Security Identifier (SID) to User Identifier (uid) ResolutionSystem
Luke Kenneth Casson Leighton
lkcl at samba.org
Wed Dec 29 18:23:27 GMT 1999
> > Ok, yes. But we're not there yet. The namespace-management-tool-
> > layered-ontop-of-existing-name-services is workable today, at least for
> > me. Thus my interest in Luke's initiative.
> Yeah - but Luke wants to do it in the wrong piece of code
> (Samba). Note that all the other things you mention are
> programs external to Samba - I'd like to keep it that way.
well, i didn't realise that you felt that strongly about this. it can be
written conceptually as something that's outside of samba's scope but
implemented as part of samba's... code.
it's such a trivial piece of functionality (SURS tables) consisting of
three or four functions that it's simple enough to be written as a
separate program, .so, remote=-access service, whatever-you-like.
i wasn't thinking of implementations, at this stage. i don't think i've
mentioned any actual implemtations of SURS tables, other than potential
and existing ones in draft-lkcl-sidtouid-map-00.txt, in any of the emails
on this topic, yet!
you are correct in thinking that it is not samba's job to create SURS
tables. you are not correct, imo, in thinking that samba can get away
without _using_ surs tables. no posix-compliant and windows-nt-compliant
system can - fact, end-of-story - by definition. if you have posix, you
have uids. if you have windows nt, you have SIDS. therefore, by
definition, you mMUST have a SURS table to link the two.
exactly what that table is, and how to create it and how to use is are
all TOTALLY separate concepts.
More information about the samba-technical