insufficient access rights [ Was - Samba4 DNS Updates - Linux Clients - Is it possible?]
Daniele Dario
d.dario76 at gmail.com
Fri Feb 3 02:12:00 MST 2012
Hi Amitay,
On Thu, 2012-02-02 at 09:20 +1100, Amitay Isaacs wrote:
> Hi Daniele,
>
> From the logs it appears that windows-xp box activity is not able to update it's
> own record.
>
> > [root at kdc01:~]# ldbsearch -H /usr/local/samba/private/sam.ldb -b
> > "DC=DomainDnsZones,DC=saitelitalia,DC=local" "(name=activity)"
>
> Can you add --show-binary flag to ldbsearch to decode dnsRecord attribute?
>
> Also, more interesting would be to check the security descriptor for this record
> as that would tell us how this particular record was created.
>
> ldbsearch -H /usr/local/samba/private/sam.ldb
> -b "DC=DomainDnsZones,DC=saitelitalia,DC=local
> "(name=activity)" nTSecurityDescriptor
>
> That will show the security descriptor. And if you want to decode the SDDL
> format you can add --show-binary.
>
> I am interested in finding out the owner of the record as that will tell how
> this particular record was created.
>
> Amitay.
[root at kdc01:~]# ldbsearch -H /usr/local/samba/private/sam.ldb -b
"DC=DomainDnsZones,DC=saitelitalia,DC=local" "(name=activity)"
--show-binary
# record 1
dn:
DC=activity,DC=saitelitalia.local,CN=MicrosoftDNS,DC=DomainDnsZones,DC=saitelitalia,DC=local
objectClass: top
objectClass: dnsNode
instanceType: 4
whenCreated: 20120131123039.0Z
whenChanged: 20120131123039.0Z
uSNCreated: 4583
uSNChanged: 4583
showInAdvancedViewOnly: TRUE
name: activity
objectGUID: 3082b335-fb49-43be-9739-7422d74032c3
dnsRecord: NDR: struct dnsp_DnssrvRpcRecord
wDataLength : 0x0004 (4)
wType : DNS_TYPE_A (1)
version : 0x05 (5)
rank : DNS_RANK_ZONE (240)
flags : 0x0000 (0)
dwSerial : 0x00000058 (88)
dwTtlSeconds : 0x00000384 (900)
dwReserved : 0x00000000 (0)
dwTimeStamp : 0x0036fc0c (3603468)
data : union dnsRecordData(case 1)
ipv4 : 192.168.12.12
objectCategory:
CN=Dns-Node,CN=Schema,CN=Configuration,DC=saitelitalia,DC=local
dc: activity
distinguishedName:
DC=activity,DC=saitelitalia.local,CN=MicrosoftDNS,DC=DomainDnsZones,DC=saitelitalia,DC=local
# returned 1 records
# 1 entries
# 0 referrals
[root at kdc01:~]# ldbsearch -H /usr/local/samba/private/sam.ldb -b
"DC=DomainDnsZones,DC=saitelitalia,DC=local" "(name=activity)"
nTSecurityDescriptor
# record 1
dn:
DC=activity,DC=saitelitalia.local,CN=MicrosoftDNS,DC=DomainDnsZones,DC=saitelitalia,DC=local
nTSecurityDescriptor:
O:LAG:DUD:AI(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWP
CRCCDCLCLORCWOWDSDDTSW;;;ED)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPWPCRCCD
CLCLORCWOWDSDDTSW;;;LA)(A;;RPLCLORC;;;WD)(A;CIID;RPWPCRCCDCLCRCWOWDSDDTSW;;;E
D)(A;CIID;RPWPCRCCDCLCRCWOWDSDDTSW;;;S-1-5-21-2975140536-3837122512-173113542
7-1102)(A;CIID;RPWPCRCCDCLCRCWOWDSDDTSW;;;ED)(OA;CIID;RP;4c164200-20c0-11d0-a
768-00aa006e0529;4828cc14-1437-45bc-9b07-ad6f015e5f28;RU)(OA;CIID;RP;4c164200
-20c0-11d0-a768-00aa006e0529;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIID
;RP;5f202010-79a5-11d0-9020-00c04fc2d4cf;4828cc14-1437-45bc-9b07-ad6f015e5f28
;RU)(OA;CIID;RP;5f202010-79a5-11d0-9020-00c04fc2d4cf;bf967aba-0de6-11d0-a285-
00aa003049e2;RU)(OA;CIID;RP;bc0ac240-79a9-11d0-9020-00c04fc2d4cf;4828cc14-143
7-45bc-9b07-ad6f015e5f28;RU)(OA;CIID;RP;bc0ac240-79a9-11d0-9020-00c04fc2d4cf;
bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIID;RP;59ba2f42-79a2-11d0-9020-0
0c04fc2d3cf;4828cc14-1437-45bc-9b07-ad6f015e5f28;RU)(OA;CIID;RP;59ba2f42-79a2
-11d0-9020-00c04fc2d3cf;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIID;RP;0
