http://git.samba.org/?p=vl/samba.git/.git;a=shortlog;h=idmap
simo
idra at samba.org
Fri Aug 8 19:06:22 GMT 2008
On Fri, 2008-08-08 at 21:04 +0200, Volker Lendecke wrote:
> On Fri, Aug 08, 2008 at 10:21:30AM -0700, Douglas VanLeuven wrote:
> > Volker Lendecke wrote:
> > >On Mon, Aug 04, 2008 at 07:43:09AM -0400, simo wrote:
> > >
> > >>If we salvage the "default" option we can still have great flexibility
> > >>w/o too much pain. Moving to a per range allocator would make things
> > >>simpler to understand from a configuration POV, although it would
> > >
> > >Sorry, but here I disagree. Having multiple allocators is
> > >bad from my point of view. I don't understand the scenario
> > >that you want to cover with it.
> > >
> >
> > I was at sea when you started this thread or I would have commented
> > earlier. I'm unclear about one implication.
> >
> > What about the case of idmap_ad which is not writable but desired to be
> > the default with a tdb backend for local accounts each with different
> > uid/gid ranges?
> >
> > Is the new system going to work for that scenario?
>
> Make tdb the default backend (i.e. configured with "idmap
> backend"), but configure the explicit idmap_ad backend with
> "idmap config <YOUR_OWN_DOMAIN>".
I think the problem here is that tdb will still be the default.
Ie it will happily allocate for foreign domains unless there is an
explicit configuration for them.
Simo.
--
Simo Sorce
Samba Team GPL Compliance Officer <simo at samba.org>
Senior Software Engineer at Red Hat Inc. <ssorce at redhat.com>
More information about the samba-technical
mailing list