[Samba] SID history secondary group set bloat

Ralph Boehme slow at samba.org
Thu Jun 10 07:32:56 UTC 2021

Am 10.06.21 um 08:27 schrieb Weiser, Michael:
> My question remains if there's a way to prevent SID history SIDs from
> being mapped once they're no longer needed on a particular samba
> server, to prevent unnecessary bloating of the secondary group list,
> i.e. if there's a way to tell autorid (or nss) to recognize that
> 472199(EXAMPLE\secret), 572198(EXAMPLE\secret) and
> 301141(EXAMPLE\secret) are all the same group and only add gid 301141
> to the UNIX token.

ah, now I get it. :)

No, that's not supported, but it might be possible to add such a feature
with some development effort.


Ralph Boehme, Samba Team                https://samba.org/
Samba Developer, SerNet GmbH   https://sernet.de/en/samba/
GPG-Fingerprint   FAE2C6088A24252051C559E4AA1E9B7126399E46

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba/attachments/20210610/6fa1b0ad/OpenPGP_signature.sig>

More information about the samba mailing list