registry stuff

[Brian Roberson]

hi all,
been working on getting win95-98 boxes to use user level security,
validated via samba PDC (2.0.0beta2), 
works great, however I had to do some hard coding in the registry to get it
all to work, as you know, win95+ cannot see the user list yet from samba.
here is how I got around it, I thought maybe someone else may benefit from
my research. (digging:)

All the information in this document was derived solely by fat fingering
through the registry, 
I am 99.9% positive of the validity  of the statements made in this
document, if any of it is incorrect, I appologize, and where did you find
out? :-)
Brian Roberson
brian at bstc.net


USER LEVEL SECURITY ACCESS REG KEYS UNDER HKEY_LOCAL_MACHINE\Security\Access\

for a shared folder:

HKEY_LOCAL_MACHINE\Security\Access\$DRIVE\$FOLDER

USERS ARE A BINARY VALUE UNDER THE SHARED RESOURCE, IN THE FORMAT OF
$DOMAIN\USERNAME AND THE BINARY VALUE IS A 2 BYTE RESOURCE  DETERMINING THE
ACCESS ALLOWED TO RESOURCE,  AND GROUP INFO.
 
The first byte is for permisions. 

The second byte is for the group/user class, when set to 80h, this
represents a domain group, when set to 00h its user. If you have a binary
value named `*` with content of `81h 80h` , It shows as " The World " {Read
Only}. If you have a binary value named `$SOMENAME\$SOMEDOMAIN` with
content `81h 80h` it shows up as a group in the share properties, with
value set to `81h 00h` it shows as a sigle user in the share properties.



** ALL VALUES ARE IN HEX ( more legible to write 81 00 than 10000001
10000000 ) ***

[R]	READ FILES 
[W]	WRITE TO FILES 
[C]	CREATE FILES AND FOLDERS 
[D]	DELETE FILES 
[T]	CHANGE FILE ATTRIBUTES 
[F]	LIST FILES 
[A]	CHANGE ACCESS CONTROL  



USER SPECIFIC VALUES:

b7 00	-- FULL ACCESS   [RWCDTF]
81 00	-- READ ONLY     [RF]

CUSTOM SINGLE:

81 00	-- RD ONLY [R]
02 00	-- WR ONLY [W]
04 00	-- CREATE FILES [C]
10 00	-- DELETE FILES [D]
20 00	-- CHANGE FILE ATTRIBUTES [T]
80 00	-- LIST FILES [F]
40 00	-- CHANGE ACCESS CONTROL  [A]

CUSTOM MULTIPLE {2} :

03 00	-- [RW]
05 00	-- [RC]
11 00	-- [RD]
21 00	-- [RT]
81 00	-- [RF]   
41 00	-- [RA]
06 00	-- [WC]
12 00	-- [WD]
22 00	-- [WT]
82 00	-- [WF]
42 00	-- [WA]
14 00	-- [CD]
24 00	-- [CT]
84 00	-- [CF]
44 00	-- [CA]
30 00	-- [DT]
90 00	-- [DF]
50 00	-- [DA]
a0 00	-- [TF]
60 00	-- [TA]

CUSTOM MULTIPLE {3}:

70 00	-- [RWC]
13 00	-- [RWD]
23 00	-- [RWT]
83 00	-- [RWF]
43 00	-- [RWA]
15 00	-- [RCD]
25 00	-- [RCT]
85 00	-- [RCF]
45 00	-- [RCA]
31 00	-- [RDT]
91 00	-- [RDF]
51 00	-- [RDA]
a1 00	-- [RTF]
61 00	-- [RTA]
c1 00	-- [RFA]
16 00	-- [WCD]
26 00	-- [WCT]
86 00	-- [WCF]
46 00	-- [WCA]
32 00	-- [WDT]
92 00	-- [WDF]
52 00	-- [WDA]
a2 00	-- [WTF]
62 00	-- [WTA]
c2 00	-- [WFA]
34 00	-- [CDT]
94 00	-- [CDF]
54 00	-- [CDA]
a4 00	-- [CTF]
64 00	-- [CTA]
c4 00	-- [CFA]
b0 00	-- [DTF]
70 00	-- [DTA]
d0 00	-- [DFA]
e0 00	-- [TFA]

CUSTOM MULTIPLE {4}

17 00	-- [RWCD]
27 00	-- [RWCT]
87 00	-- [RWCF]
47 00	-- [RWCA]
33 00	-- [RWDT]
93 00	-- [RWDF]
53 00	-- [RWDA]
a3 00	-- [RWTF]
63 00	-- [RWTA]
c3 00	-- [RWFA]
36 00	-- [WCDT]
96 00	-- [WCDF]
56 00	-- [WCDA]
a6 00	-- [WCTF]
66 00	-- [WCTA]
c6 00	-- [WCFA]
b2 00	-- [WDTF]
72 00	-- [WDTA]
d2 00	-- [WDFA]
e2 00	-- [WTFA]
b4 00	-- [CDTF]
74 00	-- [CDTA]
e4 00	-- [CTFA]
f0 00	-- [DTFA]

CUSTOM MULTIPLE {5}

37 00	-- [RWCDT]
97 00	-- [RWCDF]
57 00	-- [RWCDA]
a7 00	-- [RWCTF]
67 00	-- [RWCTA]
c7 00	-- [RWCFA]
b3 00	-- [RWDTF]
73 00	-- [RWDTA]
d3 00	-- [RWDFA]
b3 00	-- [RWDTF]
73 00	-- [RWDTA]
e3 00	-- [RWTFA]
b6 00	-- [WCDTF]
76 00	-- [WCDTA]
d6 00	-- [WCDFA]
e6 00	-- [WCTFA]
f2 00	-- [WDTFA]
f4 00	-- [CDTFA]

CUSTOM MULTIPLE {6}

b7 00	-- [RWCDTF]
77 00	-- [RWCDTA]
d7 00	-- [RWCDFA]
e7 00	-- [RWCTFA]
f3 00	-- [RWDTFA]
f5 00	-- [RCDTFA]
f6 00	-- [WCDTFA]
 

here is an example key:
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

REGEDIT4

[HKEY_LOCAL_MACHINE\Security\Access]

[HKEY_LOCAL_MACHINE\Security\Access\G:]
"*"=hex:81,80

[HKEY_LOCAL_MACHINE\Security\Access\C:]

[HKEY_LOCAL_MACHINE\Security\Access\C:\temp]
"BST\\BRIAN"=hex:81,00
"BST\\Administrators"=hex:81,80


XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX





~~~~~~ Brian Roberson ~~~~~~
~~~ BrainStorm Technologies ~~
~~~ Linux Solution Provider ~~~
~~~~~~~ info at bstc.net ~~~~~~
~~~~~ http://www.bstc.net/ ~~~~
~~~~~~~ (402) 690-7306 ~~~~~~