I am trying to extract the SID's from MS PAC structure present in
authorization data field of the decoded service ticket.

I have read through earlier mail chains where a few have tried to decode
the structure, but haven't found that to help me substantially. My
question is, krb5_authdata structure seems to be still ASN.1 encoded,
with PAC structure itself encoded in NDR (if the structure contains
pointers). Does anyone have any examples what is needed to extract the
SID's ?

MS PAC structure specs also didn't help me much.



Kerberos mailing list Kerberos@mit.edu