Samba4 idmap using uidNumber/gidNumber

Gémes Géza geza at
Sun Jun 10 01:39:47 MDT 2012

On 2012-06-10 08:02, Andrew Bartlett wrote:
> Steve,
> Attached is a patch that I know you and a number of our users will be
> interested in.  This patch makes Samba4 honour the uidNumber/gidNumber
> attributes in the directory, when present. 
> This is done in a simple manner - we simply search the directory first.
> No attempt at resolving conflicts with the idmap.ldb is done, the
> directory simply wins. 
> I haven't had a chance to test this yet (just got it to compile), but if
> you wish to test/comment in a non-production environment, it will assist
> us in bringing this important functionality to the Samba 4.0 release.
> Beyond this, the next step will be to make the 'samba-tool domain
> samba3upgrade' tool populate these mappings, rather than idmap.ldb.
> Michael,
> If you have any thoughts or comments on how this is done, please let me
> know.  I would have liked to call into idmap_ad directly, but it is tied
> too much into the s3 winbind to use directly, so I've instead just tried
> to make it compatible.  The additional behaviour that I can see is that
> there is no idmap range specified (all uidNumber values in the directory
> are accepted) and we fall back to an ldb mapping on failure to find an
> AD mapping.
> Thanks,
> Andrew Bartlett

That's really fantastic news (I can't wait to finish building it). Just
two questions:
1. How would s3fs behave encountering a group which would need to have
an uid (for owning some files)?
2. Are there plans to implement shell and homedir lookups too (for nss)?



More information about the samba-technical mailing list