Do SID and UID mapping need to be one-to-one ?

Gerald (Jerry) Carter jerry at
Wed Nov 8 03:59:00 GMT 2006

Shlomi Yaakobovich wrote:

> There are cases I can imagine (e.g - user mapping) where 
 > I can see a need for many-to-one SID to UID mappings
 > (although, UID to SID mappings should remain one-to-one),
 > for instance, if I have:
> UNIX users a
> Windows users DOM+a, DOM+b

We don't support this in the general sense in Winbindd.
We need to be able to derive the name/SID/uid of a user
given only piece of the triple.  And the mapping must
be symmetric.

> SID(DOM+b)->UID(a)
> SID(DOM+a)->UID(a)
> UID(a)->SID(DOM+a)/SID(DOM+b) (doesn't really 
 > matter, I'd keep "last logged on")

I don't see how keeping the last one user helped here.
A simple interleaving of getpwuid() requests while both users
are connected would break your solution.  You might be
able to do what your prop=ose in specific environments
or configurations, but not in the general sense.  And
we have to keep the release code working for various

Hope this helps.

cheers, jertry
Samba                                    -------
Centeris                         -----------
"What man is a man who does not make the world better?"      --Balian

More information about the samba-technical mailing list