Paul B. Henson wrote:
So why not the built-in CIFS support in OpenSolaris? Probably has a
similar issue, but still.
I wouldn't think it has this same issue; presumably it won't support more
than the kernel limit of 32 groups, but I can't imagine that in the case
when a user is in more than 32 active directory groups it would simply
discard all group membership :(. I haven't tested it, but I would guess it
would behave like the underlying operating system and simply truncate the
group list at 32, with the user losing any additional privileges granted by
the rest of the groups.
Ah. No. If you're using idmap and are mapping to an AD server, the windows SIDs
(which are both users and groups) are stored in a cred struct (in cr_ksid) which
allows more than 32 groups, up to 64k iirc.
Playing around with idmap to map UID/GIDs to SIDs and vice versa can be done
locally without an AD or LDAP server too.
-Drew
_______________________________________________
zfs-discuss mailing list
zfs-discuss@opensolaris.org
http://mail.opensolaris.org/mailman/listinfo/zfs-discuss
