[cifs-protocol] Status: SRX100106600091 [MS-ADTS]: RID manage behavior

Sebastian Canevari Sebastian.Canevari at microsoft.com
Thu Feb 4 12:53:00 MST 2010 

Hi Andrew,

Can you please let me know if this information covered your needs?

In case you are busy with something else, I will consider this issue resolved at the end of the day if I do not receive a request for further info from you.

Thanks!

Sebastian



Sebastian Canevari
Senior Support Escalation Engineer, US-CSS DSC PROTOCOL TEAM
7100 N Hwy 161, Irving, TX - 75039
"Las Colinas - LC2"
Tel: +1 469 775 7849
e-mail: sebastc at microsoft.com


-----Original Message-----
From: Sebastian Canevari 
Sent: Monday, February 01, 2010 1:55 PM
To: abartlet at samba.org
Cc: pfif at tridgell.net; cifs-protocol at samba.org; tridge at samba.org
Subject: RE: Status: SRX100106600091 [MS-ADTS]: RID manage behavior

Hi Andrew,

Please let me know if you need any further clarification regarding this information.

Thanks and regards,

Sebastian



Sebastian Canevari
Senior Support Escalation Engineer, US-CSS DSC PROTOCOL TEAM
7100 N Hwy 161, Irving, TX - 75039
"Las Colinas - LC2"
Tel: +1 469 775 7849
e-mail: sebastc at microsoft.com


-----Original Message-----
From: Bill Wesse 
Sent: Friday, January 29, 2010 6:18 AM
To: 'abartlet at samba.org'
Cc: Sebastian Canevari; 'pfif at tridgell.net'; 'cifs-protocol at samba.org'; 'tridge at samba.org'
Subject: RE: Status: SRX100106600091 [MS-ADTS]: RID manage behavior

Good evening Andrew! Document work is still in progress, but we would like to provide the following workaround/information for you:

Beyond the Knowledge Base article previously given (Description of RID Attributes in Active Directory: http://support.microsoft.com/kb/305475), which gives some description of the attributes in question, the following may be useful in providing more info on RID allocation:

o	A general description of the RID Master Role is given in [MS-ADTS] Section 7.1.5.2

o	Role transfer is handled via RootDSE mods given in [MS-ADTS] section 3.1.1.3.3 or the RPC in [MS-DRSR] section 4.1.10.4.3.

o	The RID Master is responsible for maintaining rIDAvailablePool and rIDAllocationPool.  It assigns rIDAllocationPool values for DCs via the RPC described in [MS-DRSR] section 4.1.10.5.12 (Specifically in the case where msgIn.ulExtendedOp = EXOP_FSMO_REQ_RID_ALLOC)

o	New RIDs are used/assigned by a DC when creating new SIDs following the process documented in [MS-SAMR] section 3.1.1.9.2.  This process is the same regardless of whether the DC creating the new object is the RID Master or not; if the DC creating the new object is the RID Master and it requires a new rIDAllocationPool, it may invoke the previously mentioned RPC against itself.

Regarding the ridNextRID and ridPreviousAllocationPool attributes, these are non-replicated attributes used only by the DC storing them when allocating RIDs.

o	ridNextRID tracks the most recently assigned RID.  When assigning a new RID, the DC adds 1 to this and validates that it is within the proper bounds.  This is used to guarantee that no RID is used twice per the requirement in [MS-SAMR] section 3.1.1.9.2.1.

o	ridPreviousAllocationPool is actually the current pool from which the DC is assigning RIDs.  It provides the bounds that ridNextRID is checked against when assigning new RIDs.  It serves as a cache for the rid pools and must always be set to a rIDAllocationPool previously received by the RID Master.  (It may match the current value of rIDAllocationPool for the given DC or a previous value of it.)

While any implementation that follows the rules for RID allocation given in [MS-SAMR] section 3.1.1.9.2.1 should result in a compatible DC, the use of ridPreviousAllocationPool by Microsoft DCs means that they may allocate RIDs outside the current range given by rIDAllocationPool, though such RIDs will still be within a range it previously held.  We will work on the TD to address this.

If there is anything else in the meantime that you need to unblock your work on RID allocation, please let us know.

Regards,
Bill Wesse
MCSE, MCTS / Senior Escalation Engineer, US-CSS DSC PROTOCOL TEAM
8055 Microsoft Way
Charlotte, NC 28273
Email:	billwe at microsoft.com
Tel: 	+1(980) 776-8200
Cell: 	+1(704) 661-5438
Fax: 	+1(704) 665-9606


-----Original Message-----
From: Bill Wesse 
Sent: Thursday, January 28, 2010 12:04 PM
To: 'abartlet at samba.org'
Cc: Sebastian Canevari; 'pfif at tridgell.net'; 'cifs-protocol at samba.org'; 'tridge at samba.org'
Subject: Status: SRX100106600091 [MS-ADTS]: RID manage behavior

Good day Andrew! Please note that my colleague Sebastian is out of the office for the next few days. In the interim, I will be your contact. Thanks in advance for your patience!

We submitted a Technical Document Inquiry (TDI) ~2 weeks ago, on Jan 14. I just sent a status update request for the TDI, and will advise you as soon as I receive a response.

Thanks for your patience!

Regards,
Bill Wesse
MCSE, MCTS / Senior Escalation Engineer, US-CSS DSC PROTOCOL TEAM
8055 Microsoft Way
Charlotte, NC 28273
Email:	billwe at microsoft.com
Tel: 	+1(980) 776-8200
Cell: 	+1(704) 661-5438
Fax: 	+1(704) 665-9606

-----Original Message-----
From: Andrew Bartlett [mailto:abartlet at samba.org] 
Sent: Tuesday, January 12, 2010 4:37 PM
To: Sebastian Canevari
Subject: RE: RID Allocation behaviour

On Tue, 2010-01-12 at 18:22 +0000, Sebastian Canevari wrote:
> Hi Andrew,
> 
> Can you please let me know if this response answers your question or if you need further clarification?

Well, firstly, the answer needs to be in the WSPP documentation set.  

Secondly I don't think it answers the particular points I asked about - it describes the attributes (good) but not the behaviour and responsibilities.  

Some of this is implied by an attribute being non-replicated, but this needs to be in the docs, and explicitly described.

Andrew Bartlett

More information about the cifs-protocol mailing list