On Thu, Jun 28, 2018 at 4:49 AM, Rob Marshall <rob.marshal...@gmail.com> wrote: > Hi, > > At the moment I don't need it at all, but when I use the smbcacls > utility from Samba on a Linux system and have it print the security > descriptor as an SDDL it gives me something like: > > O:S-1-5-21-3327876616-1579407131-3503203118-500G:S-1-5-21-3327876616- > 1579407131-3503203118-513D:P(A;;0x001e01ff;;;S-1-5-21-3327876616- > 1579407131-3503203118-500)(A;;0x00120089;;;S-1-5-21-3327876616- > 1579407131-3503203118-513)(A;;0x00120089;;;WD > > That's what I was hoping to get so that I could print it out. > Currently it doesn't matter because I can use smbcacls to get what I > want.
There is no such thing as an absolute format SDDL string. Do you understand that "absolute" in this case is referring to absolute pointer addresses for the SD components *in memory*? This is opposed to the relative offset format that's used when marshaling the structure to disk or over the wire. The distinction is completely irrelevant to the SDDL string representation of an SD. The conversion from SDDL to SD always creates a self-relative format SD. It's also not relevant within the PyWin32 framework, since a PySECURITY_DESCRIPTOR is stored in self-relative format and automatically converts to absolute format whenever that's required. The boring details are handled for you automatically. _______________________________________________ python-win32 mailing list python-win32@python.org https://mail.python.org/mailman/listinfo/python-win32