[cifs-protocol] RE: Answer: SRX080609601575 : [MS-ADA3]: 2.43 2.44 string forms of AD attributes

Bill Wesse billwe at microsoft.com
Tue Jul 1 09:53:29 GMT 2008

Thank you Andrew - I have added this information to the bug.

Bill Wesse
MCSE / Escalation Engineer, US-CSS DSC PROTOCOL TEAM
8055 Microsoft Way
Charlotte, NC 28273
TEL:  980-776-8200
CELL: 704-661-5438
FAX:  704-665-9606
We're hiring

-----Original Message-----
From: Andrew Bartlett [mailto:abartlet at samba.org]
Sent: Tuesday, July 01, 2008 2:30 AM
To: Bill Wesse
Cc: 'cifs-protocol at samba.org'; 'pfif at tridgell.net'
Subject: RE: Answer: SRX080609601575 : [MS-ADA3]: 2.43 2.44 string forms of AD attributes

On Tue, 2008-06-17 at 09:05 -0700, Bill Wesse wrote:
> Good day again! I have filed the below bug against the MS-ADA3 document. I apologize for my earlier incorrect answer (which stated that objectGUID and objectSID had no 'human-readable' string format available for use within ldap filters.
> It turns out that the AD specialist I consulted with was speaking with respect to LDAP generically, not the Microsoft implementation (which I was listening as pertaining to).
> Additionally, the list of special semantics for our implementation is specifically against objectSID and objectGUID; there is no schema attribute that specifies or allows for this.

Searching for other things, I find the SID form is noted in MS-ADTS  The objectGUID string format should be included nearby (already obliquely referenced in, and both linked to the schema documentation.

Andrea Bartlett

Andrew Bartlett
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.

More information about the cifs-protocol mailing list