37088f8-0ae1-11d2-b422-00a0c968f939;4828cc14-1437-45bc-9b07-ad6f015e5f28;RU)(
OA;CIID;RP;037088f8-0ae1-11d2-b422-00a0c968f939;bf967aba-0de6-11d0-a285-00aa0
03049e2;RU)(OA;CIID;RP;b7c69e6d-2cc7-11d2-854e-00a0c983f608;bf967a86-0de6-11d
0-a285-00aa003049e2;ED)(OA;CIID;RP;b7c69e6d-2cc7-11d2-854e-00a0c983f608;bf967
a9c-0de6-11d0-a285-00aa003049e2;ED)(OA;CIID;RP;b7c69e6d-2cc7-11d2-854e-00a0c9
83f608;bf967aba-0de6-11d0-a285-00aa003049e2;ED)(OA;CIID;RPLCLORC;;4828cc14-14
37-45bc-9b07-ad6f015e5f28;RU)(OA;CIID;RPLCLORC;;bf967a9c-0de6-11d0-a285-00aa0
03049e2;RU)(OA;CIID;RPLCLORC;;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CII
D;RPWPCR;91e647de-d96f-4b70-9557-d63ff4f3ccd8;;PS)(A;CIID;RPWPCRCCDCLCLORCWOW
DSDDTSW;;;EA)(A;CIID;LC;;;RU)(A;CIID;RPWPCRCCLCLORCWOWDSDSW;;;BA)S:AI(OU;CIID
SA;WP;f30e3bbe-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049
e2;WD)(OU;CIIDSA;WP;f30e3bbf-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a
285-00aa003049e2;WD)
# returned 1 records
# 1 entries
# 0 referrals
ldbsearch -H /usr/local/samba/private/sam.ldb -b
"DC=DomainDnsZones,DC=saitelitalia,DC=local" "(name=activity)"
nTSecurityDescriptor --show-binary
# record 1
dn:
DC=activity,DC=saitelitalia.local,CN=MicrosoftDNS,DC=DomainDnsZones,DC=saitelitalia,DC=local
nTSecurityDescriptor: NDR: struct security_descriptor
revision : SECURITY_DESCRIPTOR_REVISION_1 (1)
type : 0x8c14 (35860)
0: SEC_DESC_OWNER_DEFAULTED
0: SEC_DESC_GROUP_DEFAULTED
1: SEC_DESC_DACL_PRESENT
0: SEC_DESC_DACL_DEFAULTED
1: SEC_DESC_SACL_PRESENT
0: SEC_DESC_SACL_DEFAULTED
0: SEC_DESC_DACL_TRUSTED
0: SEC_DESC_SERVER_SECURITY
0: SEC_DESC_DACL_AUTO_INHERIT_REQ
0: SEC_DESC_SACL_AUTO_INHERIT_REQ
1: SEC_DESC_DACL_AUTO_INHERITED
1: SEC_DESC_SACL_AUTO_INHERITED
0: SEC_DESC_DACL_PROTECTED
0: SEC_DESC_SACL_PROTECTED
0: SEC_DESC_RM_CONTROL_VALID
1: SEC_DESC_SELF_RELATIVE
owner_sid : *
owner_sid :
S-1-5-21-2975140536-3837122512-1731135427-500
group_sid : *
group_sid :
S-1-5-21-2975140536-3837122512-1731135427-513
sacl : *
sacl: struct security_acl
revision : SECURITY_ACL_REVISION_ADS (4)
size : 0x0078 (120)
num_aces : 0x00000002 (2)
aces: ARRAY(2)
aces: struct security_ace
type :
SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT (7)
flags : 0x52 (82)
0: SEC_ACE_FLAG_OBJECT_INHERIT
1: SEC_ACE_FLAG_CONTAINER_INHERIT
0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
0: SEC_ACE_FLAG_INHERIT_ONLY
1: SEC_ACE_FLAG_INHERITED_ACE
0x02: SEC_ACE_FLAG_VALID_INHERIT (2)
1: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
0: SEC_ACE_FLAG_FAILED_ACCESS
size : 0x0038 (56)
access_mask : 0x00000020 (32)
object : union
security_ace_object_ctr(case 7)
object: struct security_ace_object
flags : 0x00000003 (3)
1: SEC_ACE_OBJECT_TYPE_PRESENT
1:
SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT
type : union
security_ace_object_type(case 1)
type :
f30e3bbe-9ff0-11d1-b603-0000f80367c1
inherited_type : union
security_ace_object_inherited_type(case 2)
inherited_type :
bf967aa5-0de6-11d0-a285-00aa003049e2
trustee : S-1-1-0
aces: struct security_ace
type :
SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT (7)
flags : 0x52 (82)
0: SEC_ACE_FLAG_OBJECT_INHERIT
1: SEC_ACE_FLAG_CONTAINER_INHERIT
0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
0: SEC_ACE_FLAG_INHERIT_ONLY
1: SEC_ACE_FLAG_INHERITED_ACE
0x02: SEC_ACE_FLAG_VALID_INHERIT (2)
1: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
0: SEC_ACE_FLAG_FAILED_ACCESS
size : 0x0038 (56)
access_mask : 0x00000020 (32)
object : union
security_ace_object_ctr(case 7)
