[Samba] rid generation questions
steffo76 at gmx.de
steffo76 at gmx.de
Mon Sep 5 08:51:57 MDT 2011
I have a few questions to ask... I am about to migrate from Samba 2 to 3 (3.5.9). I am going to use LDAP as backend in the future and came across something I don't understand. As far as I know the 'old' way to generate RIDs for users is to take their uidnumber, multiply it by two and add 1000. For computer accounts it would be 1001 instead of 1000. I am now trying to figure out how this works with 3.5.9 and ldapsam and if it is possible to re-enable the old behaviour. The only thing I could find was this:
where it says:
"Beginning with Samba 3.0.0beta3, the RID allocation functions
have been moved into winbindd. Previously these were handled
by each passdb backend. This means that winbindd must be running
to automatically allocate RIDs for users and/or groups. Otherwise,
smbd will use the 2.2 algorithm for generating new RIDs"
I am not using winbindd but I noticed that new RIDs get created independently from the uidnumber of the account. In the Domain Object the value for sambaAlgorithmicRidBase is 1000, still new RIDs for computer accounts get created by incrementing the value of sambaNextRid which is 1027 right now.
I tried to increase sambaAlgorithmicRidBase to 10000 so there wouldn't be a collision between old samba 3 accounts and the new ones but this only lead to smbd refusing to start saying that "The value of 'algorithmic RID base' has changed since the LDAP database was initialised.".
Since the whole shebang isn't online yet I only have a handful of computer accounts for testing purposes with RIDs in the unwanted 1000s which I could delete.
To make a long story short: how do I tell samba to just use the old behaviour for allocation RIDs ? Or if that's not possible: how do I change the algorithmic RID base afterwards ?
Empfehlen Sie GMX DSL Ihren Freunden und Bekannten und wir
belohnen Sie mit bis zu 50,- Euro! https://freundschaftswerbung.gmx.de
More information about the samba