How to determine if a SID is group or user?
John M Trostel
jtrostel at connex.com
Thu Nov 9 14:28:25 GMT 2000
---Reply to mail from Gerald Carter about How to determine if a SID is group or user?
Well, I'm trying to come back through the "set_nt_acl" call, with a
pre-alpha implementation of XFS acls. There are more than the standard 3
ACEs created and I need (when they are read back in as is done in
"unpack_nt_permissions") to determine if the ACE is a user or group ACE.
Is the 'last bit' the high order or low order bit here? (And is that the
one I see in the dacl->ace[i] structure?
typedef struct security_ace_info
{
uint8 type; /* xxxx_xxxx_ACE_TYPE - e.g allowed / denied etc */
uint8 flags; /* xxxx_INHERIT_xxxx - e.g OBJECT_INHERIT_ACE */
uint16 size;
SEC_ACCESS info;
DOM_SID sid;
} SEC_ACE;
> John M Trostel wrote:
>>
>> How would I figure out if a specific ACE entry pertains to
>> a group or a user?
>>
>> I can go in and look at the uid and/or gid with sid_to_uid
>> or sid_to_gid (from the ace), but there must be some
>> way to differentiate between the group and user ace's.
>
> Samba uses the last bit as a flag. Of course, this
> is entirely different from NT. No idea how to do it
> on Win32. See passdb/passdb.c:pdb_rid_is_user() for details.
>
>
>
>
> Cheers, jerry
>
---End reply
--
John M. Trostel
Linux OS Engineer
Connex
jtrostel at connex.com
More information about the samba-technical
mailing list