LSA Privileges

Simo Sorce simo.sorce at
Sat Feb 8 06:38:29 GMT 2003

On Sat, 2003-02-08 at 05:20, tridge at wrote:
> One thing I don't understand yet is how the numbers used during a SAMR
> replication of the privileges database are derived from the string
> names used in LSA.

very good summary it works exactly the way you described :-)

About your last question, I think I have seen how.
Maybe you will have yet found the solution before you read this mail,
anyway, in my early searches about SAMR replication, I obtained from
Volker (thank you very much) a trace of a BDC joining an NT Domain.
In that trace I saw the PDC transfering the privileges _by name_.
I was very surprised to see they used strings instead of numbers,
but it was that way.

I have not investigated too much further, but if you do not see any
further name transfer, I presume, that once the name-number pair have
been transfered to the BDC, than the PDC can send numbers only.

That's what I found in my investigations last year.

I hope this helps.

Simo Sorce - simo.sorce at
Xsec s.r.l.
via Durando 10 Ed. G - 20158 - Milano
tel. +39 02 2399 7130 - fax: +39 02 700 442 399
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: This is a digitally signed message part
Url :

More information about the samba-technical mailing list