摘要 |
Methods and systems are disclosed for replicating security descriptors that describe security rights to the same object even though those security descriptors may follow different security descriptor specifications. As an example, the replication may occur between a first security descriptor that follows a first security descriptor specification and a second security descriptor that follows a second security descriptor specification. In order to replicate changes to the first security descriptor with the second security descriptor, the first security descriptor is converted into a version of the first security descriptor that follows the second security descriptor specification. This version is then compared to the second security descriptor. Any detected changes are then made to the second security descriptor. The conversion may be accomplished using mapping rules that map sets of one or more rights of the first security descriptor specification to sets of one or more rights of the second security descriptor specification.
|