[Samba] Concern about 3.0.22->3.0.23b upgrade (algorithmic SIDs issue)

Gerald (Jerry) Carter jerry at samba.org
Thu Aug 31 15:11:39 GMT 2006

Hash: SHA1

Michael Deutschmann wrote:
> On Sat, 26 Aug 2006, you wrote:
>>> I'm running as a lone Samba PDC, and -not-
>>> using winbindd.
>> The RID algorithm in 3.0.23c will potentially impact you.
>> Have I already suggested testing the 3.02.3c-gwc patch
>> at http://www.samba.org/~jerryy/patches/ ?  You might
>> want to get the patch and read over the release notes
>> at least.
> I've installed it and it seems to work.


> I think the problem I was fearing rests on a 
> misunderstanding.  The text said this would affect
> "unmapped" SIDs.  I took this to mean all SIDs
> that I did not explictly map -- which is
> everything except the magic privelege
> determining groups (ie: Domain Admins, Power Users).  
> So I was afraid that my users would lose
> ownership to all the files they created on
> their own harddrives.
> It's now apparent that an entry in smbpasswd 
> counts as a SID mapping (which just so happens
> to match exactly the SIDs that would have
> been generated for an unmapped users at 
> the same unix uid.)


> While no change to the code is needed, the documentation 
> about the 3.0.23 changes should be updated to clarify
> that:

Perhaps I should have just said an entry in Samba's passdb.
This covers both users and groups.  Would that have been
better ?

cheers, jerry
Samba                                    ------- http://www.samba.org
Centeris                         -----------  http://www.centeris.com
"What man is a man who does not make the world better?"      --Balian
Version: GnuPG v1.4.4 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


More information about the samba mailing list