Security Identifier (SID) to User Identifier (uid) ResolutionSystem
Luke Kenneth Casson Leighton
lkcl at samba.org
Thu Dec 30 05:36:52 GMT 1999
On Wed, 29 Dec 1999, Jeremy Allison wrote:
> Luke Kenneth Casson Leighton wrote:
> >
> > On Tue, 28 Dec 1999, Jeremy Allison wrote:
> >
> > > Ok, let me explain *why* I am fighting tooth and nail to
> > > keep Luke's SID mapping table out of Samba.
> > >
> > > It is simply the wrong place to put such a thing.
> > >
> > > If we step back and look at the actual problem we are
> > > trying to solve, then we see that hacking Samba with
> > > mapping tables is the wrong approach.
> >
> > firstly, it's not a hack. if it _can_ be defined to be a hack, it's a
> > hack that needs to sit on top of _all_ posix-compliant software that also
> > wishes to be NT-domain-compliant. that includes absolutely anyone. sun,
> > syntax, at & t, sco, absolutely everyone needs to implement the functional
> > equivalent of a SURS table. the open source projects i know of that need
> > to implement the functional equivalnt of a SURS tabhle are:
> >
> > - pam_ntdom
> >
> > - winbind
> >
> > - samba
> >
> > - pam_smb
>
> This is incorrect.
>
> The only place this needs to be done is in winbind. All
> the other functions use the *standard* POSIX getpw[nam/uid]
> get calls.
>
> *ONLY WINBIND* needs to be aware of SID -> uid/gid mapping.
> All others do not.
he he :-) let me find a floppy so i can transfer the stuff i've been
writing off-line.
i think i'll ahve to write it up as another section in the SURS document,
but i want to run it by you, first.
More information about the samba-technical
mailing list