TNG architecture paper under development
Luke Kenneth Casson Leighton
lkcl at samba-tng.org
Mon Mar 26 13:13:29 GMT 2001
On Fri, 23 Mar 2001, Elrond wrote:
> On Thu, Mar 22, 2001 at 03:35:28PM +0100, Osama Abu-Aish wrote:
> [...]
> > According to the SDK the USER_INFO_ALL structure contains a field
> > named "UserId" and the documentation states that "This ID is used
> > by the POSIX subsystem". Does anybody know _how exactly_ this
> > ID is used? Doesn't this mean that NT must also have a kind of SURS
> > implementation for their POSIX subsystem?
>
> Yes, they have.
>
> It's a primitive one...
>
> For each domain, you have an "offset" for the uid/gid-space.
>
> uid/gid = offset + RID.
>
> For trusted domains, you can get that offset from lsarpc
> with some get_trusted_dom_info (I recently added the code
> to send the request, but I haven't added any code for
> decoding the response)
oh that's funny. i like that a lot.
ms has had a remote implementation of a SURS algorithm - providing full
unix / nt security context interoperability - for over ten years.
teehee
luke
----- Luke Kenneth Casson Leighton <lkcl at samba-tng.org> -----
"i want a world of dreams, run by near-sighted visionaries"
"good. that's them sorted out. now, on _this_ world..."
More information about the samba-technical
mailing list