Enumerating Unix users and groups from Windows

Corinna Vinschen corinna at vinschen.de
Wed Jul 23 17:19:50 GMT 2008


On Jul 23 18:25, Volker Lendecke wrote:
> On Wed, Jul 23, 2008 at 12:30:35PM +0200, Corinna Vinschen wrote:
> > when I want to know the user/group name <-> SID mapping of the UNIX user
> > and groups (The ones with SIDs S-1-22-1, S-1-22-2), I can call
> > LookupAccountSid and LookupAccountName just fine from Windows. 
> 
> S-1-22-x is just a workaround for accounts not in smbpasswd
> or pdb_something. Right now we don't have a capability to
> list all unix accounts. While it should be possible
> RPC-wise, i.e. do a samr_opendomain on s-1-22-1, it is not
> implemented yet, and I don't know if this would be available
> via the Win32 NetUser API. I doubt that that API expects
> more than one SAM on a server.

Thanks for the reply.  I was just puzzled since I had expected that
the UNIX user accounts are simply part of the same enumeration and
automatically returned by NetUserEnum if no filter is set and, say,
NetLocalGroupEnum.

It's also sot of weird that LookupAccountName works, but NetUserGetInfo
doesn't.


Corinna


More information about the samba-technical mailing list