andrew Bartlett wrote:
> So, can anybody give me a good reason why I should keep the
> 'primaryGroupRID' given we have moved the things that really matter to
> SIDs?
>
> I must have missed it when I last looked at this area - I think we
> should have primaryGroupSID instead. That would allow easy ldap
> searches to find the members of a group, in particular.
>
> The only point I note is that Microsoft doesn't even make this a SID,
> but this is one point where I think AD's schema is a bit nuts..
The change makes sense to me. If i understood correctly, the primary
group stuff in NT is just so they could be posix compliance. I don't
think the primary group stuff is really relevant most of the time.
cheers, jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/
iD8DBQE+tgwuIR7qMdg1EfYRAmUHAKCwh70xZy7iEd/81qxDL+eRWdPQ1QCeOlc2
35ZcrI6d42w71o6ANSP5LBo=
=IVXI
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list