Security Identifier (SID) to User Identifier (uid) ResolutionSystem
Jeremy Allison
jeremy at valinux.com
Wed Dec 29 21:59:42 GMT 1999
Nicolas Williams wrote:
> Kerberos has no uid/sid like concept. Kerberos only has names
> (principals) and domains (realms).
*Precisely*. Kerberos and DCE use a name based mapping, not
a number based one.
> Let's just say that the main benefit of SIDs is that they provide some
> hierarchy where uids provide none.
Yes, but remember we are working on POSIX systems. They
have no hieratrchy of users. Yes that sucks but it isn't
a job for Samba to fix.
> The idea is to make Samba use that API and for some external agent to
> provide it.
I don't really want Samba to use that API. I'd rather
Samba only know about uid/gids and have the uglyness in
the mapping done in one place only.
Jeremy.
--
--------------------------------------------------------
Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.
--------------------------------------------------------
More information about the samba-technical
mailing list