How can linux do this?
Luke Kenneth Casson Leighton
lkcl at switchboard.net
Tue May 19 15:16:05 GMT 1998
> This is *complete* fiction :-).
> I quote "ACL is read telling the
> token what profile to use and file/directory rights the user has."
> What in heavens name does an ACL have to do with what profile to
> use ?
as i mentioned in my reply to this one, the SID obtained from the Domain
Controller (S-1-5-21-xxx-yyy-zzz-USER'S_RID) is stored in the ACL on the
local hard disk: the workstation then gets this SID and calls
LsaLookupNames on it.
therefore you only need to support LsaLookupNames and LsaLookupSids.
> I'm afraid this is an excellent example of people with
> (probably, I'm speculating here) Microsoft certified
> credentials knowing *only* what the course notes tell
> them (and of course the these notes *never* tell them
> exactly how it really works), and have no idea how the
> actual bits 'n' bytes are put together over the wire.
wire. ha! in my day, we _dreamed_ of bits and bytes. we made do with
oscilloscopes ("oh, look: _that's_ an interesting looking up address")
More information about the samba-technical