Security Identifier (SID) to User Identifier (uid) ResolutionSystem

Luke Kenneth Casson Leighton lkcl at
Thu Dec 30 20:36:55 GMT 1999

> Tell me this. Why does NT restrict machines to be in one
> domain if it is so simple to understand ? Now I know it looks

workstations are considered to be users.  therefore, workstatinos are also
restricted to being in one domain.  workstatinos can therefore only have a
trust relationship with one PDC.  this is a _good_ thing, as you can limit
network traffic and restrict user access etc...

> like I'm using the "NT doesn't do it, so we can't" argument
> (which would be a fallacy), but what you are proposing it
> simply :
> "We *can* do this, so we *should*".
> You make this assumption a lot :-).

yes i do, and proud of it.  wouldn't have it any other way.

actually, there is one other proviso: if the implementation and management
is simple and small, and the benefits and scope is large, i'll be more
interested in doing it.

More information about the samba-technical mailing list