[cifs-protocol] Question about [MS-DRSR] section 5.12.2 - prefixMap implementation

Bill Wesse billwe at microsoft.com
Thu Oct 22 09:14:59 MDT 2009 

Thanks for the advisory - I will follow up with you on the attid - I will be expanding my code study on this.

Regards,
Bill Wesse
MCSE, MCTS / Senior Escalation Engineer, US-CSS DSC PROTOCOL TEAM
8055 Microsoft Way
Charlotte, NC 28273
TEL:  +1(980) 776-8200
CELL: +1(704) 661-5438
FAX:  +1(704) 665-9606


-----Original Message-----
From: Kamen Mazdrashki [mailto:kamen.mazdrashki at postpath.com] 
Sent: Thursday, October 22, 2009 10:56 AM
To: Bill Wesse
Cc: pfif at tridgell.net; cifs-protocol at samba.org
Subject: RE: [cifs-protocol] Question about [MS-DRSR] section 5.12.2 - prefixMap implementation

Hi Bill,

Currently this issue stops me from implementing MakeAttid() and OidFromAttid() to work transparently in all cases - from Win2k3 to Win2k8. Also I can't make a reasonable unit test for those functions.
Nevertheless, it is not a 'show stopper' for me at this stage, as current implementation (following MS-DRSR) work well for Win2k3 and Win2k8 (without modifying schema).

Attached you may find:
 - LDIF file;
 - 2 logs - from Win2k3 (Functional Level = Win 2000) and Win2k8-R2 (Functional Level = Win 2008 R2);
 - smb conf file used for testing, in case you want to try it by yourself

I am currently on making an resume for Win2k8 result I got from windows server.

It seems not to be a corner case to me.
It seems more like a special case for Win2k8 - ATTIDs for all newly created attributes are with 31-th bit set.

Regards,
Kamen Mazdrashki
kamen.mazdrashki at postpath.com
http://repo.or.cz/w/Samba/kamenim.git
-------------------------------------
CISCO SYSTEMS BULGARIA EOOD
http://www.cisco.com/global/BG/


