[Samba] Concern about 3.0.22->3.0.23b upgrade (algorithmic SIDs
Gerald (Jerry) Carter
jerry at samba.org
Thu Aug 31 15:11:39 GMT 2006
-----BEGIN PGP SIGNED MESSAGE-----
Michael Deutschmann wrote:
> On Sat, 26 Aug 2006, you wrote:
>>> I'm running as a lone Samba PDC, and -not-
>>> using winbindd.
>> The RID algorithm in 3.0.23c will potentially impact you.
>> Have I already suggested testing the 3.02.3c-gwc patch
>> at http://www.samba.org/~jerryy/patches/ ? You might
>> want to get the patch and read over the release notes
>> at least.
> I've installed it and it seems to work.
> I think the problem I was fearing rests on a
> misunderstanding. The text said this would affect
> "unmapped" SIDs. I took this to mean all SIDs
> that I did not explictly map -- which is
> everything except the magic privelege
> determining groups (ie: Domain Admins, Power Users).
> So I was afraid that my users would lose
> ownership to all the files they created on
> their own harddrives.
> It's now apparent that an entry in smbpasswd
> counts as a SID mapping (which just so happens
> to match exactly the SIDs that would have
> been generated for an unmapped users at
> the same unix uid.)
> While no change to the code is needed, the documentation
> about the 3.0.23 changes should be updated to clarify
Perhaps I should have just said an entry in Samba's passdb.
This covers both users and groups. Would that have been
Samba ------- http://www.samba.org
Centeris ----------- http://www.centeris.com
"What man is a man who does not make the world better?" --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the samba