[cifs-protocol] limits on rDN size in AD (SRX091112600056 [MS-ADTS] limits on rDN size in AD)

Bill Wesse billwe at microsoft.com
Thu Nov 12 07:43:38 MST 2009

Good morning Tridge! Since Hongwei is out of the office, I have created case SRX091112600056 to track our work against your question about rDN size / deleted object rDN.

I expect to be able to begin work on this tomorrow, and will keep you updated!

Bill Wesse
MCSE, MCTS / Senior Escalation Engineer, US-CSS DSC PROTOCOL TEAM
8055 Microsoft Way
Charlotte, NC 28273
TEL:  +1(980) 776-8200
CELL: +1(704) 661-5438
FAX:  +1(704) 665-9606

-----Original Message-----

From: Hongwei Sun

Sent: Thursday, November 12, 2009 12:56 PM

To: 'tridge at samba.org'

Cc: cifs-protocol at samba.org; hyc at highlandsun.com; Edgar Olougouna; Sebastian Canevari

Subject: RE: limits on rDN size in AD ?


  The RDN of Deleted Objects container is a little different from the normal RDN.   The following information in MS-ADTS describes the composition of RDN for objects in Deleted Object container:

  "The RDN of the object is changed to a "delete-mangled RDN"-an RDN that is guaranteed to be unique within the Deleted Objects container. If O is the object that is deleted, the delete-mangled RDN is the concatenation of O!name, the character with value 0x0A, the string "DEL:", and the dashed string representation ([RFC4122] section 3) of O!objectGUID."

   It looks like to me that for the Delete Objects container,  the size constraint should be dependent on the combination of the each sub component.   Since I am out of office,  I will ask one of my team member to investigate and confirm the behavior.

Thanks !

-----Original Message-----

From: tridge at samba.org [mailto:tridge at samba.org]

Sent: Monday, November 09, 2009 6:58 PM

To: Hongwei Sun

Cc: cifs-protocol at samba.org; hyc at highlandsun.com

Subject: RE: limits on rDN size in AD ?

Hi Hongwei,

We're back to the old question of rDN size limits again!

I just got a DRS replication reply from w2k8-r2 with a CN that has a length larger than 64. So I suspect that things are a bit more complex than what we'd discussed before.

The object was:

  CN=89532b80-09fe-445e-afef-965c0d7f7d15\0ADEL:462902b4-1824-4f02-8956-9f934f64fa01,CN=Deleted Objects,CN=Configuration,DC=vsofs8,DC=com

which gives a length of 80.

Are we perhaps supposed to interpret the \0 as a termination character for the purposes of this length constraint? (note that this is a \ followed by a 0, not a nul byte).

Or perhaps deleted objects are special in their constraints in some way?

Cheers, Tridge

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.samba.org/pipermail/cifs-protocol/attachments/20091112/a6758749/attachment.html>

More information about the cifs-protocol mailing list