[cifs-protocol] RE: LSA LookupSids 3

John Dunning johndun at microsoft.com
Mon Aug 25 16:59:36 GMT 2008


Hello Andrew,
   I will be looking into this for you. How did you arrive at this conclusion? Do you have a network trace that shows this behavior?

Thanks
John Dunning
Escalation Engineer Microsoft Corporation
US-CSS DSC PROTOCOL TEAM
Email: johndun at microsoft.com
Tele: (469)775-7008

-----Original Message-----
From: Andrew Bartlett [mailto:abartlet at samba.org]
Sent: Sunday, August 24, 2008 11:28 PM
To: Interoperability Documentation Help
Cc: pfif at tridgell.net; cifs-protocol at samba.org
Subject: LSA LookupSids 3

In MS-LSAT 3.1.4.9 it states that:

The RPC server MUST ensure that the RPC_C_AUTHN_NETLOGON security provider (as specified in [MS-RPCE] section 2.2.1.1.7) and at least RPC_C_AUTHN_LEVEL_INTEGRITY authentication level (as specified in [MS-RPCE] section 2.2.1.1.8) are used in this RPC message. Otherwise, the RPC server MUST return STATUS_ACCESS_DENIED.

However the behaviour against Windows 2008 is to give an RPC-level fault (access denied), and to prevent any further communication on the named pipe (futher requests get NT_STATUS_PIPE_DISCONNECTED at the trans2 level).

Please update the docs,

Thanks,

Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.


More information about the cifs-protocol mailing list