On Thu, 20 Jun 2002, Nir L wrote: > > I am using samba 2.2.0 without winbind, using security = server. > The samba server is NOT a PDC. > I've set its password server to my PDC. > > I am writing an extention to samba, in order to let it get the ACL's of the shared >files from an external security managment product. The security management product >decides which DOMAIN users are authorized to which files. > The users belong to my NT_DOMAIN. > > I replace the fget_nt_acl and get_nt_acl functions, in order to return the acl's >according to the management product. > > The SID's that I return from these functions seem to be OK (I've checked them with >several utilities)/ > But somehow, when I choose file->properties->security, I can see the correct SID's , >but the SID's are NOT TRANSLATED to the account names in my domain. They remain in >their SID form (similar to an SID of a deleted user, if you've ever seen it...) > > This happen both on Win2K clients and WinNT 4.0 clients with the latest service >packs. > > Can anyone help me ?
I've seen this happen ... now, let me think, why was that. Are you sure they are domain sids and not local sids? Your samba server is a member of the domain? The client should ask the DC to translate the SIDs to names. I can't remember exactly why that was happening now, but I've seen it :-) Regards ----- Richard Sharpe, [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED]