object: struct security_ace_object
flags : 0x00000003 (3)
1: SEC_ACE_OBJECT_TYPE_PRESENT
1:
SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT
type : union
security_ace_object_type(case 1)
type :
f30e3bbf-9ff0-11d1-b603-0000f80367c1
inherited_type : union
security_ace_object_inherited_type(case 2)
inherited_type :
bf967aa5-0de6-11d0-a285-00aa003049e2
trustee : S-1-1-0
dacl : *
dacl: struct security_acl
revision : SECURITY_ACL_REVISION_ADS (4)
size : 0x04d8 (1240)
num_aces : 0x0000001c (28)
aces: ARRAY(28)
aces: struct security_ace
type :
SEC_ACE_TYPE_ACCESS_ALLOWED (0)
flags : 0x00 (0)
0: SEC_ACE_FLAG_OBJECT_INHERIT
0: SEC_ACE_FLAG_CONTAINER_INHERIT
0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
0: SEC_ACE_FLAG_INHERIT_ONLY
0: SEC_ACE_FLAG_INHERITED_ACE
0x00: SEC_ACE_FLAG_VALID_INHERIT (0)
0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
0: SEC_ACE_FLAG_FAILED_ACCESS
size : 0x0024 (36)
access_mask : 0x000f01ff (983551)
object : union
security_ace_object_ctr(case 0)
trustee :
S-1-5-21-2975140536-3837122512-1731135427-512
aces: struct security_ace
type :
SEC_ACE_TYPE_ACCESS_ALLOWED (0)
flags : 0x00 (0)
0: SEC_ACE_FLAG_OBJECT_INHERIT
0: SEC_ACE_FLAG_CONTAINER_INHERIT
0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
0: SEC_ACE_FLAG_INHERIT_ONLY
0: SEC_ACE_FLAG_INHERITED_ACE
0x00: SEC_ACE_FLAG_VALID_INHERIT (0)
0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
0: SEC_ACE_FLAG_FAILED_ACCESS
size : 0x0014 (20)
access_mask : 0x000f01ff (983551)
object : union
security_ace_object_ctr(case 0)
trustee : S-1-5-9
aces: struct security_ace
type :
SEC_ACE_TYPE_ACCESS_ALLOWED (0)
flags : 0x00 (0)
0: SEC_ACE_FLAG_OBJECT_INHERIT
0: SEC_ACE_FLAG_CONTAINER_INHERIT
0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
0: SEC_ACE_FLAG_INHERIT_ONLY
0: SEC_ACE_FLAG_INHERITED_ACE
0x00: SEC_ACE_FLAG_VALID_INHERIT (0)
0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
0: SEC_ACE_FLAG_FAILED_ACCESS
size : 0x0014 (20)
access_mask : 0x000f01ff (983551)
object : union
security_ace_object_ctr(case 0)
trustee : S-1-5-18
aces: struct security_ace
type :
SEC_ACE_TYPE_ACCESS_ALLOWED (0)
flags : 0x00 (0)
0: SEC_ACE_FLAG_OBJECT_INHERIT
0: SEC_ACE_FLAG_CONTAINER_INHERIT
0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
0: SEC_ACE_FLAG_INHERIT_ONLY
0: SEC_ACE_FLAG_INHERITED_ACE
0x00: SEC_ACE_FLAG_VALID_INHERIT (0)
0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
0: SEC_ACE_FLAG_FAILED_ACCESS
size : 0x0024 (36)
access_mask : 0x000f01ff (983551)
object : union
security_ace_object_ctr(case 0)
trustee :
S-1-5-21-2975140536-3837122512-1731135427-500
aces: struct security_ace
type :
SEC_ACE_TYPE_ACCESS_ALLOWED (0)
flags : 0x00 (0)
0: SEC_ACE_FLAG_OBJECT_INHERIT
0: SEC_ACE_FLAG_CONTAINER_INHERIT
0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
0: SEC_ACE_FLAG_INHERIT_ONLY
0: SEC_ACE_FLAG_INHERITED_ACE
0x00: SEC_ACE_FLAG_VALID_INHERIT (0)
0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
0: SEC_ACE_FLAG_FAILED_ACCESS
size : 0x0014 (20)
access_mask : 0x00020094 (131220)
object : union
security_ace_object_ctr(case 0)
trustee : S-1-1-0
aces: struct security_ace
type :
SEC_ACE_TYPE_ACCESS_ALLOWED (0)
flags : 0x12 (18)
0: SEC_ACE_FLAG_OBJECT_INHERIT
1: SEC_ACE_FLAG_CONTAINER_INHERIT
0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
0: SEC_ACE_FLAG_INHERIT_ONLY
1: SEC_ACE_FLAG_INHERITED_ACE
0x02: SEC_ACE_FLAG_VALID_INHERIT (2)
0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
0: SEC_ACE_FLAG_FAILED_ACCESS
size : 0x0014 (20)
access_mask : 0x000f017f (983423)
object : union
