[OpenIndiana-discuss] ActiveDirectory UID mapping (netatalk)

[James Relph]

> The problem that must be solved:
> a File created from CIFS must have the same owner SID/ ACL/ UID/ GID
> like those created with netatalk. (interoperabiity)

The thing is that surely that's an API or system level requirement - it shouldn't be up to each server application to reverse-engineer what the CIFS/NFS server is already doing.

If the capability exists in the CIFS/NFS server then it would seem to make more sense to expose that as a usable feature for any server/process.  My experience is obviously more from the OS X side, but basically once an OS X client is hooked up to an AD it just becomes a secondary search path via DirectoryService, and OS X transparently maps the UID/GID for any process - without any need for changes to the AD (either schema or IDMU).

We've started using OpenIndiana primarily for ZFS but we've found a lot of fantastic features as we've gone along (zones, crossbow etc.) and it is certainly a far stronger server platform than anything Apple have done recently.  However, I've got to say that I think OS X has a far, far better approach to managing foreign directories - and it may be worth looking at that as a possible example of a really strong system for working in heterogenous environments.  I think it could be massively useful and as I've said in another email we've got some resources we could throw at this for a developer that thinks they can get something a little bit neater - because it really feels a bit strange that at the moment the native AD integration is significantly better for just CIFS/NFS than for any other process.

James.