Microsoft Dfs root description in AD

Antti Tikkanen antti.tikkanen at hut.fi
Thu Apr 24 09:29:17 GMT 2003 

On Tue, 22 Apr 2003, Antti Tikkanen wrote:

> Hi all,
>
> Has anyone given any effort in examining the Dfs root descriptions stored
> in Active Directory. I think the required information is stored in
> somewhere close to:
>
>   dn: CN=dfs,CN=Dfs-Configuration,CN=System,DC=my,DC=domain,DC=com
>
> More precisely, the attribute pKT contains the root description I think?
> I gather no specification on this has been published by Microsoft? Does
> anyone have any pointers as to where I could start?
>
> The reason I'm digging into this is that I would like smbclient to have
> seamless access to my Windows 2000 fileservers.

Answering to myself, I should probably take no other answers to mean that
no research has been done on this?

My W2k domain's pKT looks like this:

0000000: 0100 0000 1500 0000 1600 5c00 6400 6f00  ..........\.d.o.
0000010: 6d00 6100 6900 6e00 7200 6f00 6f00 7400  m.a.i.n.r.o.o.t.
0000020: c600 0000 c10b 649a dc21 f740 9009 b74b  ......d..!. at ...K
0000030: 0a24 7f0c 1000 5c00 5700 4900 4e00 5c00  .$....\.W.I.N.\.
0000040: 6400 6600 7300 1000 5c00 5700 4900 4e00  d.f.s...\.W.I.N.
0000050: 5c00 6400 6600 7300 8100 0000 0100 0000  \.d.f.s.........
0000060: 0000 70a7 e735 2a02 c001 70a7 e735 2a02  ..p..5*...p..5*.
0000070: c001 70a7 e735 2a02 c001 0300 0000 5c00  ..p..5*.......\.
0000080: 0000 0200 0000 2600 0000 10a3 fa81 e30c  ......&.........
0000090: c001 0200 0000 0100 0000 0c00 4300 4300  ............C.C.
00000a0: 4400 4300 3000 3200 0600 6400 6600 7300  D.C.0.2...d.f.s.
00000b0: 2600 0000 70a7 e735 2a02 c001 0200 0000  &...p..5*.......
00000c0: 0100 0000 0c00 4300 4300 4400 4300 3000  ......C.C.D.C.0.
00000d0: 3100 0600 6400 6600 7300 0000 0000 0400  1...d.f.s.......
00000e0: 0000 0000 0000 2c01 0000 5800 5c00 6400  ......,...X.\.d.
00000f0: 6f00 6d00 6100 6900 6e00 7200 6f00 6f00  o.m.a.i.n.r.o.o.
0000100: 7400 5c00 3800 4400 4400 4200 4500 4600  t.\.8.D.D.B.E.F.
0000110: 4300 3400 3700 3900 4600 3800 3500 3800  C.4.7.9.F.8.5.8.
0000120: 3400 3300 4200 3600 3600 3300 4600 3000  4.3.B.6.6.3.F.0.
0000130: 3300 4600 3100 3300 3200 3900 3800 4400  3.F.1.3.2.9.8.D.
0000140: 3400 3800 cc01 0000 8ddb efc4 79f8 5843  4.8.........y.XC
0000150: b663 f03f 1329 8d48 1a00 5c00 5700 4900  .c.?.).H..\.W.I.
0000160: 4e00 5c00 6400 6600 7300 5c00 6800 6f00  N.\.d.f.s.\.h.o.
0000170: 6d00 6500 1a00 5c00 5700 4900 4e00 5c00  m.e...\.W.I.N.\.
0000180: 6400 6600 7300 5c00 6800 6f00 6d00 6500  d.f.s.\.h.o.m.e.
0000190: 0100 0000 0100 0000 4400 4800 6f00 6d00  ........D.H.o.m.
00001a0: 6500 2000 6400 6900 7200 6500 6300 7400  e. .d.i.r.e.c.t.
00001b0: 6f00 7200 6900 6500 7300 2000 6600 6f00  o.r.i.e.s. .f.o.
