New group mapping and the auth subsystem
Jean Francois Micouleau
Jean-Francois.Micouleau at dalalu.fr
Sun Dec 2 13:14:01 GMT 2001
On Mon, 3 Dec 2001, Tim Potter wrote:
> On Sun, Dec 02, 2001 at 11:42:31AM +0100, Jean Francois Micouleau wrote:
>
> > you can get the list of SIDs of an arbitrary user !
>
> Well kind-of. Winbindd uses the SAMR getusergroups function to get
> a list of groups the user is a member of. Unfortunately it doesn't
> return any Windows 2000 Universal Groups the user is a member of.
because samr_getusergroups is mis-named.
it should be samr_getuserDOMAINgroups. It returns only the domain groups
the user is member of. I checked that less than 24 hours ago.
If you want the local groups (aliases), the user is member of, you need to
call samr_getuseraliases.
now for the universal groups, I don't know. I'm not even sure you can get
them with an rpc samr call. I could investigate.
J.F.
More information about the samba-technical
mailing list