[cifs-protocol] Re: New case: SRX080910600015: [MS-ADA3]: 2.44
Elaborate on objectSid definition
Andrew Bartlett
abartlet at samba.org
Wed Sep 10 12:29:48 GMT 2008
On Wed, 2008-09-10 at 03:34 -0700, Bill Wesse wrote:
> Good morning Andrew. I have created the new case as noted in the
> Subject line. I expect you will be happy to know that we are
> initiating a strong recommendation that the objectSid definition in
> [MS-ADA3] be modified as shown below. Thank you for your persistence
> on this topic.
No worries.
> I will keep you advised of progress!
>
>
> Change:
>
> 2.44 Attribute objectSid
> This attribute specifies a binary value that specifies the security
> identifier (SID) of the user. The SID is a unique value used to
> identify the user as a security principal. For more information on the
> SID data type, refer to [MS-DTYP] section 2.4.2. SID usage is also
> discussed in [MS-ADTS], in particular in section 3.1.1.1.3.
>
> To:
>
> 2.44 Attribute objectSid
> This attribute specifies a variable-length byte array value that
> specifies the security identifier (SID) of the user. For more
> information on the SID data type, refer to [MS-DTYP] section 2.4.2. It
> also may be represented as a UTF-8 string that is a valid SDDL SID
> string beginning with "S-" (see [MS-DTYP] sections 2.4.2 and 2.5.1,
> and [MS-ADTS] 3.1.1.3.1.2.5). The SID is a unique value used to
> identify the user as a security principal. SID usage is also discussed
> in [MS-ADTS], in particular in section 3.1.1.1.3.
That looks good. Let me know how you go - I had understood from the
call that we were at a stalemate, so I'm particularly glad to see this
(potentially) moving forward.
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/cifs-protocol/attachments/20080910/9224ce02/attachment.bin
More information about the cifs-protocol
mailing list