security_ace_object_ctr(case 0)
trustee : S-1-5-9
aces: struct security_ace
type :
SEC_ACE_TYPE_ACCESS_ALLOWED (0)
flags : 0x12 (18)
0: SEC_ACE_FLAG_OBJECT_INHERIT
1: SEC_ACE_FLAG_CONTAINER_INHERIT
0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
0: SEC_ACE_FLAG_INHERIT_ONLY
1: SEC_ACE_FLAG_INHERITED_ACE
0x02: SEC_ACE_FLAG_VALID_INHERIT (2)
0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
0: SEC_ACE_FLAG_FAILED_ACCESS
size : 0x0024 (36)
access_mask : 0x000f017f (983423)
object : union
security_ace_object_ctr(case 0)
trustee :
S-1-5-21-2975140536-3837122512-1731135427-1102
aces: struct security_ace
type :
SEC_ACE_TYPE_ACCESS_ALLOWED (0)
flags : 0x12 (18)
0: SEC_ACE_FLAG_OBJECT_INHERIT
1: SEC_ACE_FLAG_CONTAINER_INHERIT
0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
0: SEC_ACE_FLAG_INHERIT_ONLY
1: SEC_ACE_FLAG_INHERITED_ACE
0x02: SEC_ACE_FLAG_VALID_INHERIT (2)
0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
0: SEC_ACE_FLAG_FAILED_ACCESS
size : 0x0014 (20)
access_mask : 0x000f017f (983423)
object : union
security_ace_object_ctr(case 0)
trustee : S-1-5-9
aces: struct security_ace
type :
SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT (5)
flags : 0x12 (18)
0: SEC_ACE_FLAG_OBJECT_INHERIT
1: SEC_ACE_FLAG_CONTAINER_INHERIT
0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
0: SEC_ACE_FLAG_INHERIT_ONLY
1: SEC_ACE_FLAG_INHERITED_ACE
0x02: SEC_ACE_FLAG_VALID_INHERIT (2)
0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
0: SEC_ACE_FLAG_FAILED_ACCESS
size : 0x003c (60)
access_mask : 0x00000010 (16)
object : union
security_ace_object_ctr(case 5)
object: struct security_ace_object
flags : 0x00000003 (3)
1: SEC_ACE_OBJECT_TYPE_PRESENT
1:
SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT
type : union
security_ace_object_type(case 1)
type :
4c164200-20c0-11d0-a768-00aa006e0529
inherited_type : union
security_ace_object_inherited_type(case 2)
inherited_type :
4828cc14-1437-45bc-9b07-ad6f015e5f28
trustee : S-1-5-32-554
aces: struct security_ace
type :
SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT (5)
flags : 0x12 (18)
0: SEC_ACE_FLAG_OBJECT_INHERIT
1: SEC_ACE_FLAG_CONTAINER_INHERIT
0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
0: SEC_ACE_FLAG_INHERIT_ONLY
1: SEC_ACE_FLAG_INHERITED_ACE
0x02: SEC_ACE_FLAG_VALID_INHERIT (2)
0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
0: SEC_ACE_FLAG_FAILED_ACCESS
size : 0x003c (60)
access_mask : 0x00000010 (16)
object : union
security_ace_object_ctr(case 5)
object: struct security_ace_object
flags : 0x00000003 (3)
1: SEC_ACE_OBJECT_TYPE_PRESENT
1:
SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT
type : union
security_ace_object_type(case 1)
type :
4c164200-20c0-11d0-a768-00aa006e0529
inherited_type : union
security_ace_object_inherited_type(case 2)
inherited_type :
bf967aba-0de6-11d0-a285-00aa003049e2
trustee : S-1-5-32-554
aces: struct security_ace
type :
SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT (5)
flags : 0x12 (18)
0: SEC_ACE_FLAG_OBJECT_INHERIT
1: SEC_ACE_FLAG_CONTAINER_INHERIT
0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
0: SEC_ACE_FLAG_INHERIT_ONLY
1: SEC_ACE_FLAG_INHERITED_ACE
0x02: SEC_ACE_FLAG_VALID_INHERIT (2)
0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
0: SEC_ACE_FLAG_FAILED_ACCESS
size : 0x003c (60)
access_mask : 0x00000010 (16)
object : union
security_ace_object_ctr(case 5)
object: struct security_ace_object
flags : 0x00000003 (3)
1: SEC_ACE_OBJECT_TYPE_PRESENT
1:
SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT
type : union
