[Samba] RE: SID resolution to Username

Gerald (Jerry) Carter jerry at samba.org
Tue Apr 10 12:26:11 GMT 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Diego Alencar Alves de Lima wrote:
> Did you set up the trust both ways (i.e. they both trust 
> and are trusted by the other domain)?

For the record, Windows allows a DC to translate SIDs/names
with only a one-way, outgoing trust in place.  So you don't
have to have a two way trust.

>> When I add an user of each domain to the permissions of 
>> a file on a windows machine (W2k, WXP), it shows for
>> them DOMAIN\USERNAME. Everything> is fine. But when
>> i close the permission window and reopen it, then the
>> user out of the trusted domain is only shown as SID. 
>> The one of the own domain is resolved fine. This
>> happens on clients of both domains.

First suggestion is to take a network trace and see
who the client is sending the LsaLookupSids() call to
and figure out why that is failing.





cheers, jerry
=====================================================================
Samba                                    ------- http://www.samba.org
Centeris                         -----------  http://www.centeris.com
"What man is a man who does not make the world better?"      --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGG4JjIR7qMdg1EfYRAujYAJ9pg7TgRsni++t4RuF5liYff/xoWACfWOEl
FR4uKHRbhRpSERK2hEUErAk=
=fTWp
-----END PGP SIGNATURE-----


More information about the samba mailing list