[Samba] User Group SID behavior has changed from 21b to 23c

Gerald (Jerry) Carter jerry at samba.org
Tue Sep 5 19:43:49 GMT 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mario,

> i am expecting also a behavior i cannot follow with groups.
> 
>> # pdbedit -L -v law
>> WARNING: The "printer admin" option is deprecated
>> Unix username:        law
>> NT username:          law
>> Account Flags:        [HUX        ]
>> User SID:             S-1-5-21-4092459118-2595994810-1099795350-3002
>> Primary Group SID:    S-1-5-21-4092459118-2595994810-1099795350-513
> 
> 
> However, i am not member of the mapped group 
> with the rid 513...

Doesn't matter.  This is how Windows does it.  You're
primary group has to be in the same domain as the passdb.
Windows uses 513 as a special RID that always exists.
If you map the user's real primary Unix group to a valid
SID, you will get that reported.

The stance now is that the primaryGroupSID attribute
in the passdb ignored and the actual value is generated
on the fly based on the user's real Unix primary group.





cheers, jerry
=====================================================================
Samba                                    ------- http://www.samba.org
Centeris                         -----------  http://www.centeris.com
"What man is a man who does not make the world better?"      --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFE/dN0IR7qMdg1EfYRAtTaAKC2/Qc+dI/YSd6ZktDItx7yBOqEugCgnFCo
whQoih3o1XEVboM+EJNCPS0=
=Y0i9
-----END PGP SIGNATURE-----


More information about the samba mailing list