Can someone point me to information on how Samba handles SID History when using
security=ads and changing domains? I've done some prototyping in
transferring the idmaps from old to new SIDs when using an ldap backend, but
would like to see a "recommended practice" if one exists. I'm
especially interested in if and how ACLs on a global share would transfer with
the domain change.
BTW: If the LDAP backend has to contain multiple SIDs (the SID history) pointing
to the same uid/gid, this can cause a winbindd crash (Bug #997). So, again, any
personal experience or document references would be appreciated.
Tons of Thanks,
john
