[cifs-protocol] RE: ANR and anr==andrew

Obaid Farooqi obaidf at microsoft.com
Fri Oct 24 00:12:15 GMT 2008

Hi Andrew:
Thanks for your reply.
Based on this, I consider the issue resolved. If you have any further question, please feel free to contact us.

Obaid Farooqi
Sr. SEE | Microsoft

-----Original Message-----
From: Andrew Bartlett [mailto:abartlet at samba.org]
Sent: Friday, October 10, 2008 1:47 PM
To: Obaid Farooqi
Cc: pfif at tridgell.net; cifs-protocol at samba.org
Subject: RE: ANR and anr==andrew

On Mon, 2008-09-29 at 09:01 -0700, Obaid Farooqi wrote:
> Hi Andrew:
> We've concluded our investigation and future versions of the document will include a new rule that will be added as the first rule in item 6 of section of [MS-ADTS]. The addition will appear in the future version of document. After addition, item 6 will look like the following. For brevity, I have only shown rule 1 and 2 for item 6. Rule 1 is new text and rule 2 is included for context.
> 6. For each LDAP search filter clause C of the form "(aNR=value)" or "(aNR~=value)" or
>    "(aNR>=value)" or "(aNR<=value)" in F:
>    1. If value's first non-space character is an equal sign ("=") similar to "=value1" or " =value1",
>       it is used for an exact string search instead of a substring search. Set "value" to "value1",
>       apply the following steps in rule 6, and replace all the "value*" with "value".
>    2. If value does not contain any space characters, or if P1 is true and P2 is true, construct an
>       LDAP search filter clause C' of the form "(|(A1=value*)...(An=value*))" if PLegacy is false, or
>       of the form "(|(A1=value*)...(An=value*)(legacyExchangeDN=value)" if PLegacy is true.
>       (This clause resolves to "true" for an object if value is a prefix of the value of any attribute in
>       the ANR set on that object, except an exact match is always performed on the
>       legacyExchangeDN attribute.)

I've not had a chance to verify the above, but it looks reasonable.

Andrew Bartlett
Andrew Bartlett
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.

More information about the cifs-protocol mailing list