[Samba] Sync'ing user and group ID's

Andrew Bartlett abartlet at samba.org
Sat Jul 17 05:37:15 GMT 2004


On Sat, 2004-07-17 at 15:38, thestar at fussycoder.id.au wrote:
> Heya, I'm new to this particular area of linux admin, and I noticed the 
> behaviour of
> the new samba CIFS's linux driver.
> 
> The only problem was that the user and group ID's of the files in the 
> mounted directories
> were rather strange, as these ID's were not in sync between the server 
> and the client.
> 
> My question is how do I keep them in sync, how I would deal with, say, 
> a laptop roaming
> between two different networks.

The usual suggestion is a central LDAP server for your workstations. 
For laptops, this becomes more interesting however...

Unfortunately, the 'uid' and 'gid' options no longer work against Samba
servers, unless they have 'unix extensions' explicitly disabled.  This
could be considered a bug.

> I am also concerned about the security implications - to me, it appears 
> that every single
> computer must be trusted, and thus, no-body but those in the admin 
> staff should be able to
> have root access -- this sounds like the security will go down as the 
> number of computers
> increases.  Any suggestions about this?

The server enforces the access control - so even if somebody has root on
the client, they only have their password to the server.

This is the difference between CIFS and NFS :-)

Andrew Bartlett
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20040717/a6a2b043/attachment.bin


More information about the samba mailing list