# -
# This test verifies that one can specify a SID to identify a trustee
# -

# Initialize a new ACL
Exec InitNewACL

# Set current trustee to rayland\actest1
Set TrusteeName rayland\actest1
ToggleAccessPerm COM_RIGHTS_EXECUTE
GetSIDForCurrentTrustee
Set TrusteeForm TRUSTEE_IS_SID

# Add trustee to local access request list
AddTrustee AccessRequestList

# Call GrantAccessRights
Exec GrantAccessRights

# Change client's security context to rayland\actest1
SwitchClientCtx
actest1
rayland


# Call IsAccessPermitted
Exec IsAccessPermitted

# Call IsAccessPermitted again to see if the caching mechanism works
Exec IsAccessPermitted

# Take a look at the ACL
Exec GetExplicitAccessRights

# Kill server
Quit