CVS update: samba/source/passdb

Jean Francois Micouleau Jean-Francois.Micouleau at
Mon Nov 27 17:35:01 GMT 2000

On Sun, 26 Nov 2000, Gerald Carter wrote:

> Tim Potter wrote:
> > 
> > Eeek!  This is not the correct way to look up names as it isn't
> > portable across non-English NT machines - just ask Mr JF
> > Administrateur about it.  (-:
> >
> > The correct way (which also indirectly solves this lookup
> > problem) is to construct a sid using global_sam_sid and append a
> > well known RID value from rpc_misc.h:
> > 
> > DOMAIN_USER_RID_ADMIN for the administrator user
> > DOMAIN_GROUP_RID_ADMINS for the Administrators group
> > 
> > and so on.

I would add even that is not the *correct* way. The correct solution would
be to build the privilege mask of the user's NT_TOKEN and compare that to
the desired or the required minimum mask.

That mean we need to store such a beast somewhere (that's an hint to why
I'm soo slow to write the group mapping code)


More information about the samba-technical mailing list