[OpenIndiana-discuss] ActiveDirectory UID mapping (netatalk)

alka alka at hfg-gmuend.de
Mon Aug 13 22:54:42 UTC 2012


yes you are correct,  without writing the Windows SID and using the
idmap mechanism of CIFS it seems not possible -
even during sessions because the idmap table is only created
after a login of an SMB user.




Am 13.08.2012 um 20:22 schrieb Frank Lahm:

> 2012/8/13 Günther Alka <alka at hfg-gmuend.de>:
>> with SAMBA and winbind you may loose:
>> 
>> - snaps via Windows previous version
>> - Windows compatible ntfs4 ACL (only Posix ACL ?)
>> - SMB as a ZFS property
>> - interoperability with NFS4
>> - movable pools that keep ACL intact
>> - performance, kernel based CIFS server is mostly faster
>> - CIFS is managed by Illumos, not a third party product that cares mostly about Linux
>> - napp-it integration
>> 
>> From Windows and interoperability view CIFS is much better.
>> A minimal solution may be using at least the UID/GID provided by idmap for
>> already created AD users, optionally add a SID->UID/GID entry in this database.
>> 
>> In this case, you do not write proper ACL but use at least the same UID/GID like CIFS
>> I have not tried if CIFS is using the proper SID via idmap when there is only a UID/GID entry in files.
> 
> What about the fact that ephemeral ids are not static ie discarded
> when the server reboots?
> 
> -f
> 
> _______________________________________________
> OpenIndiana-discuss mailing list
> OpenIndiana-discuss at openindiana.org
> http://openindiana.org/mailman/listinfo/openindiana-discuss

--




More information about the OpenIndiana-discuss mailing list