samba - Nov 2005 - Can samba map between existing Windows (SID) users and existing unix (UID) users

Hi again,

This is a follow up to a previous e-mail, but no luck so I have done 
some more digging.
I don't understand why it is so difficult to map between a existing user 
on a Windows Server (SID)
and an existing user on a Unix/Solaris (UID) user, since all information 
is available?

unix# /usr/local/samba/bin/wbinfo -n andrew
S-1-5-21-1984182827-583073959-8547516-2056 User (1)

unix# tail log.smbd
smbd/service.c:make_connection_snum(662)   labpc50 (193.61.28.22) 
connect to service tmp initially as user andrew (uid=102, gid=10) (pid 
25375)
smbd/posix_acls.c:create_canon_ace_lists(1405) create_canon_ace_lists: 
unable to map SID S-1-5-21-1984182827-583073959-8547516-2056 to uid or gid.

As the above shows that when I mount a share from Windows XP it knows my 
username and UID, but when I try to add some security to a file on that 
share it complains that is can not match SID S-1-5-21........-2056 with 
any UID, but "wbinfo" can get this information.

Can I ask again how can I tell samba to map this information?
    SID S-1-5-21-1984182827-583073959-8547516-2056  ==  uid=102

# cat smb.conf
[global]
        debuglevel = 1
        comment = %h Samba %v
        server string = %h Samba %v
        workgroup = DCSNT
        hosts allow = 193.61.29. 193.61.28. 193.61.44.
        hosts deny = 0.0.0.0/0
        locking = yes
        password level = 10
        domain master = no
        local master = no
        os level = 80
        wins support = no
        wins server = 193.61.29.179
        password server = pcserver1 pcserver2
        security = domain
        encrypt passwords = yes
        preserve case = yes
        short preserve case = yes
        nt acl support = Yes
        winbind trusted domains only = yes

[homes]
        path = %S
        browseable = no
        guest ok = no
        read only = no

Thanks

Andrew

On Tuesday 01 November 2005 14:28, Andrew Watkins wrote:
> Hi again,
>
> This is a follow up to a previous e-mail, but no luck so I have done
> some more digging.
> I don't understand why it is so difficult to map between a existing
user
> on a Windows Server (SID)
> and an existing user on a Unix/Solaris (UID) user, since all information
> is available?
>
> unix# /usr/local/samba/bin/wbinfo -n andrew
> S-1-5-21-1984182827-583073959-8547516-2056 User (1)
>
> unix# tail log.smbd
> smbd/service.c:make_connection_snum(662)   labpc50 (193.61.28.22)
> connect to service tmp initially as user andrew (uid=102, gid=10) (pid
> 25375)
> smbd/posix_acls.c:create_canon_ace_lists(1405) create_canon_ace_lists:
> unable to map SID S-1-5-21-1984182827-583073959-8547516-2056 to uid or gid.
>
> As the above shows that when I mount a share from Windows XP it knows my
> username and UID, but when I try to add some security to a file on that
> share it complains that is can not match SID S-1-5-21........-2056 with
> any UID, but "wbinfo" can get this information.
>
> Can I ask again how can I tell samba to map this information?
>     SID S-1-5-21-1984182827-583073959-8547516-2056  ==  uid=102
>
> # cat smb.conf
> [global]
>         debuglevel = 1
>         comment = %h Samba %v
>         server string = %h Samba %v
>         workgroup = DCSNT
>         hosts allow = 193.61.29. 193.61.28. 193.61.44.
>         hosts deny = 0.0.0.0/0
>         locking = yes
>         password level = 10
>         domain master = no
>         local master = no
>         os level = 80
>         wins support = no
>         wins server = 193.61.29.179
>         password server = pcserver1 pcserver2
>         security = domain
>         encrypt passwords = yes
>         preserve case = yes
>         short preserve case = yes
>         nt acl support = Yes
>         winbind trusted domains only = yes
Try: winbind trusted domains only = No

- John T.
>
> [homes]
>         path = %S
>         browseable = no
>         guest ok = no
>         read only = no
>
> Thanks
>
> Andrew
-- 
John H Terpstra
Samba-Team Member
Phone: +1 (650) 580-8668

Author:
The Official Samba-3 HOWTO & Reference Guide, 2 Ed., ISBN: 0131882228
Samba-3 by Example, 2 Ed., ISBN: 0131882221X
Hardening Linux, ISBN: 0072254971
Other books in production.