> -----Original Message-----
> From: Bill Wesse [mailto:billwe at microsoft.com]
> Sent: Thursday, October 22, 2009 5:50 PM
> To: Kamen Mazdrashki
> Cc: pfif at tridgell.net; cifs-protocol at samba.org
> Subject: RE: [cifs-protocol] Question about [MS-DRSR] section 5.12.2 - 
> prefixMap implementation
> 
> Hello again, Kamen. Could you forward the LDIF file to me? I want to 
> make sure I haven't missed anything (thanks).
> 
> Also, I have again reviewed the MakeAttid() and OidFromAttid() pseudo 
> code in [MS-DRSR] 5.16.4 (ATTRTYP-to-OID Conversion) - they do appear 
> to be accurate representations of our implementations; my earlier 
> comment about a 'corner-case' was an error, I got mixed up between 
> string & binary OIDs.
> 
> There is certainly something else going on here, and I will continue 
> working on it.
> 
> Regards,
> Bill Wesse
> MCSE, MCTS / Senior Escalation Engineer, US-CSS DSC PROTOCOL TEAM
> 8055 Microsoft Way
> Charlotte, NC 28273
> TEL:  +1(980) 776-8200
> CELL: +1(704) 661-5438
> FAX:  +1(704) 665-9606
> 
> 
> -----Original Message-----
> From: Bill Wesse
> Sent: Thursday, October 22, 2009 8:51 AM
> To: 'Kamen Mazdrashki'
> Cc: pfif at tridgell.net; cifs-protocol at samba.org
> Subject: RE: [cifs-protocol] Question about [MS-DRSR] section 5.12.2 - 
> prefixMap implementation
> 
> You are very welcome. Could you advise me concerning how much this is 
> affecting your implementation development, so that I can set the TDI 
> priority appropriately?
> 
> I have cross-compared the Windows 2003 and Windows 2008 R2 
> implementations of the MakeAttid() and OidFromAttid() functions; there 
> appear to be no functional changes.
> 
> I suspect there is some corner-case not fully described in the attid 
> composition in MakeAttid (lastValue ≥ 16384).
> 
> procedure MakeAttid(var t: PrefixTable, o: OID): ATTRTYP ...
>    /*compose the attid*/
>    lowerWord := lastValue mod 16384
>    if lastValue ≥ 16384 then
>       /*mark it so that it is known to not be the whole lastValue*/
>       lowerWord := lowerWord + 32768
>    endif
> 
> Regards,
> Bill Wesse
> MCSE, MCTS / Senior Escalation Engineer, US-CSS DSC PROTOCOL TEAM
> 8055 Microsoft Way
> Charlotte, NC 28273
> TEL:  +1(980) 776-8200
> CELL: +1(704) 661-5438
> FAX:  +1(704) 665-9606
> 
> -----Original Message-----
> From: Kamen Mazdrashki [mailto:kamen.mazdrashki at postpath.com]
> Sent: Thursday, October 22, 2009 4:16 AM
> To: Bill Wesse; Interoperability Documentation Help
> Cc: pfif at tridgell.net; cifs-protocol at samba.org
> Subject: RE: [cifs-protocol] Question about [MS-DRSR] section 5.12.2 - 
> prefixMap implementation
> 
> Hi Bill,
> 
> Thanks for your support.
> I am looking forward to hearing from you soon.
> 
> Regards,
> Kamen Mazdrashki
> kamen.mazdrashki at postpath.com
> http://repo.or.cz/w/Samba/kamenim.git
> -------------------------------------
> CISCO SYSTEMS BULGARIA EOOD
> http://www.cisco.com/global/BG/
> 
> 
> > -----Original Message-----
> > From: Bill Wesse [mailto:billwe at microsoft.com]
> > Sent: Wednesday, October 21, 2009 7:37 PM
> > To: Kamen Mazdrashki; Interoperability Documentation Help
> > Cc: pfif at tridgell.net; cifs-protocol at samba.org
> > Subject: RE: [cifs-protocol] Question about [MS-DRSR] section 5.12.2
> -
> > prefixMap implementation
> >
> > Good afternoon Kamen. This is Bill Wesse from the Protocol Support 
> > team. I will be your contact for the case noted below, where you
> asked
> > about prefixMap implementation differences for Windows 2003 and
> Windows
> > 2008 R2.
> >
> > SRX091020600112 [MS-DRSR] section 5.12.2 - prefixMap implementation
> >
> > I will keep you updated with the results of my investigation as
> details
> > develop.
> >
> > Regards,
> > Bill Wesse
> > MCSE, MCTS / Senior Escalation Engineer, US-CSS DSC PROTOCOL TEAM
> > 8055 Microsoft Way
> > Charlotte, NC 28273
> > TEL:  +1(980) 776-8200
> > CELL: +1(704) 661-5438
> > FAX:  +1(704) 665-9606
> >
> > -----Original Message-----
> > From: Kamen Mazdrashki [mailto:kamen.mazdrashki at postpath.com]
> > Sent: Tuesday, October 20, 2009 9:36 AM
> > To: Interoperability Documentation Help
> > Cc: pfif at tridgell.net; cifs-protocol at samba.org
> > Subject: [cifs-protocol] Question about [MS-DRSR] section 5.12.2 - 
> > prefixMap implementation
> >
> > Hi,
> >
> > I need a clarification about what are the differences between
> prefixMap
> > implementation for Win2K3 and Win2K8(R2).
> >
> > Attached you may find:
> > 1. LDIF file to provision AD Schema with some test Attributes - OIDs
> of
> > those attributes are crafted so that different scenarios could be 
> > tested.
> > 2. Log files gathered during execution of Samba's RPC-DSSYNC test 
> > against Win2K3 and Win2K8. I am sending the log files as Word
> documents
> > so it is easy for me to highlight interesting parts from the log
> files.
> >   -- prefixMap received is highlighted with 'gray'; newly added
> entries
> > are highlighted with 'yellow'
> >   -- newly added object attributes received are also highlighted 
> > with 'yellow'
> > 3. For testing I was using:
> >   -- Win2k3 R2 - Domain functional level = Win 2000 installation
> >   -- Win2K8 R2 - Domain functional lever = Win 2008 R2
> >   -- Samba 4 - latest build. Test run is RPC-DSSYNC.
> >      Command line for testing:
> >      $> bin/smbtorture -Uadministrator%333 -- 
> > configfile=/usr/local/samba/etc/drsuapi.conf
> > ncacn_ip_tcp:Win_machine_ip[print,seal] RPC-DSSYNC -d1
> >
> > As you may see, for Win2K3 everything works correctly as described 
> > in MS-DRSR, section 5.12.2.
> > I.e. attribute with attid=0x1B860001 matches prefixMap entry with
> > id=0x00001b86 and thus Attribute OID is correctly decoded as being 
> > '1.2.250.1'
> >
> > In Win2k8 log file however, for attid=0x85C6D3B9 matching prefixMap 
> > entry should be id=0x00004823 and it is not quite obvious how
> > 0x85C6D3B9 is matched to 0x00004823?
> >
> > Please, clarify what is the algorithm used under Win2k8 for
> MakeAttid()
> > and OidFromAttid() functions?
> >
> > Many thanks in advance.
> >
> > Regards,
> > Kamen Mazdrashki
> > kamen.mazdrashki at postpath.com
> > http://repo.or.cz/w/Samba/kamenim.git
> > -------------------------------------
> > CISCO SYSTEMS BULGARIA EOOD
> > http://www.cisco.com/global/BG/
> >
>

More information about the cifs-protocol mailing list