On Sunday 14 August 2005 18:40, Moondance Foxmarnick wrote: > When you say: " Every instance in SMB world has to have its own SID " > Does that mean that on top of every logon, say- for each folder connection, > a SID is generated?
No. A SID represents a security context. For example, every Windows machine has local accounts within the security context of the local machine which has a unique SID. Every domain (NT4, ADS, Samba) contains accounts that exist within the domain security context which is defined by the domain SID. A domain member server will have a SID that differs from the domain SID. The domain member server can be configured to regard all domain users as local users. It can also be configured to recognize domain users and groups as non-local. SIDs are persistent. > And if so, is this a temporary SID like a token for the session, or is it > stored internally to SAMBA? The Samba domain and machine SIDs are stored in /etc/samba/secrets.tdb. You can view the contents of this file using tdbdump. PS: I have updated the PDC Chapter to provide a more detailed explanation of the relationship between the RID and the SID. The on-line version of the HOWTO should reflect this change within 48 hours. - John T. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
