[cifs-protocol] Re: 601115 - RE: LSA trusted domains enumeration (for n=0)

Andrew Bartlett abartlet at samba.org
Wed Aug 6 22:55:13 GMT 2008


On Wed, 2008-08-06 at 12:35 -0700, Richard Guthrie wrote:
> Andrew,
> 
> Thank you for pointing out this discrepancy in the documentation.  We
> have updated the MS-LSAD documentation for both
> LsarEnumerateTrustedDomains and LsarEnumerateTrustedDomainsEx.  This
> change will be released in a future version of the WSPP documentation
> set.  The respective updates are as follows:
> 
> -- Section 3.1.4.7.7 (LsarEnumerateTrustedDomainsEx (Opnum 50)), the
> message processing paragraph for EnumerationContext.
> 
> EnumerationContext: This is a special value that encodes a location at
> which to begin the enumeration. The server MUST always return all
> trusted domain objects in the same order. It is valid for the server
> to return an incomplete set of trusted domain objects in its policy
> database when this method is invoked. If the server decides not to
> return an entire set of trusted domain objects known to it when this
> method is invoked, it MUST set the EnumerationContext value to a value
> that it will later use to resume enumeration and return the status
> code STATUS_MORE_ENTRIES. If the enumeration is finished or there are
> no entries to be returned, the server MUST return the status code
> STATUS_NO_MORE_ENTRIES and set EnumerationContext to a value that
> indicates that the enumeration has been finished.
> 
> 
> -- Section 3.1.4.7.8 (LsarEnumerateTrustedDomains (Opnum 13)), the
> message processing paragraph for EnumerationContext.
> 
> EnumerationContext: This is a value that allows the server to resume
> enumeration where it was last left off. The server MUST always return
> all trusted domain objects in the same order. The server is allowed to
> return an incomplete set of accounts in its policy database when this
> method is invoked. If the server does not return an entire set of
> accounts known to it when this method is invoked, it MUST set the
> EnumerationContext value to a value that would allow it to resume
> enumeration correctly when this method is called again, and return the
> status code STATUS_MORE_ENTRIES. If the enumeration is finished or
> there are no entries to be returned, the server MUST return the status
> code STATUS_NO_MORE_ENTRIES and set EnumerationContext to a number
> such that enumeration would not continue if the method was called
> again with that value of EnumerationContext. If the EnumerationContext
> supplied by the caller is such that enumeration cannot continue, the
> server MUST return STATUS_NO_MORE_ENTRIES.
> 
> Please let us know if there are any further questions.

Just check all the other enumerations - I'm sure this bug isn't alone.
Thanks for the extra info on the EnumerationContext in particular.

Andrew Bartlett 

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.                  http://redhat.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/cifs-protocol/attachments/20080807/b1b3f204/attachment.bin


More information about the cifs-protocol mailing list