winbind mapping depuration

Nahuel Greco ngreco at
Mon Feb 9 20:42:20 GMT 2004

On Mon, 09 Feb 2004 13:02:56 -0600
"Gerald (Jerry) Carter" <jerry at> wrote:

> It is possible but that is not the problem.  The algorithm for
> allocating the next id uses a high water mark that is
> monotonically increasing.

Well, but maybe that can be resolved patching winbindd to change their
behavior to get the next _free_ uid searching the tdb? (I mean, maybe
a patch for personal use not in the main samba tree)

> SIDs are never reused on Windows.  File ownership is really
> irrelevant.   so while it is possible to exhaust the uid/gid
> on space on a linux box with 32-bit ids, it is rarely done
> using as single domain.  It is more possible using noe or
> more trusted domains.

Ok, SID's aren't reused but they are stored as part of the ACLs
in the workstation files, so that information is never removed? 
I mean, there are some bytes never expired then :)

SID's unassigned to users are ignored in the ACL checking? 

Btw, what is "noe"? 

Nahuel Greco.

More information about the samba-technical mailing list