[cifs-protocol] [EXTERNAL] KB5028166 introduced undocumented changes to MS-NRPC? - TrackingID#2307130040006898

Ralph Boehme slow at samba.org
Tue Jul 18 05:05:12 UTC 2023 

Hi Jeff,

thanks a lot!

-Ralph

-- 
Ralph Boehme, Samba Team                      https://samba.org/
SerNet Samba Team Lead                     https://sernet.de/en/

On 7/17/23 23:02, Jeff McCashland (He/him) wrote:
> Hi Ralph,
> 
> We expect to publish an updated [MS-NRPC] release this week with changes related to the 7/11 updates.
> 
> Best regards,
> Jeff McCashland (He/him) | Senior Escalation Engineer | Microsoft Protocol Open Specifications Team
> Phone: +1 (425) 703-8300 x38300 | Hours: 9am-5pm | Time zone: (UTC-08:00) Pacific Time (US and Canada)
> Local country phone number found here: http://support.microsoft.com/globalenglish | Extension 1138300
> 
> -----Original Message-----
> From: Jeff McCashland (He/him)
> Sent: Thursday, July 13, 2023 2:02 PM
> To: Ralph Böhme <slow at samba.org>
> Cc: cifs-protocol at lists.samba.org; Microsoft Support <supportmail at microsoft.com>
> Subject: RE: [EXTERNAL] KB5028166 introduced undocumented changes to MS-NRPC? - TrackingID#2307130040006898
> 
> [Mike to BCC]
> 
> Hi Ralph,
> 
> I will look into these questions and let you know what I find.
> 
> Best regards,
> Jeff McCashland (He/him) | Senior Escalation Engineer | Microsoft Protocol Open Specifications Team
> Phone: +1 (425) 703-8300 x38300 | Hours: 9am-5pm | Time zone: (UTC-08:00) Pacific Time (US and Canada) Local country phone number found here: http://support.microsoft.com/globalenglish | Extension 1138300
> 
> -----Original Message-----
> From: Michael Bowen <Mike.Bowen at microsoft.com>
> Sent: Thursday, July 13, 2023 8:46 AM
> To: Ralph Böhme <slow at samba.org>
> Cc: cifs-protocol at lists.samba.org; Microsoft Support <supportmail at microsoft.com>
> Subject: RE: [EXTERNAL] KB5028166 introduced undocumented changes to MS-NRPC? - TrackingID#2307130040006898
> 
> [DocHelp to BCC]
> 
> Hi Ralph.
> 
> Thank you for your inquiry. The case 2307130040006898 has been created to track this issue. One of our team members will contact you soon.
> 
> Best regards,
> Mike Bowen
> Escalation Engineer - Microsoft Open Specifications
> 
> -----Original Message-----
> From: Ralph Boehme <slow at samba.org>
> Sent: Thursday, July 13, 2023 2:11 AM
> To: Interoperability Documentation Help <dochelp at microsoft.com>
> Cc: cifs-protocol at lists.samba.org
> Subject: [EXTERNAL] KB5028166 introduced undocumented changes to MS-NRPC?
> 
> Hello dochelp,
> 
> we're receiving numerous user reports that after installing KB5028166 related updates applications on Windows clients can't authenticate anymore against Samba AD DCs.
> 
> https://bugzilla.samba.org/show_bug.cgi?id=15418
> 
> It looks like the Windows update introduced changes to netlogon that are not implemented in Samba and also not documented in MS-NRPC.
> 
> The logs on the Samba DC tells us the problem is a new NETLOGON_CAPABILITIES type "2":
> 
> [2023/07/12 18:04:47.063445,  1, pid=11202, effective(0, 0), real(0, 0), class=rpc_parse] ../../librpc/ndr/ndr.c:490(ndr_print_function_debug)
>          netr_LogonGetCapabilities: struct netr_LogonGetCapabilities
>             out: struct netr_LogonGetCapabilities
>                 return_authenticator     : *
>                     return_authenticator: struct netr_Authenticator
>                         cred: struct netr_Credential
>                             data                     : XXXXXXXXXXXXXXXX
>                         timestamp                : (time_t)0
>                 capabilities             : *
>                     capabilities             : union
> netr_Capabilities(case 2)
>                     UNKNOWN LEVEL 2
>                 result                   : NT_STATUS_NOT_SUPPORTED
> 
> MS-NRPC only documents type 1:
> 
> <https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-nrpc/f03cad67-077f-4042-80b0-cdc38dca9968>
> 
> Please read my description with a grain of salt, I'm not the netlogon expert on our team, just wanted to set the ball rolling... :)
> 
> Thanks!
> -slow
> 
> --
> Ralph Boehme, Samba Team                      https://samba.org/
> SerNet Samba Team Lead                     https://sernet.de/en/


-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/cifs-protocol/attachments/20230718/c072a49b/OpenPGP_signature.sig>

More information about the cifs-protocol mailing list