Security Identifier (SID) to User Identifier (uid) ResolutionSystem
Jeremy Allison
jeremy at valinux.com
Wed Dec 29 21:00:54 GMT 1999
Luke Kenneth Casson Leighton wrote:
>
> On Tue, 28 Dec 1999, Jeremy Allison wrote:
>
> > Ok, let me explain *why* I am fighting tooth and nail to
> > keep Luke's SID mapping table out of Samba.
> >
> > It is simply the wrong place to put such a thing.
> >
> > If we step back and look at the actual problem we are
> > trying to solve, then we see that hacking Samba with
> > mapping tables is the wrong approach.
>
> firstly, it's not a hack. if it _can_ be defined to be a hack, it's a
> hack that needs to sit on top of _all_ posix-compliant software that also
> wishes to be NT-domain-compliant. that includes absolutely anyone. sun,
> syntax, at & t, sco, absolutely everyone needs to implement the functional
> equivalent of a SURS table. the open source projects i know of that need
> to implement the functional equivalnt of a SURS tabhle are:
>
> - pam_ntdom
>
> - winbind
>
> - samba
>
> - pam_smb
This is incorrect.
The only place this needs to be done is in winbind. All
the other functions use the *standard* POSIX getpw[nam/uid]
get calls.
*ONLY WINBIND* needs to be aware of SID -> uid/gid mapping.
All others do not.
Jeremy.
--
--------------------------------------------------------
Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.
--------------------------------------------------------
More information about the samba-technical
mailing list