Samba project aspirant for GSOC 2014

Alexander Bokovoy ab at
Tue Mar 4 06:05:25 MST 2014

On Tue, Mar 4, 2014 at 1:41 PM, Jeff Layton <jlayton at> wrote:

> > >
> > >
> I'm not sure this one is really valid anymore, but Steve might have
> other ideas. We have an idmapping mechanism for cifs now though it's
> necessarily different from the one NFS uses.
> NFSv4 goes something like:
>     NFSv4 username at DOMAIN <-> UID
> ...whereas cifs is:
>     Windows SID <-> UID
> ...given the protocol differences, I'm not sure how much you can really
> merge the two (or what the point of doing so would be).
In fact, this problem is largerly solved for SSSD as ID provider for both
CIFS and NFSv4.
CIFS idmap provider was written last year and NFSv4 idmap provider code was
contributed recently by PRIMARY DATA people, implementing It all
slated to be released in SSSD 1.12.

I think it would be great to actually attempt to reuse these to some point.
Volker had an idea to use SSSD pipe protocol to use the same frontends for
PAM/NSS work and I don't see reasons why we shouldn't do the same for idmap
interfaces towards rpc.idmapd/cifs.ko.

SSSD team plans to have it support the pipe protocol in next major version
/ Alexander Bokovoy

More information about the samba-technical mailing list