[PATCH] lookupsids for domain sids

Christian Ambach ambi at samba.org
Mon Sep 23 21:01:27 CEST 2013

Hi Michael,

Am 18.09.13 10:03, schrieb Michael Adam:
> Hi list,
> I found that the s4 dc does not reply correctly to a lookupsids
> request for the domain sid:
> We should reply with sid type DOMAIN (3) and the name string set
> to NULL.
> Instead we reply with sid type UNKNOWN (8) and the input sid
> as the name string.
> The attached patch fixes that in s4's rpc-server.
> The second patch improves the output of the rpcclient tool's
> lookupsids implementation in that case (printing DOMAIN_NAME
> instead of DOMAIN_NAME\*unknown*).
> I don't quite understand yet, what our "lsalookup" test does,
> or more precisely why the server patch does not change the
> test result of this test...
> So this needs more investigation, but I wanted to share the
> finding already at this stage.

I think a test that detects any further breakage is a must and if the 
current test did not detect this, it was not sufficient and should be 
If we take this patch now, it'll be out of sight soon and might come up 
again some time in the future.


More information about the samba-technical mailing list