Security Identifier (SID) to User Identifier (uid) ResolutionSystem
Luke Kenneth Casson Leighton
lkcl at samba.org
Thu Dec 30 22:00:07 GMT 1999
> > > >
> > > > and what happens when you select a samba server in show-users from an NT
> > > > workstation?
> > > >
> > > > yes, this is possible.
> > > >
> > >
> > > Only if the samba server is the DC (or trusted DC) of the machine
> > > whose file you're manipulating. Those are the only machines you can
> > > show users from. Which is as it should be, because those are the only
> > > accounts that the machine can authenticate. The GUI is smart enough
> > > to limit your choices to those that actually make sense.
> >
> > are you sure? and what a bout cacls.exe?
>
> Yes, I'm sure (about the GUI); it's been true for years. I don't know
> about cacls. Nothing stops you from putting bogus SIDs in ACLs at the
> API level, so it's possible that cacls might let you do it. If it
> does, though, those ACEs would be total deadweight, as noone could
> authenticate as one of those accounts.
>
>
> Todd
>
i'm thinking of using cacls (or the GUI, but you tell me it can't be done)
to add a _valid_ SID on some arbitrarily selected workstation. for files
access on a nother local workstation.
More information about the samba-technical
mailing list