You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
First of all thanks for all the work, it really saved me some time. Especially the SID retrieval part directly from the kerberos ticket.
Looking into that, I seem to have an issue on my end. Not sure where it comes from and if it could be an issue from the ticket decoding. When looking at the SID retrieved from a user of my app, I get some stuff in the resourceGroupSids part of the PacLogonInfo. These info are the local/applicative rights related to the user so that's good, but it seems the SIDs retrieved are not entirely correct.
Here's an example of what I've got (no real data):
SID registered in the AD (retrieved otherwise, so the true one) : S-1-X-12-12345-12345-12345-9999
SID retrieved in resourceGroupSids : S-1-X-12-12345-12345-12345-12-12345-12345-12345-9999
Basically it seems some data is duplicated while constructing the SID. In summary I have :
-> correct SID: S-1-X-SOMESTUFF-9999
-> SID in resourceGroupSids: S-1-X-SOMESTUFF-SOMESTUFF-9999
I'm not too familiar with all these mechanisms, so I don't know if something is indeed wrong here of if I'm mistaken somehow?
I checked for SIDs retrieved in PacLogonInfo groupSids and these ones are correct.
Cheers,
Sylvain
The text was updated successfully, but these errors were encountered:
Hi,
First of all thanks for all the work, it really saved me some time. Especially the SID retrieval part directly from the kerberos ticket.
Looking into that, I seem to have an issue on my end. Not sure where it comes from and if it could be an issue from the ticket decoding. When looking at the SID retrieved from a user of my app, I get some stuff in the resourceGroupSids part of the PacLogonInfo. These info are the local/applicative rights related to the user so that's good, but it seems the SIDs retrieved are not entirely correct.
Here's an example of what I've got (no real data):
Basically it seems some data is duplicated while constructing the SID. In summary I have :
-> correct SID: S-1-X-SOMESTUFF-9999
-> SID in resourceGroupSids: S-1-X-SOMESTUFF-SOMESTUFF-9999
I'm not too familiar with all these mechanisms, so I don't know if something is indeed wrong here of if I'm mistaken somehow?
I checked for SIDs retrieved in PacLogonInfo groupSids and these ones are correct.
Cheers,
Sylvain
The text was updated successfully, but these errors were encountered: