[Samba] RE: SID resolution to Username

Gerald (Jerry) Carter jerry at samba.org
Tue Apr 10 12:26:11 GMT 2007

Hash: SHA1

Diego Alencar Alves de Lima wrote:
> Did you set up the trust both ways (i.e. they both trust 
> and are trusted by the other domain)?

For the record, Windows allows a DC to translate SIDs/names
with only a one-way, outgoing trust in place.  So you don't
have to have a two way trust.

>> When I add an user of each domain to the permissions of 
>> a file on a windows machine (W2k, WXP), it shows for
>> them DOMAIN\USERNAME. Everything> is fine. But when
>> i close the permission window and reopen it, then the
>> user out of the trusted domain is only shown as SID. 
>> The one of the own domain is resolved fine. This
>> happens on clients of both domains.

First suggestion is to take a network trace and see
who the client is sending the LsaLookupSids() call to
and figure out why that is failing.

cheers, jerry
Samba                                    ------- http://www.samba.org
Centeris                         -----------  http://www.centeris.com
"What man is a man who does not make the world better?"      --Balian
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


More information about the samba mailing list