Am 27.09.19 um 08:50 schrieb Steve French: > On Fri, Sep 27, 2019 at 1:44 AM Stefan Metzmacher <metze@xxxxxxxxx> wrote: >> >> Am 27.09.19 um 08:39 schrieb Steve French via samba-technical: >>> Is there a way to get the SID of the user out of the MS-PAC through >>> Samba utils (or winbind)? >>> >>> This would help cifs if when we upcall as we do today to get the >>> kerberos ticket, we were also given the user's SID not just the ticket >>> to use to send to the server during session setup. >> >> Only if you get a service ticket for the joined client machine. >> >> But I don't understand what a possible use case would be. > > When not mounting with "idsfromsid" this would allow us to use the > correct owner SID when creating ACLs (to include the owner and mode) > on mkdir and filecreate (the acl can be sent in the sd_context during > create) Maybe CREATOR_GROUP and CREATOR_OWNER are of some use for that... metze
Attachment:
signature.asc
Description: OpenPGP digital signature