coding volunteers needed for msrpc server-side API conversion

Luke Kenneth Casson Leighton lkcl at
Fri Jan 28 17:19:22 GMT 2000

> > SamrLookupDomainInSamServer (SAMR_LOOKUP_DOMAIN in Samba): domain name in,
> > SID out.
> I know that one. (I actually wrote a wrapper in
> msrpc_samr.c for it.)
> I'm looking for the other way around:
> Domain-SID --> Domain-Name.
> something like this would be needed by lsarpcd's
> LookupSids, if lsarpcd is _completely_ "stupid" and doesn't
> cache _anything_.
> If lsarpcd would do caching, it of course could do
> sam_enum_domains, followed by sam_lookup_domain and keep
> the sids.

well, that only gives you th SAM domain names, MYSAMDBNAME and BUILTIN.
so you _stil_ have to have a system whereby you can obtain a list of
trusted domains.

hmmm... i wonder if it's in the SamPolicyQuery.  hmmm...

i will explore further.

elrond, if you have netmon and two pdcs, try running usrmgr.exe, join one
pdc to the other with trust relationships, and then pull up the "policy"
box a second time, it will send stuff over-the-wire to obtain a list of
trusted / trusting dcs.

More information about the samba-technical mailing list