Hey folks, To sum things up, I've got two servers: one in an NT Domain and one not in an NT Domain. I would like to set NTFS permissions on shared directories residing on the server in the NT Domain using a Perl/CGI script running off of the other server without a domain. Big Problem. I've been lulled into a sense of confidence about the succes of this setup up until now by my somewhat innapropriate testing environment and a woeful lack of NT/2000 security programming experience. In other words, everything worked fine until I tried to actually put this into production. Win32::FileSecurity::Set() has no way of determing username SID's unless it somehow has access to that user's NT Domain, from what I can tell. You just can't get away with setting MYDOMAIN\user on a shared directory from the CGI script in this setup. Everything is dependent on resolving SIDs. This makes perfect sense in hindsight, of course. So, am I wrong??? Is there a way out of this mess? I'm sure I glossed over more than a handful of details for the sake of expendiency. Does someone have a module or COM object they can suggest to fullfill this task? If I could lookup a username against a specific NT Domain (PDC & BDC controllers or otherwise) to return an SID and then set that SID on the directory permissions somehow (that part might be trivial in fact) via Win32API calls in C this might just have a chance of working. Can anyone shed any light on this situation??? Many Thanks, DTS -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]