Web lists-archives.com

Re: [Samba] winbind causing huge timeouts/delays since 4.8




On Tue, 26 Feb 2019 12:49:42 +0100
Ralph Böhme via samba <samba@xxxxxxxxxxxxxxx> wrote:

> On Tue, Feb 26, 2019 at 12:45:45PM +0100, Björn JACKE via samba wrote:
> >On 2019-02-25 at 11:32 +0000 Rowland Penny via samba sent off:
> >> > (I take it xid stands for both uid and gid?)
> >>
> >> No, I think it was chosen to differentiate them from uidNumber &
> >> gidNumber attributes, they are similar but not the same. They also
> >> only exist on DC's
> >
> >in Windows the owner of a file can be a group.
> >
> >In the unix world the main owner is always a user.
> >
> >To reflect the fact that the owner can be a group also, winbind
> >can assign both a mapped uid number and a gid number for Windows
> >users and groups, both uid and gid have the same value and are the
> >xid. That way Samba can also assign the ownership of files to a
> >group. The idmap backend has to be able to support XID though, not
> >all idmap backends do so.
> 
> in particular idmap_autorid, idmap_rid and idmap_script support this
> so called mode, idmap_ad doesn't.
> 
> -slow
> 

I take it that xid is used internally by Samba to identify calculated
ID's, because the only place a normal user will come across them is in
idmap.ldb. If this is correct, then it doesn't really matter that
idmap_ad doesn't support them, because uidNumber & gidNumber replaces
them.

>From a users point of view, the only way to get an experience similar
to Windows is to use idmap_ad.

Rowland

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba