So, what can a program that can modify the SIDs in NTUSER.DAT do?

Richard Sharpe rsharpe at ns.aus.com
Thu Oct 31 17:52:41 GMT 2002 

On Thu, 31 Oct 2002, Andy Thomas wrote:

> 
>   We have just set up a test domain, with a separate domain SID and separate 
> user profile area.  We would like to copy existing profiles for some
> users to the test domain, and change the SID to match.  The program you are
> describing sounds perfect for this.  We have a need for this soon - if you
> need help testing or debugging, let me know.

OK, I just added to samba-head in source/utils a file called profiles.c 
which currently only prints out the following info for all SEC DESCs 
found:

Off: 00000080, Refs: 312, Size: 256
  Owner SID: S-1-5-32-544
  Group SID: S-1-5-18
  SACL: NONE
  DACL:     ACEs: 8
      Perms: 000F003F, SID: S-1-5-21-129735678-430395340-1080627117-2002
      Perms: 000F003F, SID: S-1-5-18
      Perms: 000F003F, SID: S-1-5-32-544
      Perms: 00020019, SID: S-1-5-12
      Perms: 10000000, SID: S-1-5-21-129735678-430395340-1080627117-2002
      Perms: 10000000, SID: S-1-5-18
      Perms: 10000000, SID: S-1-5-32-544
      Perms: 80000000, SID: S-1-5-12
Off: 00006E28, Refs: 245, Size: 284
  Owner SID: S-1-5-21-129735678-430395340-1080627117-2002
  Group SID: S-1-5-21-129735678-430395340-1080627117-2003
  SACL: NONE
  DACL:     ACEs: 8
      Perms: 000F003F, SID: S-1-5-21-129735678-430395340-1080627117-2002
      Perms: 10000000, SID: S-1-5-21-129735678-430395340-1080627117-2002
      Perms: 000F003F, SID: S-1-5-18
      Perms: 10000000, SID: S-1-5-18
      Perms: 000F003F, SID: S-1-5-32-544
      Perms: 10000000, SID: S-1-5-32-544
      Perms: 00020019, SID: S-1-5-12
      Perms: 80000000, SID: S-1-5-12

and so on.

What I envision is something like:

  profiles -c S-1-5-21-x-y-z-oldrid -n S-1-5-21-x-y-z-newrid <profiles>

which would walk the SEC DESCs, find all the SIDs and change them.

The remaining problem however, may be SIDs burried in other entries in the 
NTUSER.DAT. This can be solved, however, by walking all the entries in the 
registry and changing all the SIDS.

Regards
-----
Richard Sharpe, rsharpe at ns.aus.com, rsharpe at samba.org, 
sharpe at ethereal.com, http://www.richardsharpe.com

More information about the samba-technical mailing list