TNG architecture paper under development

Luke Kenneth Casson Leighton lkcl at
Mon Mar 26 13:13:29 GMT 2001

On Fri, 23 Mar 2001, Elrond wrote:

> On Thu, Mar 22, 2001 at 03:35:28PM +0100, Osama Abu-Aish wrote:
> [...]
> > According to the SDK the USER_INFO_ALL structure contains a field
> > named "UserId" and the documentation states that "This ID is used
> > by the POSIX subsystem". Does anybody know _how exactly_ this
> > ID is used? Doesn't this mean that NT must also have a kind of SURS
> > implementation for their POSIX subsystem?
> Yes, they have.
> It's a primitive one...
> For each domain, you have an "offset" for the uid/gid-space.
> uid/gid = offset + RID.
> For trusted domains, you can get that offset from lsarpc
> with some get_trusted_dom_info (I recently added the code
> to send the request, but I haven't added any code for
> decoding the response)

oh that's funny.  i like that a lot.

ms has had a remote implementation of a SURS algorithm - providing full
unix / nt security context interoperability - for over ten years.



 ----- Luke Kenneth Casson Leighton <lkcl at> -----

"i want a world of dreams, run by near-sighted visionaries"
"good.  that's them sorted out.  now, on _this_ world..."

More information about the samba-technical mailing list