On Thu, 2002-10-03 at 08:47, Andrew Bartlett wrote: > [EMAIL PROTECTED] wrote: > > Well it's not being used really, as it's not in a production > > release. We don't make guarentees until it gets into a production > > release. What "non-passdb" users are being mapped into the system > > via this method ? Surely as a PDC we need passdb entries for every > > user we're exporting ? > > I mean it's being used by code. > > The problem is mainly on the fileserver: For the DC side of things, > every user is in the SAM, or they can't really do much. But on the > fileserver side, we have the problem that a user may select to view the > Owner or the ACL entries of a file.
I think we should simply document the fact the admins should really map each user or groups that own files on the shares, and if they do not do it they may get in troubles. When they do not do it, I think we should simply return a simple "Unknown" SID allocated for that purpose. This will eliminate the problem and make us not need algorithmic mapping at all, that is however wrong solution, as today also the uid/gid space is 32 bit as rid space so that we can go out of mapping space anyway and need to handle that situation too. Algorithmic mapping should go away completely imho. Simo. -- Simo Sorce - [EMAIL PROTECTED] Xsec s.r.l. via Durando 10 Ed. G - 20158 - Milano tel. +39 02 2399 7130 - fax: +39 02 700 442 399
signature.asc
Description: This is a digitally signed message part
