Re: Getting the SID of the user out of the PAC ...

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Am 27.09.19 um 08:50 schrieb Steve French:
> On Fri, Sep 27, 2019 at 1:44 AM Stefan Metzmacher <metze@xxxxxxxxx> wrote:
>>
>> Am 27.09.19 um 08:39 schrieb Steve French via samba-technical:
>>> Is there a way to get the SID of the user out of the MS-PAC through
>>> Samba utils (or winbind)?
>>>
>>> This would help cifs if when we upcall as we do today to get the
>>> kerberos ticket, we were also given the user's SID not just the ticket
>>> to use to send to the server during session setup.
>>
>> Only if you get a service ticket for the joined client machine.
>>
>> But I don't understand what a possible use case would be.
> 
> When not mounting with "idsfromsid" this would allow us to use the
> correct owner SID when creating ACLs (to include the owner and mode)
> on mkdir and filecreate (the acl can be sent in the sd_context during
> create)

Maybe CREATOR_GROUP and CREATOR_OWNER are of some use for that...

metze


Attachment: signature.asc
Description: OpenPGP digital signature


[Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux