Security is fun. But not as much fun as it could be, were it only documented in a more extensive fashion.
This site cannot even begin to give a comprehensive treatment on the subject, but from time to time, I'll post a sample highlighting a specific aspect of NT security.
For additional samples related to NT security, see the LSA page and midlbug (authenticated RPC, only indirectly related to NT security).
Update 13 Jan 00: Slava M. Usov is offering security-related samples, for your amusement and especially enlightenment, too. Please take a peek!
The samples:
 | checkacl.cpp processes ACLs on NTFS files |
| dumpacl is a clean, neat SECURITY_DESCRIPTOR and
ACL dumper, which I recommend over checkacl.cpp for readability |
| fksec is a set of classes to avoid buggy NT security APIs while offering reasonable comfort |
| is_admin.cpp determines whether it is running with admin rights |
| is_svc.txt shows how to find out whether the process is a service |
| lu_cpau_gui.cpp demos the launch of a process in another user's context, with access to the interactive window station |
| opt_gti.cpp demonstrates how to exploit process tokens for fun and profit; here, we try to determine the identity of the interactive user with OpenProcessToken() and GetTokenInformation(). |
| ownership.cpp uses the fksec classes to take the pain out of taking ownership of a file etc. |
| printer_sd.cpp demonstrates how to successfully set security on a printer object. This sample requires the fksec classes, but the principle should be clear even without them. |
| showpriv.cpp lists all available privileges and shows how to enable one |
| SSPI shows how to authenticate a client against a server, as long as you have some way of transmitting data back and forth |