Proposal/Idea: Remove support for using rfc2307 attributes for s4 id-mapping?
steve at steve-ss.com
Tue Oct 16 03:28:26 MDT 2012
On 16/10/12 02:13, simo wrote:
> On Mon, 2012-10-15 at 23:39 +0200, Michael Adam wrote:
>> On 2012-10-15 at 11:46 -0400, simo wrote:
>>> On Mon, 2012-10-15 at 16:51 +0200, Michael Adam wrote:
>>>> Hi Simo,
>>>> On 2012-10-15 at 10:25 -0400, simo wrote:
>>>>> On Mon, 2012-10-15 at 15:17 +0200, Michael Adam wrote:
>>> for exporting stuff via NFS if it is needed.
>> I'd say omit serving NFS from a S4 AD DC by all means!
>> What is more, I'd suggest to not use the DC for
>> extensive file serving (SMB) if possible.
>> Rather stick to sysvol and netlogon and add member
>> file servers...
Maybe the OP does not know that for many of us, there is a growing
number of Linux clients used as workstations in the domain.
We can't use cifs to serve the Linux clients as the file ownership is
always that of the user who mounted the file system, not the
authenticated user. We use NFS because it allows us to retain the
rfc2307 attributes of the user by obtaining them from a DC.
OK, so we do no file serving from the DC. Fine. We have a separate file
server. It still needs to obtain uidNumber and gidNumber from a DC.
Those values must be identical no matter which DC they are pulled from.
We have fought hard to have everything in one place: AD. M$ have given
us their schema, which allows for full rfc2307 compatibility. Now we
have it, we want to rip it apart?
Just another fer cents.
More information about the samba-technical