Bug 12613 - idmap autorid only creates new ranges after a successful authentication of any user in new domain
Summary: idmap autorid only creates new ranges after a successful authentication of an...
Status: RESOLVED FIXED
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: Winbind (show other bugs)
Version: 4.6.0rc4
Hardware: All All
: P5 normal (vote)
Target Milestone: 4.6
Assignee: Karolin Seeger
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-03-06 11:24 UTC by Stefan Metzmacher
Modified: 2017-03-14 09:47 UTC (History)
2 users (show)

See Also:


Attachments
Possible patch for master (1.31 KB, patch)
2017-03-06 12:08 UTC, Stefan Metzmacher
no flags Details
Patch for v4-6-test (1.55 KB, patch)
2017-03-08 09:36 UTC, Stefan Metzmacher
jra: review+
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Metzmacher 2017-03-06 11:24:45 UTC
In order to avoid pollution of the autorid ranges, the idmap autorid module
requires the presence of an successful stamp in netsamlogon_cache.tdb.

It's also possible to create ranges by hand using:

### get the existing ranges:
#> net idmap get ranges
RANGE 0: ALLOC
RANGE 1: S-1-5-21-2072033271-969857664-807811056
### use the next free range
#> net idmap set range 2 S-1-5-21-4053568372-2049667917-3384589010
#> net idmap get ranges
RANGE 0: ALLOC
RANGE 2: S-1-5-21-4053568372-2049667917-3384589010
RANGE 1: S-1-5-21-2072033271-969857664-807811056

We can improve this for future 4.6 releases for cases
where the winbindd parent already knows an domain
really exists.
Comment 1 Stefan Metzmacher 2017-03-06 12:08:40 UTC
Created attachment 13023 [details]
Possible patch for master
Comment 2 Stefan Metzmacher 2017-03-08 09:36:48 UTC
Created attachment 13027 [details]
Patch for v4-6-test
Comment 3 Jeremy Allison 2017-03-08 18:19:53 UTC
Comment on attachment 13027 [details]
Patch for v4-6-test

LGTM.
Comment 4 Jeremy Allison 2017-03-08 18:20:11 UTC
Reassigning to Karolin for inclusion in 4.6.next.
Comment 5 Karolin Seeger 2017-03-13 08:11:23 UTC
(In reply to Jeremy Allison from comment #4)
Pushed to autobuild-v4-6-test.
Comment 6 Karolin Seeger 2017-03-14 09:47:24 UTC
(In reply to Karolin Seeger from comment #5)
Pushed to v4-6-test.
Closing out bug report.

Thanks!