Can anyone confirm that SID -> name lookup with a trusted domain is broken? Thanks Daniel
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Beschorner Daniel wrote:> Can anyone confirm that SID -> name lookup with > a trusted domain is broken?Works fine for a Samba DC trusted Windows 2003 AD: $ wbinfo -m AQUA COLOR $ wbinfo -n 'COLOR\gcarter' S-1-5-21-3493585492-4029240144-3226775320-1168 User (1) $ bin/wbinfo -s S-1-5-21-3493585492-4029240144-3226775320-1168 COLOR\gcarter 1 For Windows 2003 AD trusting Windows 2000 AD domain: $ wbinfo -m AD VALE SAIL COLOR $ wbinfo -n AD+gcarter S-1-5-21-3234968684-14787312-124015166-1828 User (1) $ wbinfo -s S-1-5-21-3234968684-14787312-124015166-1828 AD+gcarter 1 cheers, jerry ====================================================================Samba ------- http://www.samba.org Centeris ----------- http://www.centeris.com "What man is a man who does not make the world better?" --Balian -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFEs8bkIR7qMdg1EfYRAg+PAJ9pH14QqxCrxywt2/BH6LmV7ZoADgCfWiBt MpFBHsmlWeTl7iQcJPG0v/4=tqxq -----END PGP SIGNATURE-----
>> Beschorner Daniel wrote: >> Can anyone confirm that SID -> name lookup with >> a trusted domain is broken?> Works fine for a Samba DC trusted Windows 2003 AD:Jerry, thank you for checking this! But we don't use winbindd, so I don't even got the wbinfo command. I simply add an ACL entry from the trusted domain to a harddisk file per security tab. When I open the dialog window again I just see the SID of the foreign user. The level 10 log simply says "not mapped", I can see no effords to lookup the SID through the foreign DC. Daniel