On Fri, 2008-02-15 at 16:12 -0500, Ross S. W. Walker wrote: > It would be a handy feature to have idmap_ad implement an alloc routine to > write back the uid and gid mappings to AD either as SFU attributes or RFC > 2307 attributes. > > I figure this could allow dynamic uid and gid allocation that can be easily > preserved across multiple domains in a Windows environment. > > Has there been any attempt to provide this feature?
No, this would require allowing any samba server write access to any user in AD for, at least, the posix attributes. Something, I am sure, most people wouldn't want to allow. I am open to patches in this regard but *only* if they come with very clear instructions on how to limit write access to the needed attributes and possible only to a specific identity the samba server can use. Of course both read-only and read-write mode of operation must work, with read-only being the default. Simo. -- Simo Sorce Samba Team GPL Compliance Officer <[EMAIL PROTECTED]> Senior Software Engineer at Red Hat Inc. <[EMAIL PROTECTED]> -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
