[cifs-protocol] Re: What are the 'Service' levels in SamLogonEx?

Obaid Farooqi obaidf at microsoft.com
Fri Dec 19 23:52:58 GMT 2008 

Hi Andrew:
Per your inquiry, following are the changes that will appear in the future version of [MS-NRPC]: Netlogon Remote Protocol Specification:

Section 1.3.8.1.4 will reads as follows:

1.3.8.1.4 Fields and Structures Used by Netlogon Pass-through Methods
During the design of the NetrLogonSamLogon method which is used for Netlogon pass-through,
three fields were created to pass information opaquely for applications:
* LogonLevel
* LogonInformation
* ValidationLevel
At that time it was thought that there would be four types of logon:
* Interactive
* Network
* Service
* Generic
In Windows, there were only three were used: Interactive, Network and Generic. Service type
remains an option that can be used by callers, and like all the Netlogon pass-through behavior must
be specified by the receiving protocol.

Current section 1.3.8.1.4 will become section 1.3.8.1.5

A windows behavior is added in section 2.2.1.4.16.
NetlogonServiceInformation: Logon information provided pertains to a service account logon.
      A service account acts as a nonprivileged user on the local computer and presents anonymous
      credentials to any remote server.<29><30>

Windows behavior is added in Appendix B: Windows behavior  as follows:
<30> Section 2.2.1.4.16: Windows clients do not use this logon class.

In section 3.5.4.4.1 , following sentence is added at the end of first paragraph:
For more information about Fields and Structures used by Netlogon pass-through methods, see section 1.3.8.1.4.


Please let me know if this does not answer your question.

Regards,
Obaid Farooqi
Sr. SEE | Microsoft


----Original Message-----
From: Andrew Bartlett [mailto:abartlet at samba.org]
Sent: Tuesday, September 09, 2008 7:13 AM
To: Interoperability Documentation Help
Cc: pfif at tridgell.net; cifs-protocol at samba.org
Subject: What are the 'Service' levels in SamLogonEx?

In MS-NRPC 3.5.4.4.1 NetrLogonSamLogonEx command uses 2.2.1.4.6 NETLOGON_LEVEL typedef enum _NETLOGON_LOGON_INFO_CLASS{
    NetlogonInteractiveInformation = 1,
    NetlogonNetworkInformation = 2,
    NetlogonServiceInformation = 3,
    NetlogonGenericInformation = 4,
    NetlogonInteractiveTransitiveInformation = 5,
    NetlogonNetworkTransitiveInformation = 6,
    NetlogonServiceTransitiveInformation = 7 } NETLOGON_LOGON_INFO_CLASS;

What I'm wondering is:  What are the Service levels for?  Neither MS-NRPC or MS-APDS seems to define their use.

Thanks,

Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.


-------------- next part --------------
HTML attachment scrubbed and removed

More information about the cifs-protocol mailing list