security_ace_object_type(case 1)
type :
5f202010-79a5-11d0-9020-00c04fc2d4cf
inherited_type : union
security_ace_object_inherited_type(case 2)
inherited_type :
4828cc14-1437-45bc-9b07-ad6f015e5f28
trustee : S-1-5-32-554
aces: struct security_ace
type :
SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT (5)
flags : 0x12 (18)
0: SEC_ACE_FLAG_OBJECT_INHERIT
1: SEC_ACE_FLAG_CONTAINER_INHERIT
0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
0: SEC_ACE_FLAG_INHERIT_ONLY
1: SEC_ACE_FLAG_INHERITED_ACE
0x02: SEC_ACE_FLAG_VALID_INHERIT (2)
0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
0: SEC_ACE_FLAG_FAILED_ACCESS
size : 0x003c (60)
access_mask : 0x00000010 (16)
object : union
security_ace_object_ctr(case 5)
object: struct security_ace_object
flags : 0x00000003 (3)
1: SEC_ACE_OBJECT_TYPE_PRESENT
1:
SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT
type : union
security_ace_object_type(case 1)
type :
5f202010-79a5-11d0-9020-00c04fc2d4cf
inherited_type : union
security_ace_object_inherited_type(case 2)
inherited_type :
bf967aba-0de6-11d0-a285-00aa003049e2
trustee : S-1-5-32-554
aces: struct security_ace
type :
SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT (5)
flags : 0x12 (18)
0: SEC_ACE_FLAG_OBJECT_INHERIT
1: SEC_ACE_FLAG_CONTAINER_INHERIT
0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
0: SEC_ACE_FLAG_INHERIT_ONLY
1: SEC_ACE_FLAG_INHERITED_ACE
0x02: SEC_ACE_FLAG_VALID_INHERIT (2)
0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
0: SEC_ACE_FLAG_FAILED_ACCESS
size : 0x003c (60)
access_mask : 0x00000010 (16)
object : union
security_ace_object_ctr(case 5)
object: struct security_ace_object
flags : 0x00000003 (3)
1: SEC_ACE_OBJECT_TYPE_PRESENT
1:
SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT
type : union
security_ace_object_type(case 1)
type :
bc0ac240-79a9-11d0-9020-00c04fc2d4cf
inherited_type : union
security_ace_object_inherited_type(case 2)
inherited_type :
4828cc14-1437-45bc-9b07-ad6f015e5f28
trustee : S-1-5-32-554
aces: struct security_ace
type :
SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT (5)
flags : 0x12 (18)
0: SEC_ACE_FLAG_OBJECT_INHERIT
1: SEC_ACE_FLAG_CONTAINER_INHERIT
0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
0: SEC_ACE_FLAG_INHERIT_ONLY
1: SEC_ACE_FLAG_INHERITED_ACE
0x02: SEC_ACE_FLAG_VALID_INHERIT (2)
0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
0: SEC_ACE_FLAG_FAILED_ACCESS
size : 0x003c (60)
access_mask : 0x00000010 (16)
object : union
security_ace_object_ctr(case 5)
object: struct security_ace_object
flags : 0x00000003 (3)
1: SEC_ACE_OBJECT_TYPE_PRESENT
1:
SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT
type : union
security_ace_object_type(case 1)
type :
bc0ac240-79a9-11d0-9020-00c04fc2d4cf
inherited_type : union
security_ace_object_inherited_type(case 2)
inherited_type :
bf967aba-0de6-11d0-a285-00aa003049e2
trustee : S-1-5-32-554
aces: struct security_ace
type :
SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT (5)
flags : 0x12 (18)
0: SEC_ACE_FLAG_OBJECT_INHERIT
1: SEC_ACE_FLAG_CONTAINER_INHERIT
0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
0: SEC_ACE_FLAG_INHERIT_ONLY
1: SEC_ACE_FLAG_INHERITED_ACE
0x02: SEC_ACE_FLAG_VALID_INHERIT (2)
0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
0: SEC_ACE_FLAG_FAILED_ACCESS
size : 0x003c (60)
access_mask : 0x00000010 (16)
object : union
security_ace_object_ctr(case 5)
object: struct security_ace_object
flags : 0x00000003 (3)
1: SEC_ACE_OBJECT_TYPE_PRESENT
1:
SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT
type : union
