[Samba] sid_to_uid: Domain controller lookup missing
Andrew Bartlett
abartlet at samba.org
Sat Sep 14 03:49:01 GMT 2002
Christopher Odenbach wrote:
>
> Hi,
>
> trying to investigate my xfs-acl problem I think I have found the
> missing part:
>
> In smbd/uid.c the function "sid_to_uid" resolves SIDs to unix user
> names. This is done as follows:
>
> - First the domain part of the SID is compared to the local domain (if
> the SID belongs to the samba server it can be resolved locally)
> - In any other cases winbindd is asked
>
> This works well if the samba server is the domain controller, but it
> seems to fail when an NT 4 Server is used as password server.
>
> So I suppose there is one step missing in between: If the domain part
> of the SID is equal to the domain name (set by the workgroup parameter)
> ask a PDC or BDC (set by the password server parameter or magically
> found out with *).
This is what winbind does. smbd asks winbind, winbind asks the relevent
DC.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba
mailing list