idra at samba.org
Fri Aug 8 19:06:22 GMT 2008
On Fri, 2008-08-08 at 21:04 +0200, Volker Lendecke wrote:
> On Fri, Aug 08, 2008 at 10:21:30AM -0700, Douglas VanLeuven wrote:
> > Volker Lendecke wrote:
> > >On Mon, Aug 04, 2008 at 07:43:09AM -0400, simo wrote:
> > >
> > >>If we salvage the "default" option we can still have great flexibility
> > >>w/o too much pain. Moving to a per range allocator would make things
> > >>simpler to understand from a configuration POV, although it would
> > >
> > >Sorry, but here I disagree. Having multiple allocators is
> > >bad from my point of view. I don't understand the scenario
> > >that you want to cover with it.
> > >
> > I was at sea when you started this thread or I would have commented
> > earlier. I'm unclear about one implication.
> > What about the case of idmap_ad which is not writable but desired to be
> > the default with a tdb backend for local accounts each with different
> > uid/gid ranges?
> > Is the new system going to work for that scenario?
> Make tdb the default backend (i.e. configured with "idmap
> backend"), but configure the explicit idmap_ad backend with
> "idmap config <YOUR_OWN_DOMAIN>".
I think the problem here is that tdb will still be the default.
Ie it will happily allocate for foreign domains unless there is an
explicit configuration for them.
Samba Team GPL Compliance Officer <simo at samba.org>
Senior Software Engineer at Red Hat Inc. <ssorce at redhat.com>
More information about the samba-technical