Security Identifier (SID) to User Identifier (uid) ResolutionSystem

Luke Kenneth Casson Leighton lkcl at
Sun Jan 2 11:17:35 GMT 2000

> pretty much devolves into string comparison, which is slower than
> comparing two numbers the size of your current CPU architecture (32/64
> bits), unless the strings are limited to that size themselves (giving us
> no improvements...).
> To use the current example, imagine comparing SIDs as a speed comparison
> vs. uid/gids.  This isn't really a major drag (NT gets away with it...),
> but it is a small performance hit (your news server will know the
> difference, as will real-time apps which do file or device access). Some

permission checks are only done on the following operations:

- file create

- file open

- file take ownership

also, does anyone know any really good nt kernel gurus/hackers to ask the
following question: does NT has some sort of internal virtual
representation for users in order to avoid having to compare SIDSs?  i
_do_ know that  they use a LUID (local uid) in the LSA (local security
authority), but i think tis only has significance to each LSA instance,
not to the kernel.

More information about the samba-technical mailing list