Security Identifier (SID) to User Identifier (uid) ResolutionSystem

Jeremy Allison jeremy at
Tue Dec 28 22:03:55 GMT 1999

Luke Kenneth Casson Leighton wrote:
> ok.  so let's say you have a local user on a server.  you want to grant
> that local user the rights to use a specific file on another workstation.

I'm presuming that the "server" in question here is a Samba server.

> the local user log in (not to the domain, but to the local workstation).
> they access the file, the SD is found to conain a SID with a remote
> workstation's SID on it, and the remote workstation is asked to resolve
> the SID to a pretty name.

By "remote workstation's SID" I'm assuming you are refering to the
SID generated from the "local user on a server" referred to above.

> this is acceptable (allowable) behaviour.
> using the algorithmic mapping system in 2.0.x, you can't get this kind of
> granularity / behaviour.

Why would this not work with a Samba server. The workstation
needs to request a SID->name lookup from the Samba server,
which (although it currently doesn't) should work on a Samba

I don't understand your problem here.


Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.

More information about the samba-technical mailing list