[Samba] Can samba map between existing Windows (SID) users and existing unix (UID) users

Andrew Watkins andrew at dcs.bbk.ac.uk
Tue Nov 1 21:28:25 GMT 2005

Hi again,

This is a follow up to a previous e-mail, but no luck so I have done 
some more digging.
I don't understand why it is so difficult to map between a existing user 
on a Windows Server (SID)
and an existing user on a Unix/Solaris (UID) user, since all information 
is available?

unix# /usr/local/samba/bin/wbinfo -n andrew
S-1-5-21-1984182827-583073959-8547516-2056 User (1)

unix# tail log.smbd
smbd/service.c:make_connection_snum(662)   labpc50 ( 
connect to service tmp initially as user andrew (uid=102, gid=10) (pid 
smbd/posix_acls.c:create_canon_ace_lists(1405) create_canon_ace_lists: 
unable to map SID S-1-5-21-1984182827-583073959-8547516-2056 to uid or gid.

As the above shows that when I mount a share from Windows XP it knows my 
username and UID, but when I try to add some security to a file on that 
share it complains that is can not match SID S-1-5-21........-2056 with 
any UID, but "wbinfo" can get this information.

Can I ask again how can I tell samba to map this information?
    SID S-1-5-21-1984182827-583073959-8547516-2056  ==  uid=102

# cat smb.conf
        debuglevel = 1
        comment = %h Samba %v
        server string = %h Samba %v
        workgroup = DCSNT
        hosts allow = 193.61.29. 193.61.28. 193.61.44.
        hosts deny =
        locking = yes
        password level = 10
        domain master = no
        local master = no
        os level = 80
        wins support = no
        wins server =
        password server = pcserver1 pcserver2
        security = domain
        encrypt passwords = yes
        preserve case = yes
        short preserve case = yes
        nt acl support = Yes
        winbind trusted domains only = yes

        path = %S
        browseable = no
        guest ok = no
        read only = no



More information about the samba mailing list