[Samba] Can samba map between existing Windows (SID) users and existing unix (UID) users

John H Terpstra jht at samba.org
Tue Nov 1 22:35:14 GMT 2005 

On Tuesday 01 November 2005 14:28, Andrew Watkins wrote:
> Hi again,
>
> This is a follow up to a previous e-mail, but no luck so I have done
> some more digging.
> I don't understand why it is so difficult to map between a existing user
> on a Windows Server (SID)
> and an existing user on a Unix/Solaris (UID) user, since all information
> is available?
>
> unix# /usr/local/samba/bin/wbinfo -n andrew
> S-1-5-21-1984182827-583073959-8547516-2056 User (1)
>
> unix# tail log.smbd
> smbd/service.c:make_connection_snum(662)   labpc50 (193.61.28.22)
> connect to service tmp initially as user andrew (uid=102, gid=10) (pid
> 25375)
> smbd/posix_acls.c:create_canon_ace_lists(1405) create_canon_ace_lists:
> unable to map SID S-1-5-21-1984182827-583073959-8547516-2056 to uid or gid.
>
> As the above shows that when I mount a share from Windows XP it knows my
> username and UID, but when I try to add some security to a file on that
> share it complains that is can not match SID S-1-5-21........-2056 with
> any UID, but "wbinfo" can get this information.
>
> Can I ask again how can I tell samba to map this information?
>     SID S-1-5-21-1984182827-583073959-8547516-2056  ==  uid=102
>
> # cat smb.conf
> [global]
>         debuglevel = 1
>         comment = %h Samba %v
>         server string = %h Samba %v
>         workgroup = DCSNT
>         hosts allow = 193.61.29. 193.61.28. 193.61.44.
>         hosts deny = 0.0.0.0/0
>         locking = yes
>         password level = 10
>         domain master = no
>         local master = no
>         os level = 80
>         wins support = no
>         wins server = 193.61.29.179
>         password server = pcserver1 pcserver2
>         security = domain
>         encrypt passwords = yes
>         preserve case = yes
>         short preserve case = yes
>         nt acl support = Yes
>         winbind trusted domains only = yes

Try: winbind trusted domains only = No

- John T.

>
> [homes]
>         path = %S
>         browseable = no
>         guest ok = no
>         read only = no
>
> Thanks
>
> Andrew

-- 
John H Terpstra
Samba-Team Member
Phone: +1 (650) 580-8668

Author:
The Official Samba-3 HOWTO & Reference Guide, 2 Ed., ISBN: 0131882228
Samba-3 by Example, 2 Ed., ISBN: 0131882221X
Hardening Linux, ISBN: 0072254971
Other books in production.

More information about the samba mailing list