New group mapping and the auth subsystem

Jean Francois Micouleau Jean-Francois.Micouleau at
Sun Dec 2 13:14:01 GMT 2001

On Mon, 3 Dec 2001, Tim Potter wrote:

> On Sun, Dec 02, 2001 at 11:42:31AM +0100, Jean Francois Micouleau wrote:
> > you can get the list of SIDs of an arbitrary user !
> Well kind-of.  Winbindd uses the SAMR getusergroups function to get
> a list of groups the user is a member of.  Unfortunately it doesn't
> return any Windows 2000 Universal Groups the user is a member of.

because samr_getusergroups is mis-named.

it should be samr_getuserDOMAINgroups. It returns only the domain groups
the user is member of. I checked that less than 24 hours ago.

If you want the local groups (aliases), the user is member of, you need to
call samr_getuseraliases.

now for the universal groups, I don't know. I'm not even sure you can get
them with an rpc samr call. I could investigate.


More information about the samba-technical mailing list