Security Identifier (SID) to User Identifier (uid) ResolutionSystem
Luke Kenneth Casson Leighton
lkcl at samba.org
Tue Dec 28 19:43:36 GMT 1999
> 1) it excludes S-1-5-32 so you can't map any BUILTIN groups such as
> Administrators and "Account Operators" etc.
>
> 2) multiple samba servers as members of the same domain need
> same-user-name-same-smbpasswd locally on each server, and they _still_
> produce different SIDs for the same damn username, which i am sure is a
> security risk, i just can't think it through clearly, it's that brain-dead
> and complicated an issue.
3) trusted dcs and all other SIDs are excluded.
More information about the samba-technical
mailing list