security_ace_object_type(case 1)
type :
59ba2f42-79a2-11d0-9020-00c04fc2d3cf
inherited_type : union
security_ace_object_inherited_type(case 2)
inherited_type :
4828cc14-1437-45bc-9b07-ad6f015e5f28
trustee : S-1-5-32-554
aces: struct security_ace
type :
SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT (5)
flags : 0x12 (18)
0: SEC_ACE_FLAG_OBJECT_INHERIT
1: SEC_ACE_FLAG_CONTAINER_INHERIT
0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
0: SEC_ACE_FLAG_INHERIT_ONLY
1: SEC_ACE_FLAG_INHERITED_ACE
0x02: SEC_ACE_FLAG_VALID_INHERIT (2)
0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
0: SEC_ACE_FLAG_FAILED_ACCESS
size : 0x003c (60)
access_mask : 0x00000010 (16)
object : union
security_ace_object_ctr(case 5)
object: struct security_ace_object
flags : 0x00000003 (3)
1: SEC_ACE_OBJECT_TYPE_PRESENT
1:
SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT
type : union
security_ace_object_type(case 1)
type :
59ba2f42-79a2-11d0-9020-00c04fc2d3cf
inherited_type : union
security_ace_object_inherited_type(case 2)
inherited_type :
bf967aba-0de6-11d0-a285-00aa003049e2
trustee : S-1-5-32-554
aces: struct security_ace
type :
SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT (5)
flags : 0x12 (18)
0: SEC_ACE_FLAG_OBJECT_INHERIT
1: SEC_ACE_FLAG_CONTAINER_INHERIT
0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
0: SEC_ACE_FLAG_INHERIT_ONLY
1: SEC_ACE_FLAG_INHERITED_ACE
0x02: SEC_ACE_FLAG_VALID_INHERIT (2)
0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
0: SEC_ACE_FLAG_FAILED_ACCESS
size : 0x003c (60)
access_mask : 0x00000010 (16)
object : union
security_ace_object_ctr(case 5)
object: struct security_ace_object
flags : 0x00000003 (3)
1: SEC_ACE_OBJECT_TYPE_PRESENT
1:
SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT
type : union
security_ace_object_type(case 1)
type :
037088f8-0ae1-11d2-b422-00a0c968f939
inherited_type : union
security_ace_object_inherited_type(case 2)
inherited_type :
4828cc14-1437-45bc-9b07-ad6f015e5f28
trustee : S-1-5-32-554
aces: struct security_ace
type :
SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT (5)
flags : 0x12 (18)
0: SEC_ACE_FLAG_OBJECT_INHERIT
1: SEC_ACE_FLAG_CONTAINER_INHERIT
0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
0: SEC_ACE_FLAG_INHERIT_ONLY
1: SEC_ACE_FLAG_INHERITED_ACE
0x02: SEC_ACE_FLAG_VALID_INHERIT (2)
0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
0: SEC_ACE_FLAG_FAILED_ACCESS
size : 0x003c (60)
access_mask : 0x00000010 (16)
object : union
security_ace_object_ctr(case 5)
object: struct security_ace_object
flags : 0x00000003 (3)
1: SEC_ACE_OBJECT_TYPE_PRESENT
1:
SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT
type : union
security_ace_object_type(case 1)
type :
037088f8-0ae1-11d2-b422-00a0c968f939
inherited_type : union
security_ace_object_inherited_type(case 2)
inherited_type :
bf967aba-0de6-11d0-a285-00aa003049e2
trustee : S-1-5-32-554
aces: struct security_ace
type :
SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT (5)
flags : 0x12 (18)
0: SEC_ACE_FLAG_OBJECT_INHERIT
1: SEC_ACE_FLAG_CONTAINER_INHERIT
0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
0: SEC_ACE_FLAG_INHERIT_ONLY
1: SEC_ACE_FLAG_INHERITED_ACE
0x02: SEC_ACE_FLAG_VALID_INHERIT (2)
0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
0: SEC_ACE_FLAG_FAILED_ACCESS
size : 0x0038 (56)
access_mask : 0x00000010 (16)
object : union
security_ace_object_ctr(case 5)
object: struct security_ace_object
flags : 0x00000003 (3)
1: SEC_ACE_OBJECT_TYPE_PRESENT
1:
SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT
type : union
