[cifs-protocol] Re: What are the 'Service' levels in SamLogonEx?

Obaid Farooqi obaidf at microsoft.com
Fri Dec 19 23:52:58 GMT 2008

Hi Andrew:
Per your inquiry, following are the changes that will appear in the future version of [MS-NRPC]: Netlogon Remote Protocol Specification:

Section will reads as follows: Fields and Structures Used by Netlogon Pass-through Methods
During the design of the NetrLogonSamLogon method which is used for Netlogon pass-through,
three fields were created to pass information opaquely for applications:
* LogonLevel
* LogonInformation
* ValidationLevel
At that time it was thought that there would be four types of logon:
* Interactive
* Network
* Service
* Generic
In Windows, there were only three were used: Interactive, Network and Generic. Service type
remains an option that can be used by callers, and like all the Netlogon pass-through behavior must
be specified by the receiving protocol.

Current section will become section

A windows behavior is added in section
NetlogonServiceInformation: Logon information provided pertains to a service account logon.
      A service account acts as a nonprivileged user on the local computer and presents anonymous
      credentials to any remote server.<29><30>

Windows behavior is added in Appendix B: Windows behavior  as follows:
<30> Section Windows clients do not use this logon class.

In section , following sentence is added at the end of first paragraph:
For more information about Fields and Structures used by Netlogon pass-through methods, see section

Please let me know if this does not answer your question.

Obaid Farooqi
Sr. SEE | Microsoft

----Original Message-----
From: Andrew Bartlett [mailto:abartlet at samba.org]
Sent: Tuesday, September 09, 2008 7:13 AM
To: Interoperability Documentation Help
Cc: pfif at tridgell.net; cifs-protocol at samba.org
Subject: What are the 'Service' levels in SamLogonEx?

In MS-NRPC NetrLogonSamLogonEx command uses NETLOGON_LEVEL typedef enum _NETLOGON_LOGON_INFO_CLASS{
    NetlogonInteractiveInformation = 1,
    NetlogonNetworkInformation = 2,
    NetlogonServiceInformation = 3,
    NetlogonGenericInformation = 4,
    NetlogonInteractiveTransitiveInformation = 5,
    NetlogonNetworkTransitiveInformation = 6,
    NetlogonServiceTransitiveInformation = 7 } NETLOGON_LOGON_INFO_CLASS;

What I'm wondering is:  What are the Service levels for?  Neither MS-NRPC or MS-APDS seems to define their use.


Andrew Bartlett
Andrew Bartlett
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.

-------------- next part --------------
HTML attachment scrubbed and removed

More information about the cifs-protocol mailing list