Web lists-archives.com

Re: [Samba] Slow, Incorrect Group Resolution through Winbind

On Wed, 13 Sep 2017 12:55:58 -0400
Sonic <sonicsmith@xxxxxxxxx> wrote:

> On Wed, Sep 13, 2017 at 12:49 PM, Rowland Penny via samba
> <samba@xxxxxxxxxxxxxxx> wrote:
> > And, yes the smb.conf manpage does say this:
> >
> > These are suitable for use in the default idmap configuration.
> >
> > and refer to tdb,tdb2 and ldap. I wouldn't use any of these on a
> > Unix domain member, because the manpage also says this:
> >
> > these create mappings of their own using internal unixid counters
> > and store the mappings in a database.
> >
> > This means there is no way to ensure that users and groups will get
> > the same ID on different Unix domain members.
> I'm the first to agree that using tdb for the DOMAIN domain is not
> ideal. However, it is not invalid (as far as I can tell from the
> documentation).
> Chris

I am not saying it is invalid, I am just saying you should not use them
for the 'DOMAIN' backend because you have no way to get consistent IDs.


To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba