CVS update: samba/source/auth

Andrew Bartlett abartlet at
Tue May 13 23:11:33 GMT 2003

On Wed, 2003-05-14 at 01:31, Simo wrote:
> Seem resonable, I'm ok with your proposal.
> Do you have any comments on the idmap_ldap patch?

It was reading that patch that made me find the pdb_ldap bugs :-).

Once we get the pdb_ldap code right again, and again copy that common
code across, it looks fine.  (But it was a very quick look).

> I have some doubt about using both sambaAccount and idmapEntry to store
> the SID<->ugid mappings
> I think we should use a unique objectclass, perhaps binding it to the
> user when it exist.

If I read it correctly, that's what it does.  What I want is a
co-incidence of sambaAccount and uidNumber or sambaGroup and gidNumber
to be considered a 'valid' group mapping entry, without any changes.

(This allows upgrades from 2.2 and 3.0 where it will 'just work' even
for sites with RIDs that were set by NT).

When we are doing a new mapping, then the new objectClass should be


Andrew Bartlett                                 abartlet at
Manager, Authentication Subsystems, Samba Team  abartlet at
Student Network Administrator, Hawker College   abartlet at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :

More information about the samba-technical mailing list