Samba4 idmap using uidNumber/gidNumber
Matthieu Patou
mat at samba.org
Sun Jun 10 17:59:19 MDT 2012
Hello Gemes,
> Regarding groups which need to have also an uid, IMHO the best solution
> would be to have the idmap.ldb in the directory for example as a new
> partition, then for each SID->uid or uid->SID map which won't get a
> result from the main partition, searching the idmap.ldb would give an
> uniform answer across the domain.
It's a seducing idea but it has a couple of implications and corner cases:
* conflict can still happen: 2 DC allocating the a different uid for a
given group because they were requested to do so before replication has
occurred
* search to a full blown ldb is much much much more slower than a search
to a standalone ldb, even if you might not notice it on a small
provision it will be much more noticeable on bigger provision and there
will be case when you don't want to have to pay this price.
Matthieu.
--
Matthieu Patou
Samba Team
http://samba.org
More information about the samba-technical
mailing list