S-1-5-21-Local-SAM-SID-513 -> LOCAL-SAM-NAME\None

Jeremy Allison jra at samba.org
Fri Aug 7 16:51:10 UTC 2020


On Fri, Aug 07, 2020 at 09:37:43AM -0700, Jeremy Allison via samba-technical wrote:
> On Fri, Aug 07, 2020 at 06:25:32PM +0200, Ralph Boehme wrote:
> > Howdy!
> > 
> > Can anyone explain this little peace of insanity?
> > 
> > <https://git.samba.org/samba.git/?p=samba.git;a=blob;f=source3/passdb/pdb_interface.c;h=03aa4ff8472198a4600797073cbcc97b5ac93467;hb=HEAD#l1840>
> > 
> > Cheers!
> 
> OK, what it looks like is a call that can *never* fail
> on Windows - e.g. looking up S-1-5-[LOCAL-DOMAIN-PREFIX]-513
> must *always* map to "Domain Users" group.
> 
> To make it not fail in the passb we map it to the name
> "None", so there is a valid name to return.

As in, "make it not fail in passdb if there was no
actual UNIX group mapped to RID-513" for clarity.



More information about the samba-technical mailing list