00001c0: 7200 2000 7500 7300 6500 7200 2000 6100  r. .u.s.e.r. .a.
00001d0: 6300 6300 6f00 7500 6e00 7400 7300 e028  c.c.o.u.n.t.s..(
00001e0: 76f2 b502 c001 e028 76f2 b502 c001 50f1  v......(v.....P.
00001f0: b801 d2ba c001 0300 0000 0a01 0000 0200  ................
0000200: 0000 4200 0000 901e ed55 a513 c201 0100  ..B......U......
0000210: 0000 0200 0000 2600 6300 6300 6600 6900  ......&.c.c.f.i.
0000220: 6c00 6500 3000 3200 2e00 7700 6900 6e00  l.e.0.2...w.i.n.
0000230: 2e00 6800 7500 7400 2e00 6600 6900 0800  ..h.u.t...f.i...
0000240: 6800 6f00 6d00 6500 4200 0000 405d 3dbd  h.o.m.e.B...@]=.
0000250: 184f c201 0200 0000 0200 0000 2600 6300  .O..........&.c.
0000260: 6300 6600 6900 6c00 6500 3000 3100 2e00  c.f.i.l.e.0.1...
0000270: 7700 6900 6e00 2e00 6800 7500 7400 2e00  w.i.n...h.u.t...
0000280: 6600 6900 0800 6800 6f00 6d00 6500 0200  f.i...h.o.m.e...
0000290: 0000 2c00 0000 70e8 7138 4b90 c001 0200  ..,...p.q8K.....
00002a0: 0000 0200 0000 1000 4300 6300 6600 6900  ........C.c.f.i.
00002b0: 6c00 6500 3000 3100 0800 6800 6f00 6d00  l.e.0.1...h.o.m.
00002c0: 6500 4200 0000 0036 b208 8e78 c001 0100  e.B....6...x....
00002d0: 0000 0200 0000 2600 6300 6300 6600 6900  ......&.c.c.f.i.
00002e0: 6c00 6500 3000 3200 2e00 7700 6900 6e00  l.e.0.2...w.i.n.
00002f0: 2e00 6800 7500 7400 2e00 6600 6900 0800  ..h.u.t...f.i...
0000300: 6800 6f00 6d00 6500 0400 0000 0000 0000  h.o.m.e.........
0000310: 0807 0000 5800 5c00 6400 6f00 6d00 6100  ....X.\.d.o.m.a.
0000320: 6900 6e00 7200 6f00 6f00 7400 5c00 4300  i.n.r.o.o.t.\.C.
0000330: 3500 4100 3700 4400 3500 3100 3400 4100  5.A.7.D.5.1.4.A.
0000340: 3100 4600 3900 3600 4400 3400 4600 3800  1.F.9.6.D.4.F.8.
0000350: 4100 4500 3200 3100 3900 3600 3100 3300  A.E.2.1.9.6.1.3.
0000360: 3600 3000 3900 3100 3400 4500 3100 f601  6.0.9.1.4.E.1...
0000370: 0000 c5a7 d514 a1f9 6d4f 8ae2 1961 3609  ........mO...a6.
0000380: 14e1 2000 5c00 5700 4900 4e00 5c00 6400  .. .\.W.I.N.\.d.
0000390: 6600 7300 5c00 7000 7200 6f00 6600 6900  f.s.\.p.r.o.f.i.
00003a0: 6c00 6500 2000 5c00 5700 4900 4e00 5c00  l.e. .\.W.I.N.\.
00003b0: 6400 6600 7300 5c00 7000 7200 6f00 6600  d.f.s.\.p.r.o.f.
00003c0: 6900 6c00 6500 0100 0000 0100 0000 4a00  i.l.e.........J.
00003d0: 5000 7200 6f00 6600 6900 6c00 6500 2000  P.r.o.f.i.l.e. .
(.. continues)

This does not look like ASN.1 atleast, does anyone have any idea how to go
about this? Probably a proprietary format?

Does the Samba team have any use for the information if someone were to
reverse engineer this (if reverse engineering is indeed necessary)?


Antti

-- 

Antti.Tikkanen at hut.fi
Helsinki University of Technology
Computing Centre

More information about the samba-technical mailing list