Upgrade issue with 3.0.21b->3.0.22
Volker Lendecke
Volker.Lendecke at SerNet.DE
Wed Feb 8 07:06:38 GMT 2006
On Tue, Feb 07, 2006 at 07:02:57PM -0500, simo wrote:
> Can you draw what could happen in one case and the other ?
> That will help thinking about the right solution imho.
If we auto-map using the algorithm we can run into conflicts
with vampired or otherwise created objects, like explicit
group mappings done by the admin. The 'algorithmic rid base'
was created to prevent problems with this, but I've seen too
many installations that get this wrong to have come to the
conclusion that this does simply not work.
If we auto-map using the RID allocator we break exisiting
installations because they depend on the existing
algorithmic fallback. Gids being used in the SamLogon token
end up with different SIDs as they had been before.
Volker
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20060208/de753bc1/attachment.bin
More information about the samba-technical
mailing list