[cifs-protocol] [EXTERNAL] Kerberos e-data NTSTATUS encoding - TrackingID#2305240040010867
Michael Bowen
Mike.Bowen at microsoft.com
Wed May 24 22:14:49 UTC 2023
[DocHelp to bcc]
Hi Andrew,
Thanks for your question. We've created case #2305240040010867 to track this case. One of our engineers will contact you soon.
Mike Bowen
Escalation Engineer - Microsoft Open Specifications
From: Andrew Bartlett <abartlet at samba.org>
Sent: Wednesday, May 24, 2023 2:58 PM
To: Interoperability Documentation Help <dochelp at microsoft.com>
Cc: cifs-protocol mailing list <cifs-protocol at lists.samba.org>; Joseph Sutton <josephsutton at catalyst.net.nz>
Subject: [EXTERNAL] Kerberos e-data NTSTATUS encoding
Per my call with Jeff and Obiad today:
My one question comes from Joseph who is working on Kerberos for us:
The NTSTATUS structure in the Kerberos e-data field. Where is this packing defined, and what the second two fields are used for?
The first one that's always zero, and the second one that appears to be flags.
KERB_ERR_TYPE_EXTENDED<https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-kile/25fabd02-560d-4c1f-8f42-b32e9d97996a>
https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-kile/25fabd02-560d-4c1f-8f42-b32e9d97996a
only says the data-value field contains extended, implementation-specific error information.
https://gitlab.com/samba-team/samba/-/blob/master/source4/kdc/hdb-samba4.c#L573
Even if Microsoft clients do not use this, we have found in the real world that third party clients rely on this behaviour, so we need to know what else might be encoded here.
Thanks,
Andrew Bartlett
--
Andrew Bartlett (he/him) https://samba.org/~abartlet/
Samba Team Member (since 2001) https://samba.org<https://samba.org/>
Samba Team Lead https://catalyst.net.nz/services/samba
Catalyst.Net Ltd
Proudly developing Samba for Catalyst.Net Ltd - a Catalyst IT group company
Samba Development and Support: https://catalyst.net.nz/services/samba
Catalyst IT - Expert Open Source Solutions
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.samba.org/pipermail/cifs-protocol/attachments/20230524/558185a8/attachment.htm>
More information about the cifs-protocol
mailing list