Security Identifier (SID) to User Identifier (uid) ResolutionSystem
Leslie M. Barstow III
phoenix at faerealm.com
Thu Dec 30 02:18:09 GMT 1999
On Thu, 30 Dec 1999, Luke Kenneth Casson Leighton wrote:
> i like the idea of being able to use winbind to store a unix user's home
> directory location :) who needs a c:\ drive3, anyway? :-)
Winbind will *have* to do this unless we don't want user home directories.
However, getting returned a password entry like:
jblow:x:5042:10://lame-nt/homes/jblow://lame-nt/logins/jblow.bat
would probably be less than useful :-).
Winbind would have to be responsible for returning a reasonable shell and
home directory (it could go so far as to automount the listed directory).
> > Re: the sid2*() call: I think the unified call proposed by Luke is more
> > appropriate than Nico's - you really can't tell in an ACL if the SID
> > refers to a group or to a user (or a machine). Having to code two calls
> > is more of a pain for developers in the long run.
>
> ok, been thinking about this some more.
>
> do we want this:
>
> int sid2posix(SID sid, enum *gid_or_uid, uint32/64 posix_id);
>
> or do we want this:
>
> int sid2posix(SID sid, uint32/64 posix_id);
>
> because if you do, then you need to do LsaLookupSids(SID, enum *sid_type,
> char* name) and you will get a SID_NAME_USER or SID_NAME_GROUP or
> SID_NAME_ALIAS back, and you have to determine that, ok, it's a
> SID_NAME_USER therefore the posix_id can be typecast to a uid_t.
Actually, I think I like Nico's latest approach:
int sid2posix(SID sid, SIDtype_t type, posix_id_t posix_id);
enum the valid SID types, and you have a call that both identifies the
type of SID and does the translation...
--
Leslie M. Barstow III | http://www.faerealm.com/phoenix
phoenix at faerealm.com | Linux and Apple][GS links: computers/
PGP key at www.pgp.com | Fight junk e-mail abuse!: computers/spam/
Wow! It all fits. |
More information about the samba-technical
mailing list