[cifs-protocol] RE: (more) Backing store for Trusted domain object
creation time and flags SRX081028601762
Richard Guthrie
rguthrie at microsoft.com
Thu Nov 6 16:32:52 GMT 2008
Andrew,
I wanted to follow up with you regarding the results of my investigation into the RecordLen field in LSA_FOREST_TRUST_RECORD. We have updated the documentation with the following text in [MS-ADTS] 7.1.6.9.3.1:
RecordLen (4 bytes): Length, in bytes, of the entire record, not including RecordLen.
Please let us know if you have any further questions.
Richard Guthrie
Open Protocols Support Team
Support Escalation Engineer, US-CSS DSC PROTOCOL TEAM
Tel: +1 (469) 775-7794
E-mail: rguthrie at microsoft.com
-----Original Message-----
From: Richard Guthrie
Sent: Thursday, October 30, 2008 9:22 AM
To: 'Andrew Bartlett'
Cc: pfif at tridgell.net; cifs-protocol at samba.org
Subject: RE: (more) Backing store for Trusted domain object creation time and flags
Andrew,
The structure LSA_FOREST_TRUST_RECORD contains data that is stored in Active Directory in the attribute msds-ForestTrustForestInfo on the trusted domain object. This attribute and its layout are documented in MS-ADTS section 7.1.6.9.3. I have attached a parse of this value from a test environment as an example. I have included section 7.1.6.9.3 from the latest MS-ADTS document as well. This text will be provided online in a future release.
I want to point out an issue that is still under review so you are aware and will update you with the final outcome. If you look at the parse of this data structure you will notice that RecordLen shows 73 bytes. This appears to not count the RecordLen bytes even though they are listed as part of the Record structure in MS-ADTS. This is under investigation and I will update you with the final outcome as well as any update to the document if required.
Please let us know if you have any questions.
Richard Guthrie
Open Protocols Support Team
Support Escalation Engineer, US-CSS DSC PROTOCOL TEAM
Tel: +1 (469) 775-7794
E-mail: rguthrie at microsoft.com
-----Original Message-----
From: Andrew Bartlett [mailto:abartlet at samba.org]
Sent: Monday, October 13, 2008 4:00 AM
To: Interoperability Documentation Help
Cc: pfif at tridgell.net; cifs-protocol at samba.org
Subject: (more) Backing store for Trusted domain object creation time and flags
In 2.2.69 LSA_FOREST_TRUST_RECORD it states:
typedef struct _LSA_FOREST_TRUST_RECORD {
unsigned long Flags;
LSA_FOREST_TRUST_RECORD_TYPE ForestTrustType;
LARGE_INTEGER Time;
Time: The date and time when this entry was created. It is a 64-bit value that represents the
number of 100-nanosecond intervals since January 1, 1601, UTC.
I presume this is just the whenCreated attribute on this record, but no link is made.
However, I'm more puzzled by the 'Flags' - where does this come from (in terms of LDAP attributes)?
Thanks,
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
More information about the cifs-protocol
mailing list