martin.hechenberger@mpreis.at wrote:>
> Hi samba-fellows!
>
> In order to migrate an existing WIN NT 4.0 - PDC i would like to know
> whether there is a possibility to define the user RIDs in the
> LDAP-backbone of a Samba-PDC without having to use the (id*2)+1000
> algorithm. So I could just dump SAM into LDAP .... please help!
>
> This would be very important, as I wouldn't have to redefine all user
> rights on the other file servers.
Sort of. What you want is supported (in HEAD), but we need to resolve
some issues where other users in /etc/passwd could find that the
algorithmic mapping gives them the same RID.
For users, this is relitivly easy to 'fix' (just add an smb.conf option
to turn it off, its only done in one function), for groups it is a bit
trickier (but possible). I need to find out how 'aliases' work - they
are the final thing using this mapping.
Andrew Bartlett
--
Andrew Bartlett abartlet@pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet@samba.org
Student Network Administrator, Hawker College abartlet@hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net