Need to map SIDs for unknown users

Andrew Bartlett abartlet at
Sat Jul 12 15:29:09 GMT 2003

Just a quick note about out current SID->UID scheme since this week's

As I read it, we will only allocate a SID for a user that exists in
winbind - ie, a user in a trusted domian, with a currectly active DC.

This presents a major issue for NAS devices, which often have to deal 
with down DCs, but also with 'foreign sids' - sids from a user's 
workstation and the like, that we can never see via winbind.  

The previous 3.0 code allowed this to work, usually guessing that a gid
was most appropriate.  While not the best solution, as long as we never
actually see that user at login, it's fine.

Fixing this should just be a matter of fixing the code in smbd/uid.c, rather
than a major redesign.  

Andrew Bartlett

More information about the samba-technical mailing list