On Apr 22 09:25, Achim Gratz wrote:
> Achim Gratz writes:
> >> I don't understand what you're trying to say here. Are there
> >> differences or not?
> >
> > You're on to something. I have over 500 groups in my token in the old
> > domain, but only half of those end up in the token when I'm logged
Achim Gratz writes:
>> I don't understand what you're trying to say here. Are there
>> differences or not?
>
> You're on to something. I have over 500 groups in my token in the old
> domain, but only half of those end up in the token when I'm logged in on
> the machine in the new domain (at least
Corinna Vinschen writes:
> It's dirt easy:
For you... :-) I know next to nothing about all this stuff.
> Ok. However, MSDN explicitely suggests to fetch the AuthZ context
> from the current user token, if the idea is to ask for the permissions
> of the current user. It's much less costly than
On Apr 12 21:16, Achim Gratz wrote:
> Corinna Vinschen writes:
> > I inspected the source code which handles this kind of thing. What it
> > does is to ask Windows for permissions of SID X on file Y, using AuthZ.
>
> That seems to be working correctly. For all old domain SID I've looked
> at, th
Corinna Vinschen writes:
> I inspected the source code which handles this kind of thing. What it
> does is to ask Windows for permissions of SID X on file Y, using AuthZ.
That seems to be working correctly. For all old domain SID I've looked
at, they've been prefixed by 0x7FFF when seen by t
On Apr 12 09:56, Csaba Raduly wrote:
> On 4/12/18, Corinna Vinschen wrote:
> > See sec_acl.cc, line 1127ff. This calls a function
> > authz_get_user_attribute which in turn calls a method
> > authz_ctx::get_user_attribute, sec_helper.cc, line 811ff.
>
> Ouch. Are there so many lines that you have
On 4/12/18, Corinna Vinschen wrote:
> See sec_acl.cc, line 1127ff. This calls a function
> authz_get_user_attribute which in turn calls a method
> authz_ctx::get_user_attribute, sec_helper.cc, line 811ff.
Ouch. Are there so many lines that you have to use hexadecimal notation ?
Csaba
--
You can
On Apr 11 19:17, Achim Gratz wrote:
> Corinna Vinschen writes:
> > This is a bit low on detail. What does icacls say about this file? How
> > does getfacl report the ACL on a machine in the old domain? What does
> > ls -l report on the file on both machines? Does an strace on getfacl
> > report
Corinna Vinschen writes:
> This is a bit low on detail. What does icacls say about this file? How
> does getfacl report the ACL on a machine in the old domain? What does
> ls -l report on the file on both machines? Does an strace on getfacl
> report an error in ACL checking?
There is absolutel
On Apr 11 09:03, Corinna Vinschen wrote:
> Same here, belong on the Cygwin ML. Redirecting.
>
> Corinna
>
> On Apr 10 18:47, Achim Gratz wrote:
> >
> > We're in the midst of switching to a different LDAP domain
> > organisation. All my accounts still arein the old domain and that leads
> > to
Same here, belong on the Cygwin ML. Redirecting.
Corinna
On Apr 10 18:47, Achim Gratz wrote:
>
> We're in the midst of switching to a different LDAP domain
> organisation. All my accounts still arein the old domain and that leads
> to problems when lookking at shares from a mchine in the new d
11 matches
Mail list logo
