t.Fatalf("errors happened when create: %v", err)
		}

		var account2 CustomizeAccount
		DB.Find(&account2, "user_id = ?", cusUser.ID)
		AssertEqual(t, account2.Number, number)
		AssertEqual(t, account2.Number2, cusUser.Account.Number2)
	})

                final Set<String> permissionSet = new HashSet<>();
                final IAccount account = authResult.account();
                final String homeAccountId = account.homeAccountId();
                final String username = account.username();
                if (logger.isDebugEnabled()) {
                    logger.debug("homeAccountId={}, username={}", homeAccountId, username);

### Windows

Support for Windows nodes and Windows containers went going stable.

Support for Group Managed Service Accounts (GMSA) for Windows containers in Kubernetes. GMSA are a specific type of Active Directory account that provides automatic password management, simplified service principal name (SPN) management, and the ability to delegate the management to other administrators across multiple servers.

- Authentication token cache size is increased (from 4k to 32k) to support clusters with many nodes or many namespaces with active service accounts. ([#83643](https://github.com/kubernetes/kubernetes/pull/83643), [@lavalamp](https://github.com/lavalamp))

* Some components like kube-dns and kube-proxy could fail to load the service account token when started within a pod. Properly handle empty configurations to try loading the service account config. ([#31947](https://github.com/kubernetes/kubernetes/pull/31947), [@smarterclayton](https://github.com/smarterclayton))

resource belongs to. ([#43338](https://github.com/kubernetes/kubernetes/pull/43338), [@fabianofranz](https://github.com/fabianofranz))

* `--service-account-lookup` now defaults to true, requiring the Secret API object containing the token to exist in order for a service account token to be valid. This enables service account tokens to be revoked by deleting the Secret object containing the token. ([#44071](https://github.com/kubernetes/kubernetes/pull/44071), [@liggitt](https://github.com/liggitt))...

- Added support in the kubelet's image pull credential tracking for service account-based verification. When an image was pulled using service account credentials via external credential providers, subsequent Pods using the same service account (UID, name, and namespace) could access the cached image without re-authentication for the lifetime of that service account. ([#132771](https://github.com/kubernetes/kubernetes/pull/132771), [@aramase](https://github.com/aramase))...

    @ParameterizedTest
    @DisplayName("Test decode with various ACE counts")
    @ValueSource(ints = { 0, 1, 10, 100, 1000, 4096 })
    void testDecodeWithVariousAceCounts(int aceCount) throws SMBProtocolDecodingException {
        // This test is theoretical as we can't create huge buffers
        // but tests the boundary conditions
        if (aceCount <= 10) { // Only test small counts practically
            byte[] buffer = new byte[2048];

contemptuously.  `I dare say you never even spoke to Time!'

  `Perhaps not,' Alice cautiously replied:  `but I know I have to
beat time when I learn music.'

  `Ah! that accounts for it,' said the Hatter.  `He won't stand
beating.  Now, if you only kept on good terms with him, he'd do
almost anything you liked with the clock.  For instance, suppose

     * @return the extra SIDs array
     */
    public SID[] getExtraSids() {
        return this.extraSids;
    }

    /**
     * Returns the user account control flags.
     * @return the user account control value
     */
    public int getUserAccountControl() {
        return this.userAccountControl;
    }

    /**
     * Returns the user flags indicating PAC content.