[cifs-protocol] LSA LookupSids 3
Andrew Bartlett
abartlet at samba.org
Mon Aug 25 04:28:10 GMT 2008
In MS-LSAT 3.1.4.9 it states that:
The RPC server MUST ensure that the RPC_C_AUTHN_NETLOGON security provider (as specified in
[MS-RPCE] section 2.2.1.1.7) and at least RPC_C_AUTHN_LEVEL_INTEGRITY authentication level
(as specified in [MS-RPCE] section 2.2.1.1.8) are used in this RPC message. Otherwise, the RPC
server MUST return STATUS_ACCESS_DENIED.
However the behaviour against Windows 2008 is to give an RPC-level fault
(access denied), and to prevent any further communication on the named
pipe (futher requests get NT_STATUS_PIPE_DISCONNECTED at the trans2
level).
Please update the docs,
Thanks,
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/cifs-protocol/attachments/20080825/d9eb3463/attachment.bin
More information about the cifs-protocol
mailing list