[cifs-protocol] RE: Answer: SRX080609601575 : [MS-ADA3]: 2.43 2.44
string forms of AD attributes
Bill Wesse
billwe at microsoft.com
Tue Jul 1 09:53:29 GMT 2008
Thank you Andrew - I have added this information to the bug.
Regards,
Bill Wesse
MCSE / Escalation Engineer, US-CSS DSC PROTOCOL TEAM
8055 Microsoft Way
Charlotte, NC 28273
TEL: 980-776-8200
CELL: 704-661-5438
FAX: 704-665-9606
We're hiring
-----Original Message-----
From: Andrew Bartlett [mailto:abartlet at samba.org]
Sent: Tuesday, July 01, 2008 2:30 AM
To: Bill Wesse
Cc: 'cifs-protocol at samba.org'; 'pfif at tridgell.net'
Subject: RE: Answer: SRX080609601575 : [MS-ADA3]: 2.43 2.44 string forms of AD attributes
On Tue, 2008-06-17 at 09:05 -0700, Bill Wesse wrote:
> Good day again! I have filed the below bug against the MS-ADA3 document. I apologize for my earlier incorrect answer (which stated that objectGUID and objectSID had no 'human-readable' string format available for use within ldap filters.
>
> It turns out that the AD specialist I consulted with was speaking with respect to LDAP generically, not the Microsoft implementation (which I was listening as pertaining to).
>
> Additionally, the list of special semantics for our implementation is specifically against objectSID and objectGUID; there is no schema attribute that specifies or allows for this.
Searching for other things, I find the SID form is noted in MS-ADTS 3.1.1.3.1.2.5. The objectGUID string format should be included nearby (already obliquely referenced in 3.1.1.3.1.2.4), and both linked to the schema documentation.
Andrea Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
More information about the cifs-protocol
mailing list