[Samba] Samba3 sambaSID calculation from 32-bit uidNumber?
Harald Hannelius
harald+samba at arcada.fi
Fri Mar 12 16:14:06 UTC 2021
On Fri, 12 Mar 2021, Rowland penny via samba wrote:
> On 12/03/2021 15:02, Harald Hannelius via samba wrote:
>>
>>
>> Does anyone know how the sambaSID suffix is calculated when the uidNumber
>> is a 32-bit integer?
>>
>> The formula was $uidNumber * 2 + 1000
>>
>> When checking our current users, my uid 5xx checks out correct, but the
>> ones that are larger than 65536 don't seem to follow that calculation.
>>
>> Thanks,
>>
>> a dinosaur
>>
>
> Sheesh, that is old 😁
Hey! Not *that* old...
> It was actually '1000 + ($UnixID * 2)' and the result (RID) was appended to
> the end of the Samba created SID. As the largest Unix ID is 65536 (unless you
> have changed it), I cannot see how you can have a RID greater than 132072.
Unix (And Linux) systems these days have 32-bit Unix ID numbers. Linux from
2.4 in 2001 I think.
It isn't really an issue. We're shutting down the Samba+LDAP 3.6 domain but
still have a service that checks passwords directly from the sambaNTPAssword
attribute (freeradius).
I don't think it matters what I write into the "MUST" attribute of sambaSID,
but I'm curious as always. It might work as well if we just use the same *2
and + 1000 for 32-bit uidNumbers but my curiosity woke when I noticed that
it doesn't match new users.
--
Harald Hannelius | harald.hannelius/a\arcada.fi | +358 50 594 1020
More information about the samba
mailing list