[cifs-protocol] Please clarify LSA and OsVersion behaviour in MS-NRPC (SRX090727600015)

Bill Wesse billwe at microsoft.com
Fri Aug 28 05:27:09 MDT 2009

Thanks for the information Andrew; I have proposed we add additional NetrLogonGetDomainInfo coverage to our test suites.

Bill Wesse
MCSE, MCTS / Senior Escalation Engineer, US-CSS DSC PROTOCOL TEAM
8055 Microsoft Way
Charlotte, NC 28273
TEL:  +1(980) 776-8200
CELL: +1(704) 661-5438
FAX:  +1(704) 665-9606

-----Original Message-----
From: Andrew Bartlett [mailto:abartlet at samba.org] 
Sent: Thursday, August 27, 2009 5:44 PM
To: Bill Wesse
Cc: cifs-protocol at samba.org; pfif at tridgell.net; Matthias Dieter Wallnöfer
Subject: RE: [cifs-protocol] Please clarify LSA and OsVersion behaviour in MS-NRPC (SRX090727600015)

On Wed, 2009-08-26 at 09:52 -0700, Bill Wesse wrote:
> Hello again Andrew - I have a 'short' answer for you.
> Windows 2008 does the following additional checks:
> 1. NETLOGON_WORKSTATION_INFO.DnsHostName and ComputerName match 
> appropriately (re: trailing '$' on ComputerName) 2. NETLOGON_WORKSTATION_INFO.DnsHostName suffix is checked against msDS-AllowedDNSSuffixes.
> I can't at the moment be more complete, without exercising NetrLogonGetDomainInfo against 2000, 2003 and so on. I hesitate to attempt a description against code hand-checks, as it is just too easy to miss something.
> Do you have any test software already configured to do that?

You could hack the GetDomainInfo test in smbtorture's RPC-NETLOGON.  We don't have anything that lets you set it arbitrarily from the command line (yet, I could write it).

Andrew Bartlett

Andrew Bartlett
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Cisco Inc.

More information about the cifs-protocol mailing list