[Samba] id mapping

Robert Marcano robert at marcanoonline.com
Wed Sep 22 19:47:45 UTC 2021


On 9/22/21 12:00 PM, Patrick Goetz via samba wrote:
> Hi -
> 
> On 9/20/21 09:51, Ralph Boehme wrote:
>> Am 20.09.21 um 16:42 schrieb Patrick Goetz via samba:
>>> Now it looks like I'm going to have to rethink the entire system 
>>> architecture if I want to upgrade the file server from Ubuntu 18.04 
>>> to anything newer?  (Ubuntu 20.04 ships 4.11.6).  This is going to be 
>>> a problem, as all the files are related to the UIDs and GIDs 
>>> generated by sssd. I'm not sure that's realistic in a very active 
>>> research environment. The solution is likely going to involve 
>>> virtualizing all the Windows machines and using IOMMU to provide a 
>>> PCIe passthrough for whatever GPU's they need for processing.
>>
>> sorry, tl;dr, at least not fully, but still wanted to mention...
>>
>>> Any thoughts on this appreciated.
>>
>> ...you could try to use the idmap sss backend. Unfortunately it's not 
>> included in upstream Samba and therefor not available on Ubuntu. Otho 
>> RHEL Samba ships it, if that helps.
>>
>> Alternatively you could build Samba packages from source and include 
>> the necessary patches, I have a WIP branch here:
>>
>> <https://git.samba.org/?p=slow/samba.git;a=shortlog;h=refs/heads/idmap_sss> 
>>
>>
> 
> I'm a bit confused about what this branch does; i.e. if it's just to 
> facilitate the use of idmap_sss, then why are patches needed? Aren't 
> people currently using idmap_sss with Samba, or is that only because 
> Redhat is patching Samba downstream and it doesn't work at all with 
> Ubuntu systems even when sss is installed?

SSSD winbind idmap is part of SSSD, you need a SSSD built with the 
configure --with-samba flag. Red Hat distributions enable that flag, 
others maybe not.

Source code at 
https://pagure.io/SSSD/sssd/blob/master/f/src/lib/winbind_idmap_sss

> 
> I've read there's a memory leak in 4.11 anyway, and some people are 
> recommending the source: http://apt.van-belle.nl/
> as an alternative to the distro Samba packages available on Debian/Ubuntu.
> 
> 
>> Cheers!
>> -slow
>>
>>
>>
>> This message is from an external sender. Learn more about why this 
>> matters. <https://ut.service-now.com/sp?id=kb_article&number=KB0011401>
>>
>>
> 




More information about the samba mailing list