[cifs-protocol] Please clarify LSA and OsVersion behaviour in MS-NRPC (SRX090727600015)
Andrew Bartlett
abartlet at samba.org
Thu Aug 27 15:44:12 MDT 2009
On Wed, 2009-08-26 at 09:52 -0700, Bill Wesse wrote:
> Hello again Andrew - I have a 'short' answer for you.
>
> Windows 2008 does the following additional checks:
>
> 1. NETLOGON_WORKSTATION_INFO.DnsHostName and ComputerName match appropriately (re: trailing '$' on ComputerName)
> 2. NETLOGON_WORKSTATION_INFO.DnsHostName suffix is checked against msDS-AllowedDNSSuffixes.
>
> I can't at the moment be more complete, without exercising NetrLogonGetDomainInfo against 2000, 2003 and so on. I hesitate to attempt a description against code hand-checks, as it is just too easy to miss something.
>
> Do you have any test software already configured to do that?
You could hack the GetDomainInfo test in smbtorture's RPC-NETLOGON. We
don't have anything that lets you set it arbitrarily from the command
line (yet, I could write it).
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Cisco Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.samba.org/pipermail/cifs-protocol/attachments/20090828/dae6262e/attachment.pgp>
More information about the cifs-protocol
mailing list