[Samba] Man page for idmap_rid

Rowland Penny rpenny at samba.org
Tue Aug 9 18:24:21 UTC 2016


On Tue, 9 Aug 2016 15:05:34 -0300
francis picabia <fpicabia at gmail.com> wrote:


> 
> I'd like to see it documented in plain terms, not formula where
> few people know what "rid in sid" means.  It seems to me if
> it were documented for the type security = ads case for
> Linux, this would be a template to start with, and not
> looking for magic values as many users have come to
> rely on (see the Samba and Debian bug reports for people
> who think the range beginning at 1000 was some magic solution).
> 
> Look, you get into your car, and do you look at an RPM value
> and gear indicator, compute the tire size P215R16
> and figure out the speed?  No, there is a calibrated instrument for
> it.
> 
> Well, what is sitting in front of us, a frigging computer!
> 
> Why can't samba/winbind look at nsswitch, determine there is
> nothing like NIS and LDAP, lookup the UID values in /etc/passwd,
> and make ranges on the fly?  The end user does not care
> what their values are - they only want "Map Network Drive"
> to work and get something done.  I suspect the computer
> on Apollo missions could have achieved this range computation.

I will tell you why looking in /etc/passwd will not work, Michael has
pointed out that with 'winbind use default domain = yes' in smb.conf,
you only have one user 'fred' and he cannot exist in two places at once.
If you don't have that line in smb.conf, as Jeremy pointed out, you can
have a user called 'fred' in /etc/passwd and another user called 'fred'
in AD, but they would not be the same user.

As for the Apollo computer, I doubt it would have had the spare
capacity to do what you suggest, it was too busy doing everything else.

Rowland



More information about the samba mailing list