generic ACL interface (RFC)
Luke Kenneth Casson Leighton
lkcl at switchboard.net
Wed Jul 28 18:14:20 GMT 1999
> 2. after what Luke said, I'm not sure the SIDs should be in there
> anyway. However, if they are, it's not unreasonable to store both the uid
> and its associated SID in the ACE when possible, to avoid excess lookups,
> and in cases where an SID may not actually map to a uid.
with the "appliance mode", it will map to a uid, but there may be no
username associated with that uid in /etc/passwd (or equiv).
making sure that we jump to "nt semantics" out of "unix semantics" asap
whilst still maintaining a direct monotonic relationship between unix and
its nt representation (instead of the other way round) ensures the
integrity of the "nt world", which is what SMBs and MSRPC is all about.
it's not as if samba mostly serves unix clients, after all.
oo, a reply from jeremy on this subject came in, let's see if i've been
shot down in flames :-)
More information about the samba-technical