[cifs-protocol] Please clarify LSA and OsVersion behaviour in MS-NRPC (SRX090727600015)

Andrew Bartlett abartlet at samba.org
Thu Aug 27 15:44:12 MDT 2009

On Wed, 2009-08-26 at 09:52 -0700, Bill Wesse wrote:
> Hello again Andrew - I have a 'short' answer for you.
> Windows 2008 does the following additional checks:
> 1. NETLOGON_WORKSTATION_INFO.DnsHostName and ComputerName match appropriately (re: trailing '$' on ComputerName)
> 2. NETLOGON_WORKSTATION_INFO.DnsHostName suffix is checked against msDS-AllowedDNSSuffixes.
> I can't at the moment be more complete, without exercising NetrLogonGetDomainInfo against 2000, 2003 and so on. I hesitate to attempt a description against code hand-checks, as it is just too easy to miss something.
> Do you have any test software already configured to do that?

You could hack the GetDomainInfo test in smbtorture's RPC-NETLOGON.  We
don't have anything that lets you set it arbitrarily from the command
line (yet, I could write it).

Andrew Bartlett

Andrew Bartlett
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Cisco Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.samba.org/pipermail/cifs-protocol/attachments/20090828/dae6262e/attachment.pgp>

More information about the cifs-protocol mailing list