[PATCH] ldap.c + parse_sec.c for CVS HEAD

alexey kotovich a.kotovich at sam-solutions.net
Thu Jan 10 13:24:02 GMT 2002


hi all!
Seems I've done work on ntSecurityDescriptor. Attached patch for ldap.c 
allows to create ntSecurityDescriptor regarding our requirements (i.e. 
samba's host is adding into security descriptor with "Full Control" 
privilegies on its properties, such as change of password etc) and display 
one in human readable view.
Patch for parse_sec.c calculates right offset of owner and group sid for 
security descriptor in make_sec_desc() function.
Besides, I've found out that ACE of ntSecurityDescriptor contains more than 
one SID. In this case we need one more SEC_ACE structure (something like 
ADS_SEC_ACE) to operate such ACE. Seems that count of SIDs depends on ace's 
flags. It means we need to create additional functions to manipulate ACEs 
e.g. sec_io_ads_ace and so on.
Patches are against HEAD.

Alexey Kotovich.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ldap.patch
Type: text/x-diff
Size: 16526 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20020110/33bba4d4/ldap.bin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: parse_sec.patch
Type: text/x-diff
Size: 882 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20020110/33bba4d4/parse_sec.bin


More information about the samba-technical mailing list