[cifs-protocol] RE: Other types of Kerberos messages on SamLogon
Generic
Hongwei Sun
hongweis at microsoft.com
Wed Sep 17 21:02:17 GMT 2008
Andrew,
After running Samba RPC-PAC test, analyzing network trace and reviewing its source code, we think that we found the problem in the Sambatorture implementation. In the loop of setting message type from 0x00 to 0xFF, the test program sends the exactly same PAC_Validate buffer for each call. This can be observed from the network trace. Then we confirmed that in ndr_push_PAC_Validate(), which marshals the PAC_Validate structure, message type is always set to NETLOGON_GENERIC_KRB5_PAC_VALIDATE (0x3). That explains why Microsoft servers always return NT_STATUS_OK for all the calls in your test.
We also found that the other tests(wrong length, corrupted data, bad signature etc) performed by Smbtorture failed as expected.
Please let us know if what we found is correct.
Thanks
----------------------------------------------------------
Hongwei Sun - Sr. Support Escalation Engineer
DSC Protocol Team, Microsoft
hongweis at microsoft.com
Tel: 469-7757027 x 57027
-----------------------------------------------------------
-----Original Message-----
From: Andrew Bartlett [mailto:abartlet at samba.org]
Sent: Tuesday, September 02, 2008 11:06 PM
To: Interoperability Documentation Help
Cc: pfif at tridgell.net; cifs-protocol at samba.org
Subject: Other types of Kerberos messages on SamLogon Generic
MS-APDS 2.2.2.1 describes only one Generic message type (0x3) for the Package "Kerberos". However, Microsoft servers still return NT_STATUS_OK on a message type in the range 0x0..0xff (for example).
What other message types are valid on this Package, and what are their formats?
Thanks,
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
More information about the cifs-protocol
mailing list