[Samba] SID mapping: Samba and SSSD
Rowland penny
rpenny at samba.org
Thu Sep 3 19:15:19 UTC 2020
On 03/09/2020 20:01, Andrew Walker wrote:
> Whoops, fumbled my response a bit. slice size by default is 200,000,
> and to clarify the SID passed into murmur3() is the domain SID, not
> SID of individual user. Though, manpage for sssd-ad should be
> consulted for precise details. My understanding though is as long as
> everything fits in one slice, then you can just use RID. If you have
> multiple slices, you're stuck with non-deterministic behavior from
> SSSD and so can continue to use RID in winbind config. Although, I'm
> happy for someone to prove me wrong (which is the way things usually
> happen when you open your mouth). :)
I don't think this is going to work, from my understanding sssd
calculates the Unix ID from the SID and the result may not be
deterministic and there is is certainly no way that you could reproduce
this with the winbind 'rid' backend.
Can we please forget that sssd exists ? It doesn't work with Samba any
more (even red-hat admits that).
Rowland
More information about the samba
mailing list