[Samba] sid_to_uid: Domain controller lookup missing

Andrew Bartlett abartlet at samba.org
Sat Sep 14 03:49:01 GMT 2002

Christopher Odenbach wrote:
> Hi,
> trying to investigate my xfs-acl problem I think I have found the
> missing part:
> In smbd/uid.c the function "sid_to_uid" resolves SIDs to unix user
> names. This is done as follows:
> - First the domain part of the SID is compared to the local domain (if
> the SID belongs to the samba server it can be resolved locally)
> - In any other cases winbindd is asked
> This works well if the samba server is the domain controller, but it
> seems to fail when an NT 4 Server is used as password server.
> So I suppose there is one step missing in between: If the domain part
> of the SID is equal to the domain name (set by the workgroup parameter)
> ask a PDC or BDC (set by the password server parameter or magically
> found out with *).

This is what winbind does.  smbd asks winbind, winbind asks the relevent

Andrew Bartlett

Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net

More information about the samba mailing list