[EMAIL PROTECTED] wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > - Also, I wanted to be sure we always got correct uid->sid and sid->uid > > mapping for the guest user. I wanted an NT ACL to be able to include > > this 'well known' user, and have it behave as expected. While *most* > > cases inside Samba now use just the NT_TOEKN generated at login time, we > > still make one up from uid/gid/groups in a number of cases. I wanted to > > ensure as much as possible that the 2 tokens are identical. > > Do you have a pattern to look for? I would like to look at those > cases.
security=share, force user, force guest. These all currently recreate an NT_TOKEN from the current group list. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net