I have been working on a clustered storage product that uses Samba as one of its interfaces. We dealt with some of the issues of ID mapping in a limited way.
The main concern we had was making sure all the nodes in the cluster would have the same SID->UID mapping. Our solution was to use a hash algorithm based on the RID. We used to upper range of the Unix UIDs, to avoid collisions with pre-assigned UIDs in the customer's environment (because we also integrate with NIS, and serve NFS). We also wrote a mapping system that would match Windows users to Unix users, and map their SID to their pre-assigned UID. The Windows user comment area could be filled in to give the mapper a hint.
This gave us a system that could run independently on different nodes (Samba servers), and would always map the same way. Since the file system is clustered (looks the same no matter which node the user connects to), the users get the same file service from any node. With IP virtualization, we are able to load balance, redirecting users from NFS and Windows to any node.
The main drawback is: This system cannot fully support trusted domains. Since the SID consumes too many bits, a reasonable hash could not be developed which would avoid collisions among different Windows domains and Unix IDs. We chose to map all users from trusted domains to a common UID. This removes ownership, and security, but is still allows trusted domain users to store files.
While considering solutions to the problems faced by the system, we came to the conclusion that LDAP would be a big help. We also considered replacing winbindd with a distributed database, possibly with our own LDAP interface on it. Certainly, the ability to allocated UIDs internally in a sequential manner would be the best solution, and mapping external information is trivial. Distributing the mappings, and avoiding collisions is not easy to do, without some sort of service.
My main goal is to make sure you don't forget that there may be a need for more than one Samba server to use the exact same mappings.
Just thought I'd throw in what I've seen.
-----Original Message-----
From: Andrew Bartlett [mailto:[EMAIL PROTECTED]]
Sent: Sunday, October 13, 2002 9:04 AM
To: Simo Sorce
Cc: Andrew Bartlett; Volker Lendecke; Samba Technical
Subject: Re: Commit my stuff to 3.0?
Simo Sorce wrote:
>
> On Sun, 2002-10-13 at 15:40, Andrew Bartlett wrote:
> > Yep, that sounds worthwhile. We could even just make it a timeout - and
> > finally put gencache to use :-). (mimir's generalised tdb cache).
>
> We do **not** need timeouts!
> remember that sid->uid mapping is written in stone, once you have done
> it it cannot be changed _ever_.
Well I've got a funny feeling sombody will change these - and I can
think it would be a really nasty thing to track down for the admin.
Re-polling the server doesn't cost us much, but this is a minor matter.
> > > But to use ldap as a central storage you have to solve how to handle
> > > foreign or builtin/special SIDs!
> >
> > Well, I was only looking at mapping our own domain - I was thinking the
> > rest should happend via winbind. However, it does make more sense that
> > this is all handled in one place. I think we can deal with this.
>
> if you want it to be fast, better it stay in one place.
Fine by me.
--
Andrew Bartlett [EMAIL PROTECTED]
Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED]
Student Network Administrator, Hawker College [EMAIL PROTECTED]
http://samba.org http://build.samba.org http://hawkerc.net
