prepareSecurityDescriptorBufferWithDACL(testBuffer, 0, 3);

        securityDescriptor.decode(testBuffer, 0, testBuffer.length);

        ACE[] aces = securityDescriptor.getAces();
        assertNotNull(aces);
        assertEquals(3, aces.length);
        for (ACE ace : aces) {
            assertNotNull(ace);
        }
    }

    @Test
    @DisplayName("Test getOwnerUserSid returns correct SID")

 * the access mask of the ACE, the access check is successful. Otherwise,
 * more ACEs are evaluated until all desired access bits (combined)
 * are "allowed". If all of the desired access bits are not "allowed"
 * the then same process is repeated for inherited ACEs.
 * <p>
 * For example, if user <code>WNET\alice</code> tries to open a file

 * the access mask of the ACE, the access check is successful. Otherwise,
 * more ACEs are evaluated until all desired access bits (combined)
 * are "allowed". If all of the desired access bits are not "allowed"
 * the then same process is repeated for inherited ACEs.
 * <p>
 * For example, if user <code>WNET\alice</code> tries to open a file

 * the access mask of the ACE, the access check is successful. Otherwise,
 * more ACEs are evaluated until all desired access bits (combined)
 * are "allowed". If all of the desired access bits are not "allowed"
 * the then same process is repeated for inherited ACEs.
 * <p>
 * For example, if user <code>WNET\alice</code> tries to open a file

            assertNotNull(security1, "Security ACEs should not be null");
            assertNotNull(security2, "Security ACEs with resolve should not be null");
            assertNotNull(shareSecurity, "Share security ACEs should not be null");
            assertEquals(1, security1.length, "Should return expected number of ACEs");
            assertEquals(1, security2.length, "Should return expected number of ACEs");

        super(server, sharename, 502, new srvsvc.ShareInfo502());
        ptype = 0;
        flags = DCERPC_FIRST_FRAG | DCERPC_LAST_FRAG;
    }

    /**
     * Returns the security descriptor of the share as an array of ACEs.
     *
     * @return an array of ACE objects representing the share's security descriptor
     * @throws IOException if there is an error retrieving the security information
     */

### Bug or Regression

- Fix data race in kube-scheduler when preemption races with a Pod update. ([#116439](https://github.com/kubernetes/kubernetes/pull/116439), [@alculquicondor](https://github.com/alculquicondor)) [SIG Scheduling]

        assertNull(result);
    }

    @Test
    void testGetSecurityWithDACL() throws Exception {
        // Setup ShareInfo502 with a security descriptor containing a DACL with no ACEs
        srvsvc.ShareInfo502 info502 = new srvsvc.ShareInfo502();

        // Create a security descriptor with DACL at offset 20
        byte[] securityDescriptorBytes = new byte[28];

### Bug or Regression

- Fix data race in kube-scheduler when preemption races with a Pod update. ([#116438](https://github.com/kubernetes/kubernetes/pull/116438), [@alculquicondor](https://github.com/alculquicondor)) [SIG Scheduling]

            final SecurityDescriptor desc = querySecurity(th, SecurityInfo.DACL_SECURITY_INFO);
            final ACE[] aces = desc.getAces();
            if (aces != null) {
                processAces(aces, resolveSids);
            }

            return aces;
        }
    }

    @Override
    public SID getOwnerUser() throws IOException {
        return getOwnerUser(true);