[Samba] samba problems. accounts expire after a hour, but work
after reset
Edmundo Valle Neto
edmundo.valle at terra.com.br
Wed Mar 7 21:19:49 GMT 2007
Collen Blijenberg escreveu:
> Sorry, forgot something,
>
> indeed there was a mixup with the migrating, old posix uid were
> differed than the once we use now.
> a changed the auto_increment value of the user.uid table from mysql.
> i took the highest sid (5620) subbed 1000 and /2 and used that for
> auto_increment value..
>
> so now my new user accounts are in sync with samba RID's again.
>
> all i'm interested in now is the once i already have and use...
> i have a heap of accounts that have a posix uid, that doesn't fit the
> rules Edmundo explained (1000 + (2*uid))
> it looks like all works fine, but i would like to take the advise of
> the experts...
>
> is the rule only active when creating new accounts, or does samba use
> that rule also with in
> daily basic things ? (like logging in, or accessing shares ??)
>
> does it harm to have a posix uid 1050 and a SID ending with -1299 ?????
>
> Cheers Collen
>
> ...
[cut]
That I know, this algorithmic mapping is made to prevent clashes and
prevent the use of well know RIDs by Windows domains. I don't know all
the situations that the algorithmic mapping will be used in addiction of
the creation of new accounts or to resolve unmapped accounts. (Someone
correct me if Im wrong).
But I would guess that if your accounts are being resolved (SID<->GID
and SID<->UID) (and if I remember right those mappings are made inside
the base used and/or inside groupmap_idmap.tdb, when you are not using
winbind) you will not have any problems beyond those related with
permissions by lost/changed ids after used (IF that happened).
Regards.
Edmundo Valle Neto
More information about the samba
mailing list