Security Identifier (SID) to User Identifier (uid) ResolutionSystem

Jeremy Allison jeremy at
Wed Dec 29 22:03:33 GMT 1999

Nicolas Williams wrote:
> Ay! I have been looking at Samba 2.0.5a served shares from an NT4 host
> since Tuesday, but I never tried using an NT account from a different
> domain.

It wil work in the same way that an NT server can cope with access from
an account from another domain because the Samba server looks at the
incoming name, not a SID.

> This is bad. We've got this braindead multiple-NT domain situation here
> with an NT domain per-continent and we've been telling ppl that they'll
> be able to use Samba servers from other continents when we upgrade to
> Samba 2.x.x.

Yes, this will work.

> Ok, so the current algorythmic mapping will now definitely not satisfy
> the needs of the environment where I work.

I don't see why not. Whenever these users access files on
a Samba server they're doing it as a uid the Samba server
knows about, so what is the problem ? Yes if they look at
the ACLs on a file they will see users local to the Samba
server as entries, but that's exactly what the ACLs on the
Samba server represent.


Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.

More information about the samba-technical mailing list