[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Can someone explain SIDs?

It is an "on-the-fence" topic between Samba and LDAP. It has to do with running a Samba PDC which is one of the primary uses of LDAP. Problem is that if one does not understand the relationship between rids and sids, then one cannot correct defficiencies in one's LDAP database structure that prevent the PDCs operation.

I've noticed that many have been asking in this particular direction on both the Samba list and the OpenLDAP lists. No one is answering in either case. My intent is to get the answer and cross post it or see that it gets added to the FAQs.

Jim C.

Peter Marschall wrote:

On Tuesday 07 January 2003 04:06, Jim C wrote:

I have some sort of mapping problem between SIDs and and user accounts.
 The exact error on the XP client is:

"No mapping between account names and security IDs was done."

I believe I can figure this out on my own if someone will explain the
relationship to me. :-)

you may not get ans answer bacause SIDs don't have anything to do with

SIDs are the identifiers that idientify a Windows user / group internally.
So they are a bit similar to UIDs in Unix..
No matter how the account name is and changes, the SID stays always the same.
SIDs are the identifiers that are stored in ACLs, in groups for the members, ...

The error message is a pure Windows error message.
It tells that your client was not able to translate SIDs to Account names
because the account yopu are logged in with does not have enough plivileges.
I only stumbled over this error message when dealing with more than one NT

For more information I have to refer you to MS since this is all I found out
using UNIX tools and guessing (I never programmed in the M$ API).