[Samba] Proper sysvol replication solution...
steve
steve at steve-ss.com
Fri Aug 22 15:27:49 MDT 2014
On Fri, 2014-08-22 at 22:46 +0200, Achim Gottinger wrote:
> Am 22.08.2014 22:28, schrieb Rowland Penny:
> >>>>
> >>> You mean like the reverse of what ever happens to create the entries
> >>> in idmap.ldb ?
> >>>
> >>> Rowland
> >>>
> >> Yes,
> >>
> >> For your example in the other mail "getent group" would return
> >>
> >> S-1-5-32-544:*:3000000
> >>
> >> on the dc and
> >>
> >> S-1-5-32-544:*:2000
> >>
> >>
> >>
> >>
> >>
> >>
> > That would be good, but it would be better if was:
> >
> > administrators:*:3000000
> >
> > on the dc and
> >
> > administrators:*:2000
> >
> > Rowland
> >
>
> Odd thing is the sid to name mapping is already there
> (librpc/idl/security.idl) for well know sid's and rid's. Makes it even
> more strange that only BUILDIN groups had been implemented by the patch.
>
> @steve you would force the users to reserve an predefined range of
> numbers in their usermanagement for windows standard groups und users.
That's exactly what we are trying to avoid. A range of possible values.
More information about the samba
mailing list