[cifs-protocol] RE: Other types of Kerberos messages on SamLogon Generic

Hongwei Sun hongweis at microsoft.com
Wed Sep 17 21:02:17 GMT 2008


  After running Samba RPC-PAC test, analyzing network trace  and reviewing its source code, we think that we found the problem in the Sambatorture  implementation.   In the loop of setting message type from 0x00 to 0xFF, the test program sends the exactly same PAC_Validate buffer for each call.  This can be observed from the network trace.  Then we confirmed that in ndr_push_PAC_Validate(), which marshals the PAC_Validate structure,  message type is always set to NETLOGON_GENERIC_KRB5_PAC_VALIDATE (0x3).  That explains why Microsoft servers always return NT_STATUS_OK for all the calls in your test.

  We also found that the other tests(wrong length, corrupted data, bad signature etc)  performed by Smbtorture failed as expected.

  Please let us know if what we found is correct.


Hongwei  Sun - Sr. Support Escalation Engineer
DSC Protocol  Team, Microsoft
hongweis at microsoft.com
Tel:  469-7757027 x 57027

-----Original Message-----
From: Andrew Bartlett [mailto:abartlet at samba.org]
Sent: Tuesday, September 02, 2008 11:06 PM
To: Interoperability Documentation Help
Cc: pfif at tridgell.net; cifs-protocol at samba.org
Subject: Other types of Kerberos messages on SamLogon Generic

MS-APDS describes only one Generic message type (0x3) for the Package "Kerberos".  However, Microsoft servers still return NT_STATUS_OK on a message type in the range 0x0..0xff (for example).
What other message types are valid on this Package, and what are their formats?


Andrew Bartlett
Andrew Bartlett
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.

More information about the cifs-protocol mailing list