Regarding retrieving user group membership using wbinfo.
Volker Lendecke
Volker.Lendecke at SerNet.DE
Thu Jun 12 08:59:40 MDT 2014
On Thu, Jun 12, 2014 at 10:55:17AM -0400, Simo wrote:
> On Thu, 2014-06-12 at 07:48 -0700, Richard Sharpe wrote:
> > No. It is not SID compression. If I am reading the IDL correctly, we
> > think PAC contains a SamInfo3, bit it does not. It contains most of a
> > SamInfo4 but defines it own structure.
>
> There are 3/4 ways to lists SIDs in a PAC structure, one is the classic
> way with only sids related to the domain, then a extra sid field with
> sull SIDs not related to the domain, then a sid compression feature (to
> reduce space, but still list extra sids) and I forgot if the Claim stuff
> added a 4th way to lists SIDs or if it reuses one of the above.
>
> It certainly isn't Sam Info3 and hasn't been for quite a while.
So a simple way to get this done is to expand
PAC_LOGON_INFO.info3.sids with SIDs that are prefixed by
PAC_LOGON_INFO.res_group_dom_sid extended with RIDs from
PAC_LOGON_INFO.res_groups, right? Sounds like a pretty
simple patch, the problem is -- where should we put it
exactly? :-)
Volker
--
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kontakt at sernet.de
More information about the samba-technical
mailing list