security_ace_object_type(case 1)
type :
b7c69e6d-2cc7-11d2-854e-00a0c983f608
inherited_type : union
security_ace_object_inherited_type(case 2)
inherited_type :
bf967a86-0de6-11d0-a285-00aa003049e2
trustee : S-1-5-9
aces: struct security_ace
type :
SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT (5)
flags : 0x12 (18)
0: SEC_ACE_FLAG_OBJECT_INHERIT
1: SEC_ACE_FLAG_CONTAINER_INHERIT
0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
0: SEC_ACE_FLAG_INHERIT_ONLY
1: SEC_ACE_FLAG_INHERITED_ACE
0x02: SEC_ACE_FLAG_VALID_INHERIT (2)
0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
0: SEC_ACE_FLAG_FAILED_ACCESS
size : 0x0038 (56)
access_mask : 0x00000010 (16)
object : union
security_ace_object_ctr(case 5)
object: struct security_ace_object
flags : 0x00000003 (3)
1: SEC_ACE_OBJECT_TYPE_PRESENT
1:
SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT
type : union
security_ace_object_type(case 1)
type :
b7c69e6d-2cc7-11d2-854e-00a0c983f608
inherited_type : union
security_ace_object_inherited_type(case 2)
inherited_type :
bf967a9c-0de6-11d0-a285-00aa003049e2
trustee : S-1-5-9
aces: struct security_ace
type :
SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT (5)
flags : 0x12 (18)
0: SEC_ACE_FLAG_OBJECT_INHERIT
1: SEC_ACE_FLAG_CONTAINER_INHERIT
0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
0: SEC_ACE_FLAG_INHERIT_ONLY
1: SEC_ACE_FLAG_INHERITED_ACE
0x02: SEC_ACE_FLAG_VALID_INHERIT (2)
0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
0: SEC_ACE_FLAG_FAILED_ACCESS
size : 0x0038 (56)
access_mask : 0x00000010 (16)
object : union
security_ace_object_ctr(case 5)
object: struct security_ace_object
flags : 0x00000003 (3)
1: SEC_ACE_OBJECT_TYPE_PRESENT
1:
SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT
type : union
security_ace_object_type(case 1)
type :
b7c69e6d-2cc7-11d2-854e-00a0c983f608
inherited_type : union
security_ace_object_inherited_type(case 2)
inherited_type :
bf967aba-0de6-11d0-a285-00aa003049e2
trustee : S-1-5-9
aces: struct security_ace
type :
SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT (5)
flags : 0x12 (18)
0: SEC_ACE_FLAG_OBJECT_INHERIT
1: SEC_ACE_FLAG_CONTAINER_INHERIT
0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
0: SEC_ACE_FLAG_INHERIT_ONLY
1: SEC_ACE_FLAG_INHERITED_ACE
0x02: SEC_ACE_FLAG_VALID_INHERIT (2)
0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
0: SEC_ACE_FLAG_FAILED_ACCESS
size : 0x002c (44)
access_mask : 0x00020094 (131220)
object : union
security_ace_object_ctr(case 5)
object: struct security_ace_object
flags : 0x00000002 (2)
0: SEC_ACE_OBJECT_TYPE_PRESENT
1:
SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT
type : union
security_ace_object_type(case 0)
inherited_type : union
security_ace_object_inherited_type(case 2)
inherited_type :
4828cc14-1437-45bc-9b07-ad6f015e5f28
trustee : S-1-5-32-554
aces: struct security_ace
type :
SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT (5)
flags : 0x12 (18)
0: SEC_ACE_FLAG_OBJECT_INHERIT
1: SEC_ACE_FLAG_CONTAINER_INHERIT
0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
0: SEC_ACE_FLAG_INHERIT_ONLY
1: SEC_ACE_FLAG_INHERITED_ACE
0x02: SEC_ACE_FLAG_VALID_INHERIT (2)
0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
0: SEC_ACE_FLAG_FAILED_ACCESS
size : 0x002c (44)
access_mask : 0x00020094 (131220)
object : union
security_ace_object_ctr(case 5)
object: struct security_ace_object
flags : 0x00000002 (2)
0: SEC_ACE_OBJECT_TYPE_PRESENT
1:
SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT
type : union
security_ace_object_type(case 0)
inherited_type : union
