sam replication
Andrew Bartlett
abartlet at samba.org
Wed Sep 17 22:30:19 GMT 2003
On Thu, 2003-09-18 at 02:02, José Luis Tallón wrote:
> At 22:57 17/09/2003 +1000, Andrew Bartlett wrote:
> >On Wed, 2003-09-17 at 22:38, José Luis Tallón wrote:
> > >
> > > now, if we want to add new users, we are in the situation that the RIDs
> > > they would be assigned are already being used by machines. Therefore, i
> > > propose separating the RID ranges for machines and users ( though it is
> > > different from what Win does )
> >
> >RID allocation should be independent of UID allocation, if you want it
> >that way. However, if you are allocating a UID for translation into an
> >algorithmic RID, then it's up to you to avoid conflicts.
> >
> >You are going to need to create UID (posixAccount) entries for all your
> >machines anyway,
>
> well, you( the Samba Team ) made it possible to have NUA machine accounts,
> so that's what i used
NUA accounts never existed in a production release, which is why we have
exercised our right to say 'bad idea' and remove that feature. When we
truly achieve POSIX-independece (Samba 4 stuff), they might again
re-appear.
However, as we move forward, it is clear that we will need to assign a
Unix UID to every machine, as it is possible for machines to conduct
operations on a Samba server. (Both via schannel authentication, and
via kerberos logins in the future).
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20030917/03c6a88d/attachment.bin
More information about the samba-technical
mailing list