On Wed, Nov 11, 2009 at 7:52 AM, Gerald Carter <[email protected]> wrote:
> Hey Nick, > > Nick wrote: > > Is it possible for the uid/gid numbers that are generated by the > > idmap_rid and idmap_hash to collide if there are a large number of > > users or groups? I cannot seem to find any documentation on the > > limitations of these plugins. Before using I want to make absolutely > > sure that there won't be any collisions. > > There is a small chance of collision based on the domain sid. > In testing the mean average was about40 trusted domains but I've > see it much lower on rare occasions. Also, if the highest RID > in your domain is > (as Volker points out) 2^19, the plugin will > suffer from integer overflow. > > There's a slide or two outlining the algorithm in this slide deck > from LInuxWorld SF '08 > > <http://archives.likewiseopen.org/%7Egcarter/presentations/likewise_open_first_class_citizen_lwsf08.pdf> How does this compare with idmap hash? I can't seem to find the doc that I found sometime ago regarding it's details. My understanding is that it uses 31 bit uid/gid that is generated from a hash of the domain on certain bits and a hash of the SID on certain bits. I don't recall how many bit were allocated to each. Does it suffer from the same collision problem as rid? Our AD will have a couple of hundred thousand objects in the not too near future. Thanks, Robert LeBlanc Life Sciences & Undergraduate Education Computer Support Brigham Young University -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
