Security Identifier (SID) to User Identifier (uid) ResolutionSystem

Jeremy Allison jeremy at
Wed Dec 29 21:00:54 GMT 1999

Luke Kenneth Casson Leighton wrote:
> On Tue, 28 Dec 1999, Jeremy Allison wrote:
> > Ok, let me explain *why* I am fighting tooth and nail to
> > keep Luke's SID mapping table out of Samba.
> >
> > It is simply the wrong place to put such a thing.
> >
> > If we step back and look at the actual problem we are
> > trying to solve, then we see that hacking Samba with
> > mapping tables is the wrong approach.
> firstly, it's not a hack.  if it _can_ be defined to be a hack, it's a
> hack that needs to sit on top of _all_ posix-compliant software that also
> wishes to be NT-domain-compliant.  that includes absolutely anyone.  sun,
> syntax, at & t, sco, absolutely everyone needs to implement the functional
> equivalent of a SURS table.  the open source projects i know of that need
> to implement the functional equivalnt of a SURS tabhle are:
> - pam_ntdom
> - winbind
> - samba
> - pam_smb

This is incorrect.

The only place this needs to be done is in winbind. All
the other functions use the *standard* POSIX getpw[nam/uid]
get calls.

*ONLY WINBIND* needs to be aware of SID -> uid/gid mapping.
All others do not.


Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.

More information about the samba-technical mailing list