mapping uids of file owners to SIDs for AD users
Sumit Bose
sbose at redhat.com
Fri Jan 27 14:08:12 UTC 2017
On Thu, Jan 26, 2017 at 10:15:32PM +0100, Ralph Böhme wrote:
> On Thu, Jan 26, 2017 at 12:40:19PM +0100, Sumit Bose wrote:
> > On Thu, Jan 26, 2017 at 12:16:55PM +0100, Ralph Böhme wrote:
> > > On Thu, Jan 26, 2017 at 11:51:07AM +0100, Björn JACKE wrote:
> > > > On 2017-01-25 at 18:49 +0100 Ralph Böhme sent off:
> > > > > This looks like it would be very useful and just needs some waf configure and
> > > > > build magic to be integrated.
> > > >
> > > > I agree, it would be very good to have this upstream (in Samba, where it mainly
> > > > belongs).
> > >
> > > if noone else does it... currently upgrading my Fedora from 24 to 25 in order to
> > > get the needed deps (assuming they are only in 25). As soon as I find the time
> > > I'll work out a patch.
> >
> > The basic requirement is the libsss_nss_idmap package which contains a
> > library with the calls to SSSD and is already available since a couple
> > of versions.
> >
> > The module in the SSSD tree also uses calls from libsss_idmap to convert
> > between different SID representations but they can be replaced by
> > suitable calls from a Samba library.
> >
> > Please let me know if I can be of any assistance.
>
> we need a manpage. Hint, hint... :)
Feel free to reuse the related SSSD man page
https://github.com/SSSD/sssd/blob/master/src/man/idmap_sss.8.xml
>
> <https://git.samba.org/?p=slow/samba.git;a=log;h=refs/heads/idmap_sss>
Thank you, I didn't had a chance to test it yet, but I'm wondering about
the name. Having two plugins with the same name might cause some extra
effort for distributions an package maintainers. If Samba starts
shipping this idmap module I'm fine with deprecating and removing it
from SSSD but I guess there will be some time where Samba and SSSD will
provide the plugin.
bye,
Sumit
>
> Briefly tested, seems to work.
>
> Cheerio!
> -slow
More information about the samba-technical
mailing list