How can linux do this?

Luke Kenneth Casson Leighton lkcl at
Tue May 19 15:16:05 GMT 1998

> This is *complete* fiction :-).


> I quote "ACL is read telling the
> token what profile to use and file/directory rights the user has."
> What in heavens name does an ACL have to do with what profile to
> use ?

as i mentioned in my reply to this one, the SID obtained from the Domain
Controller (S-1-5-21-xxx-yyy-zzz-USER'S_RID) is stored in the ACL on the
local hard disk: the workstation then gets this SID and calls
LsaLookupNames on it.

therefore you only need to support LsaLookupNames and LsaLookupSids.

> I'm afraid this is an excellent example of people with
> (probably, I'm speculating here) Microsoft certified
> credentials knowing *only* what the course notes tell
> them (and of course the these notes *never* tell them
> exactly how it really works), and have no idea how the
> actual bits 'n' bytes are put together over the wire.

wire.  ha!  in my day, we _dreamed_ of bits and bytes.  we made do with
oscilloscopes ("oh, look: _that's_ an interesting looking up address")

More information about the samba-technical mailing list