[cifs-protocol] format of password attributes in AD
Andrew Bartlett
abartlet at samba.org
Mon Jun 9 06:23:22 GMT 2008
As a PFIF subcontractor, I am requesting correction assistance:
MS-ADS3 lists supplementaryCredentials as:
.286 Attribute supplementalCredentials
This attribute specifies stored credentials for use in authenticating;
the encrypted version of the
user's password. This attribute is neither readable nor writable.
However, it does not describe the format of the attribute (when read
over DRS replication, as it is not available in LDAP).
We have some idea of the format, but need to know how it is expanded for
new key types (for example, we wish to enable AES in our KDC).
Similarly the other password attributes not not fully described
(ntPwdHistory and lmPwdHistory are un-described, and unicodePwd could be
better described).
Can you please describe to me (and the list) the format of this and the
other password attributes?
Thanks,
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/cifs-protocol/attachments/20080609/1388e117/attachment.bin
More information about the cifs-protocol
mailing list