> -----Original Message----- > From: Nicolas Williams [mailto:[EMAIL PROTECTED] > Sent: Wednesday, April 02, 2008 5:04 PM > To: Leopold, Corey > Cc: [email protected] > Subject: Re: [storage-discuss] CIFS behavior when AD is unavailiable > > On Wed, Apr 02, 2008 at 04:56:51PM -0500, Nicolas Williams wrote: > > On Wed, Apr 02, 2008 at 05:22:07PM -0400, Leopold, Corey wrote: > > > What is the expected behavior of CIFS when joined Active Directory and > > > all Active Directory servers become unavailable due to network outage? > > > > Domain user/group SIDs seen on the wire are mapped to "nobody" > > UIDs/GIDs. Non-ephemeral UIDs/GIDs are mapped to RIDs relative to the > > server's computer SID. > > I forgot to add that this is only true for SIDs/UIDs/GIDs which haven't > been mapped before. All mappings other than ephemeral mappings do > expire within 5 minutes. > > Perhaps we should probably have an option to fallback on expired > non-ephemeral mappings when AD is unreachable. And perhaps the > expiration time should configurable. Comments?
So if I understand that if I have a Non-ephemeral UIDs/GIDs they will work like normal for the first 0 to 5 minutes after lost connection. Ephermeral UIDs/GIDs will read and write files as "nobody"? Instead of the fully enumerating domain users and groups across the forest like you talked about in the other e-mail, I would be happy where only UIDs/GIDs that have been recently utilized on the CIFS share cached for usage if AD becomes unavailable. I'm really considering the case of transient network outages of less than an hour or so for remote offices with less than 10 users, not independent operation. Corey _______________________________________________ storage-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/storage-discuss
