[cifs-protocol] RE: Answer: SRX080609601575 : [MS-ADA3]: 2.43 2.44 string forms of AD attributes

[Bill Wesse]

I will certainly keep the Cc: list on emails. BTW - no problem on the objectGUID format, I'll be in touch as soon as I get feedback on the suggested changes.

Regards,
Bill Wesse
MCSE / Escalation Engineer, US-CSS DSC PROTOCOL TEAM
8055 Microsoft Way
Charlotte, NC 28273
TEL:  980-776-8200
CELL: 704-661-5438
FAX:  704-665-9606

-----Original Message-----
From: Andrew Bartlett [mailto:abartlet at samba.org]
Sent: Wednesday, July 16, 2008 8:21 AM
To: Bill Wesse
Subject: RE: Answer: SRX080609601575 : [MS-ADA3]: 2.43 2.44 string forms of AD attributes

On Wed, 2008-07-16 at 04:17 -0700, Bill Wesse wrote:
> Your suggestions and assertions make sense to me. So...
>
> [MS-ADTS] 3.1.1.3.1.3.4 is a difficult paragraph to follow. I have
> suggested an additional reference to the MSDN 'Search Filter' topic
> (shown at the end of this email) to clarify that.
>
> I have also forwarded your suggestion that the special semantics for
> objectCategory and objectSID belong in [MS-ADA3], as per-object
> behaviors, eliminating the document cross-reference problem.

Great.

> On another topic, we omitted comments concerning the objectGUID
> attribute, since it must be formatted in hexadecimal (\xx\xx\...\xx).
> We have verified this in testing several times (performed by both
> myself and one of our senior developers). We are at a loss concerning
> the source of your assertion there is an alternate string format for
> objectGUID.

Indeed.  I appear to be seeing things - I can't reproduce that one at this stage.  I'm probably being tripped up by the fact that Samba does allow these attributes to be specified as strings.

I'm sorry for having you have to chase up this red herring.

BTW, Please remember to keep the list CC'ed.

Andrew Bartlett

--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.