Security Identifier (SID) to User Identifier (uid) ResolutionSystem
Luke Kenneth Casson Leighton
lkcl at samba.org
Wed Dec 29 18:37:14 GMT 1999
>
> And I think that Samba *is* the place to do it. Not all systems support
> nsswitch, but Samba should be able to work without it. Otherwise you get
> greatly reduced compatability in Samba, and wind up having to maintain the
> winbind code with Samba anyway... (And Samba doesn't need all of
> the functionality of winbind, only the UID/GID<->SID map - full names
> and shell aren't used, and an NT-shared home directory isn't something we
> want to re-share :-)
i like the idea of being able to use winbind to store a unix user's home
directory location :) who needs a c:\ drive3, anyway? :-)
>
> Re: the sid2*() call: I think the unified call proposed by Luke is more
> appropriate than Nico's - you really can't tell in an ACL if the SID
> refers to a group or to a user (or a machine). Having to code two calls
> is more of a pain for developers in the long run.
ok, been thinking about this some more.
do we want this:
int sid2posix(SID sid, enum *gid_or_uid, uint32/64 posix_id);
or do we want this:
int sid2posix(SID sid, uint32/64 posix_id);
because if you do, then you need to do LsaLookupSids(SID, enum *sid_type,
char* name) and you will get a SID_NAME_USER or SID_NAME_GROUP or
SID_NAME_ALIAS back, and you have to determine that, ok, it's a
SID_NAME_USER therefore the posix_id can be typecast to a uid_t.
More information about the samba-technical
mailing list