[cifs-protocol] RE: Answer: SRX080609601575 : [MS-ADA3]: 2.43 2.44
string forms of AD attributes
billwe at microsoft.com
Tue Jul 1 09:53:29 GMT 2008
Thank you Andrew - I have added this information to the bug.
MCSE / Escalation Engineer, US-CSS DSC PROTOCOL TEAM
8055 Microsoft Way
Charlotte, NC 28273
From: Andrew Bartlett [mailto:abartlet at samba.org]
Sent: Tuesday, July 01, 2008 2:30 AM
To: Bill Wesse
Cc: 'cifs-protocol at samba.org'; 'pfif at tridgell.net'
Subject: RE: Answer: SRX080609601575 : [MS-ADA3]: 2.43 2.44 string forms of AD attributes
On Tue, 2008-06-17 at 09:05 -0700, Bill Wesse wrote:
> Good day again! I have filed the below bug against the MS-ADA3 document. I apologize for my earlier incorrect answer (which stated that objectGUID and objectSID had no 'human-readable' string format available for use within ldap filters.
> It turns out that the AD specialist I consulted with was speaking with respect to LDAP generically, not the Microsoft implementation (which I was listening as pertaining to).
> Additionally, the list of special semantics for our implementation is specifically against objectSID and objectGUID; there is no schema attribute that specifies or allows for this.
Searching for other things, I find the SID form is noted in MS-ADTS 184.108.40.206.1.2.5. The objectGUID string format should be included nearby (already obliquely referenced in 220.127.116.11.1.2.4), and both linked to the schema documentation.
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
More information about the cifs-protocol