On 2019-02-25 at 11:32 +0000 Rowland Penny via samba sent off:> > (I take it xid stands for both uid and gid?) > > No, I think it was chosen to differentiate them from uidNumber & > gidNumber attributes, they are similar but not the same. They also only > exist on DC'sin Windows the owner of a file can be a group. In the unix world the main owner is always a user. To reflect the fact that the owner can be a group also, winbind can assign both a mapped uid number and a gid number for Windows users and groups, both uid and gid have the same value and are the xid. That way Samba can also assign the ownership of files to a group. The idmap backend has to be able to support XID though, not all idmap backends do so. Björn -- SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen phone: 0551-370000-0, mail: kontakt at sernet.de Gesch.F.: Dr. Johannes Loxen & Reinhild Jung AG Göttingen: HR-B 2816 - https://www.sernet.de -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 228 bytes Desc: not available URL: <http://lists.samba.org/pipermail/samba/attachments/20190226/a29b53a1/signature.sig>
On Tue, Feb 26, 2019 at 12:45:45PM +0100, Björn JACKE via samba wrote:>On 2019-02-25 at 11:32 +0000 Rowland Penny via samba sent off: >> > (I take it xid stands for both uid and gid?) >> >> No, I think it was chosen to differentiate them from uidNumber & >> gidNumber attributes, they are similar but not the same. They also only >> exist on DC's > >in Windows the owner of a file can be a group. > >In the unix world the main owner is always a user. > >To reflect the fact that the owner can be a group also, winbind >can assign both a mapped uid number and a gid number for Windows >users and groups, both uid and gid have the same value and are the xid. That >way Samba can also assign the ownership of files to a group. The idmap backend >has to be able to support XID though, not all idmap backends do so.in particular idmap_autorid, idmap_rid and idmap_script support this so called mode, idmap_ad doesn't. -slow -- Ralph Boehme, Samba Team https://samba.org/ Samba Developer, SerNet GmbH https://sernet.de/en/samba/ GPG-Fingerprint FAE2C6088A24252051C559E4AA1E9B7126399E46
Rowland Penny
2019-Feb-26 13:32 UTC
[Samba] winbind causing huge timeouts/delays since 4.8
On Tue, 26 Feb 2019 12:49:42 +0100 Ralph Böhme via samba <samba at lists.samba.org> wrote:> On Tue, Feb 26, 2019 at 12:45:45PM +0100, Björn JACKE via samba wrote: > >On 2019-02-25 at 11:32 +0000 Rowland Penny via samba sent off: > >> > (I take it xid stands for both uid and gid?) > >> > >> No, I think it was chosen to differentiate them from uidNumber & > >> gidNumber attributes, they are similar but not the same. They also > >> only exist on DC's > > > >in Windows the owner of a file can be a group. > > > >In the unix world the main owner is always a user. > > > >To reflect the fact that the owner can be a group also, winbind > >can assign both a mapped uid number and a gid number for Windows > >users and groups, both uid and gid have the same value and are the > >xid. That way Samba can also assign the ownership of files to a > >group. The idmap backend has to be able to support XID though, not > >all idmap backends do so. > > in particular idmap_autorid, idmap_rid and idmap_script support this > so called mode, idmap_ad doesn't. > > -slow >I take it that xid is used internally by Samba to identify calculated ID's, because the only place a normal user will come across them is in idmap.ldb. If this is correct, then it doesn't really matter that idmap_ad doesn't support them, because uidNumber & gidNumber replaces them. From a users point of view, the only way to get an experience similar to Windows is to use idmap_ad. Rowland