"algorithmic rid base" bogus?
Andrew Bartlett
abartlet at samba.org
Tue Dec 27 22:38:06 GMT 2005
On Tue, 2005-12-27 at 22:49 +0100, Volker Lendecke wrote:
> Hi!
>
> The other area where algorithmic ID mapping helps is the creation of new users,
> groups and aliases. New users and groups right now are created by calling the
> appropriate scripts, and the RID assigned is taken from the algorithm. In times
> where we have the allocate_rid operation this is bogus I think.
The advantage that we get some assigning RIDs from the algorithm
(rightly or wrongly) is predictability. A domain may be upgraded from
smbpasswd, and downgraded again without loosing this vital mapping. An
administrator can be assured that provided he gets the uid/name mapping
correct on a backup restore, that he SIDs 'just work'. Tools outside
Samba (such as phpLdapAdmin) may also 'know' about this mapping.
I'm not sure these are worth the pain that has become this area, but I
wanted to raise it.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20051228/4dd82c07/attachment.bin
More information about the samba-technical
mailing list