[cifs-protocol] RE: Please clarify LSA and OsVersion behaviour in
MS-NRPC
John Dunning
johndun at microsoft.com
Wed Jul 8 08:47:37 MDT 2009
Hello Andrew,
Thank you for your question regarding the [MS-NRPC] document. I will have one of my colleagues get back to you so that we can start working on this.
Thanks
John Dunning
Senior Escalation Engineer Microsoft Corporation US-CSS DSC PROTOCOL TEAM
Email: johndun at microsoft.com
-----Original Message-----
From: Andrew Bartlett [mailto:abartlet at samba.org]
Sent: Tuesday, July 07, 2009 10:45 PM
To: Interoperability Documentation Help
Cc: pfif at tridgell.net; cifs-protocol at samba.org; Matthias Dieter Wallnöfer
Subject: Please clarify LSA and OsVersion behaviour in MS-NRPC
In MS-NRPC 2.2.1.3.6 NETLOGON_WORKSTATION_INFO it has:
>
> typedef struct _NETLOGON_WORKSTATION_INFO {
> NETLOGON_LSA_POLICY_INFO LsaPolicy;
>
This is defined in 2.2.1.3.5, but not very helpfully:
> The NETLOGON_LSA_POLICY_INFO structure defines Local Security
> Authority (LSA) policy information as an unsigned character buffer. For details, see [LSAPOLICY] and [MS-LSAD].
My question is: Is this buffer ever filled in (it is null in the attached example from a WinXP join), and if so, what does it mean? The links to [LSAPOLICY] and [MS-LSAD] are non-specific and not very useful in understanding the possible inputs here.
Further down, it claims:
> OsVersion: A null-terminated Unicode string that contains the version number of the operating
> system installed on the client machine.<23> The DC that receives this data structure updates
> the operatingSystemVersion attribute of the client's machine account object in Active
> Directory with this value, unchanged and uninterpreted, as specified in [MS-ADTS].
> OsName: A null-terminated Unicode string that contains the name of the operating system
> installed on the client machine.<24> The DC that receives this data structure updates the
> operatingSystem attribute of the client's machine account object in Active Directory, as
> specified in [MS-ADTS].
Firstly, which part of MS-ADTS does this refer? It is a large document, and I can't find the reference.
However, the main problem I have is that the text for OsName is plausable, given the input. The examples in <24> even match up with the wire data (attached). However, OsVersion is a very different thing.
What is in this 284 byte buffer? For certain it is not a unicode string
- and certainly not the one indicated in <23>:
> <23> Section 2.2.1.3.6: The version and build number of the client
> operating system are used. For example, for Windows Server 2003 SP1,
> the string "5.2 (3790)" is used, which indicates version 5.2 and build number 3790.
>
Please clarify these inputs, so that Matthias may implement this important part of NETLOGON correctly (see
https://bugzilla.samba.org/show_bug.cgi?id=4888 for his attempts so far).
Thanks,
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
More information about the cifs-protocol
mailing list