[cifs-protocol] RE: Secret 'last set times' doc incorrect in 2008 - 600578

Andrew Bartlett abartlet at samba.org
Tue Aug 26 23:36:11 GMT 2008

On Wed, 2008-08-27 at 08:50 +1000, Andrew Bartlett wrote:
> On Tue, 2008-08-26 at 14:21 -0700, Richard Guthrie wrote:
> > Andrew,
> > 
> > I will be working with you to resolve your issue.  I had a quick
> > question to help with our research:
> > 
> > If you have a secret object with old/new secret values set.  They also
> > both have a timestamp indicating when the values were last
> > updated/set.  You call LsarSetSecret passing in null for new secret
> > value and some value for old secret value.  You observe that the old
> > secret value timestamp = ?, You observe that the new secret value
> > timestamp = ? (Please let me know what these values are in the test
> > you reference).
> The old secret timestamp and the new secret timestamp is 'current server
> time' (or at least the same, my tests don't actually verify the clock).
> http://gitweb.samba.org/?p=samba.git;a=blob;f=source/torture/rpc/lsa.c;h=ec74426ac6487be632441ca925342eac2466914b;hb=0c4227e45d6b8e31a0219358042318e9d2a0b36d#l1276
> Andrew Bartlett

I should note, that the changes to implement this in our code were
mostly to remove the distinction between global and local secrets.  ie


Andrew Bartlett
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/cifs-protocol/attachments/20080827/83c670a2/attachment.bin

More information about the cifs-protocol mailing list