Samba4 idmap using uidNumber/gidNumber
Gémes Géza
geza at kzsdabas.hu
Sun Jun 10 01:39:47 MDT 2012
On 2012-06-10 08:02, Andrew Bartlett wrote:
> Steve,
>
> Attached is a patch that I know you and a number of our users will be
> interested in. This patch makes Samba4 honour the uidNumber/gidNumber
> attributes in the directory, when present.
>
> This is done in a simple manner - we simply search the directory first.
> No attempt at resolving conflicts with the idmap.ldb is done, the
> directory simply wins.
>
> I haven't had a chance to test this yet (just got it to compile), but if
> you wish to test/comment in a non-production environment, it will assist
> us in bringing this important functionality to the Samba 4.0 release.
>
> Beyond this, the next step will be to make the 'samba-tool domain
> samba3upgrade' tool populate these mappings, rather than idmap.ldb.
>
> Michael,
>
> If you have any thoughts or comments on how this is done, please let me
> know. I would have liked to call into idmap_ad directly, but it is tied
> too much into the s3 winbind to use directly, so I've instead just tried
> to make it compatible. The additional behaviour that I can see is that
> there is no idmap range specified (all uidNumber values in the directory
> are accepted) and we fall back to an ldb mapping on failure to find an
> AD mapping.
>
> Thanks,
>
> Andrew Bartlett
Hi,
That's really fantastic news (I can't wait to finish building it). Just
two questions:
1. How would s3fs behave encountering a group which would need to have
an uid (for owning some files)?
2. Are there plans to implement shell and homedir lookups too (for nss)?
Cheers,
Geza
More information about the samba-technical
mailing list