Primary Group SID
Bostjan Golob
golob at gimb.org
Mon Feb 9 20:27:09 GMT 2004
On Mon, 2004-02-09 at 21:11, Andrew Bartlett wrote:
> On Tue, 2004-02-10 at 06:21, Bostjan Golob wrote:
> > I hacked together a little patch for the LDAP backend that resolves a
> > user's primary gid into a SID and uses that as the primary group SID. If
> > the group has no mapping, the user gets the Domain Users group as the
> > primary group.
> >
> > This is just a quick proof-of-concept patch that probably needs some
> > polishing and moving into a more general location. If people are
> > satisfied with this patch, I'll make a more general one (a bit out of
> > practice with samba code at the moment :).
>
> I don't like the getpwnam() lookup. Now I remember what happened to
> this code...
>
> I would prefer that we re-introduced the code to look at gidNumber, and
> translate it on that basis. If the group mapping does not exist, then
> the algorithmic mapping should be used.
That was my first intent, but I went with getpwnam() because in my case,
I have separate LDAP trees for samba and posix users (for testing now)
and the sambaSamAccount had no gidNumber. Also, the root account has no
posixAccount entry in LDAP, only a sambaSamAccount for joining the
machines in the domain and so on.
Bostjan Golob
>
> Andrew Bartlett
More information about the samba-technical
mailing list