Enumerating Unix users and groups from Windows

Volker Lendecke Volker.Lendecke at SerNet.DE
Fri Jul 25 14:28:19 GMT 2008

On Thu, Jul 24, 2008 at 10:54:36AM +0200, Corinna Vinschen wrote:
> For instance, when you call NetLocalGroupEnum on a Windows machine, you
> get a list which contains accounts from different "domains" and with
> different base SIDs, too.  Calling LookupAccountName afterwards shows
> that clearly:
>   NetLocalGroupEnum (MACHINE); LookupAccountName (Name)
>   Name		      RID   Domain  SID
>   -----------------  ----   ------- -------------------------------
>   Administrators      544   BUILTIN S-1-5-32-544
>   Backup Operators    551   BUILTIN S-1-5-32-551
>   Guests	      546   BUILTIN S-1-5-32-546
>   [...]
>   Users		      545   BUILTIN S-1-5-32-545
>   HelpServicesGroup  1001   MACHINE S-1-5-21-12345-67890-76543-1001
> So it enumerates BUILTIN accounts as well as MACHINE accounts.
> Samba could return the unix groups as local groups as well:

Well, not quite. Windows always has its SAM (the
S-1-5-21-12345-6... thingy), and S-1-5-32-xx. Samba does
this as well, so you should see the same output from a Samba
box. Those two domains are expected by the Win32 client API,
not more. We could try to experiment what Windows says when
we expand the samr_EnumDomains RPC call. What's the easiest
way to call the NetEnumUsers API call? Some vbs script? :-)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20080725/a3ff57b8/attachment.bin

More information about the samba-technical mailing list