security_ace_object_inherited_type(case 2)
inherited_type :
bf967a9c-0de6-11d0-a285-00aa003049e2
trustee : S-1-5-32-554
aces: struct security_ace
type :
SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT (5)
flags : 0x12 (18)
0: SEC_ACE_FLAG_OBJECT_INHERIT
1: SEC_ACE_FLAG_CONTAINER_INHERIT
0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
0: SEC_ACE_FLAG_INHERIT_ONLY
1: SEC_ACE_FLAG_INHERITED_ACE
0x02: SEC_ACE_FLAG_VALID_INHERIT (2)
0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
0: SEC_ACE_FLAG_FAILED_ACCESS
size : 0x002c (44)
access_mask : 0x00020094 (131220)
object : union
security_ace_object_ctr(case 5)
object: struct security_ace_object
flags : 0x00000002 (2)
0: SEC_ACE_OBJECT_TYPE_PRESENT
1:
SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT
type : union
security_ace_object_type(case 0)
inherited_type : union
security_ace_object_inherited_type(case 2)
inherited_type :
bf967aba-0de6-11d0-a285-00aa003049e2
trustee : S-1-5-32-554
aces: struct security_ace
type :
SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT (5)
flags : 0x12 (18)
0: SEC_ACE_FLAG_OBJECT_INHERIT
1: SEC_ACE_FLAG_CONTAINER_INHERIT
0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
0: SEC_ACE_FLAG_INHERIT_ONLY
1: SEC_ACE_FLAG_INHERITED_ACE
0x02: SEC_ACE_FLAG_VALID_INHERIT (2)
0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
0: SEC_ACE_FLAG_FAILED_ACCESS
size : 0x0028 (40)
access_mask : 0x00000130 (304)
object : union
security_ace_object_ctr(case 5)
object: struct security_ace_object
flags : 0x00000001 (1)
1: SEC_ACE_OBJECT_TYPE_PRESENT
0:
SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT
type : union
security_ace_object_type(case 1)
type :
91e647de-d96f-4b70-9557-d63ff4f3ccd8
inherited_type : union
security_ace_object_inherited_type(case 0)
trustee : S-1-5-10
aces: struct security_ace
type :
SEC_ACE_TYPE_ACCESS_ALLOWED (0)
flags : 0x12 (18)
0: SEC_ACE_FLAG_OBJECT_INHERIT
1: SEC_ACE_FLAG_CONTAINER_INHERIT
0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
0: SEC_ACE_FLAG_INHERIT_ONLY
1: SEC_ACE_FLAG_INHERITED_ACE
0x02: SEC_ACE_FLAG_VALID_INHERIT (2)
0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
0: SEC_ACE_FLAG_FAILED_ACCESS
size : 0x0024 (36)
access_mask : 0x000f01ff (983551)
object : union
security_ace_object_ctr(case 0)
trustee :
S-1-5-21-2975140536-3837122512-1731135427-519
aces: struct security_ace
type :
SEC_ACE_TYPE_ACCESS_ALLOWED (0)
flags : 0x12 (18)
0: SEC_ACE_FLAG_OBJECT_INHERIT
1: SEC_ACE_FLAG_CONTAINER_INHERIT
0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
0: SEC_ACE_FLAG_INHERIT_ONLY
1: SEC_ACE_FLAG_INHERITED_ACE
0x02: SEC_ACE_FLAG_VALID_INHERIT (2)
0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
0: SEC_ACE_FLAG_FAILED_ACCESS
size : 0x0018 (24)
access_mask : 0x00000004 (4)
object : union
security_ace_object_ctr(case 0)
trustee : S-1-5-32-554
aces: struct security_ace
type :
SEC_ACE_TYPE_ACCESS_ALLOWED (0)
flags : 0x12 (18)
0: SEC_ACE_FLAG_OBJECT_INHERIT
1: SEC_ACE_FLAG_CONTAINER_INHERIT
0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT
0: SEC_ACE_FLAG_INHERIT_ONLY
1: SEC_ACE_FLAG_INHERITED_ACE
0x02: SEC_ACE_FLAG_VALID_INHERIT (2)
0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS
0: SEC_ACE_FLAG_FAILED_ACCESS
size : 0x0018 (24)
access_mask : 0x000f01bd (983485)
object : union
security_ace_object_ctr(case 0)
trustee : S-1-5-32-544
# returned 1 records
# 1 entries
# 0 referrals
I'll try to understand meaning of these data. BTW do you see something
wrong?
Daniele.
More information about the samba-technical
mailing list