[cifs-protocol] Status: SRX091220600031 [MS-ADTS] msDs-supportedEncryptionTypes usage

Bill Wesse billwe at microsoft.com
Mon Jan 25 09:44:29 MST 2010

Good morning Matthieu. Thanks for your patience. Our documentation team has responded to 3 of the four cross-reference requests. Details are shown below, as well as an attached pdf ([MS-ADTS]_Changes.pdf) showing new text for that document.

1. A request was made for a link in '[MS-ADTS] section msDs-supportedEncryptionTypes', pointing to '[MS-LSAD] section TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES'.

We haven't added this link because the relationship between the trustedDomain!msDs-supportedEncryptionTypes attribute and TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES structure is already specified in '[MS-LSAD] section Trusted Domain Object Data Model'.

2. A request was made for a link in '[MS-ADTS] section msDs-supportedEncryptionTypes', pointing to '[MS-NRPC] section NETLOGON_DOMAIN_INFO (SupportedEncTypes)'.

We haven't added this link, because we think this link would be inappropriate, since these two sections are about two different types of object. '[MS-ADTS] section msDs-supportedEncryptionTypes' is about trustedDomain objects; however, the NETLOGON_DOMAIN_INFO structure in '[MS-NRPC] section NETLOGON_DOMAIN_INFO' provides information on a domain joined computer object.

Therefore, instead of adding a cross reference between trustedDomain!msDs-supportedEncryptionTypes and NETLOGON_DOMAIN_INFO, we have added text in the [MS-ADTS] sections noted below providing information on the msDs-supportedEncryptionTypes attribute of the computer object.

[MS-ADTS] 7.4.1 State of a Machine Joined to a Domain
[MS-ADTS] 7.4.2 State in an Active Directory Domain
[MS-ADTS] 7.4.3 Relationship to Protocols

3. A request was made for links in '[MS-LSAD] section TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES', pointing to '[MS-ADTS] msDs-supportedEncryptionTypes' and '[MS-NRPC] NETLOGON_DOMAIN_INFO' (SupportedEncTypes).

We haven't added these links, because when describing the member SupportedEncTypes of struct NETLOGON_DOMAIN_INFO, '[MS-NRPC] section NETLOGON_DOMAIN_INFO' links to section '[MS-LSAD] TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES', which describes the structure represented in SupportedEncTypes. Additionally '[MS-LSAD] section Trusted Domain Object Data Model' references '[MS-ADTS] section msDs-supportedEncryptionTypes' to link the data retrieved from AD.

Also, [MS-LSAD] does not need to reference [MS-NRPC] for the purposes of supported encryption types because MS-LSAD does not consume any encryption type definition in [MS-NRPC].

Additionally, [MS-LSAD] supportedEncryptionTypes usage is for trusts only, whereas [MS-NRPC] supportedEncryptionTypes usage is for both trusts and computers.

4. A request was made for links in '[MS-NRPC] NETLOGON_DOMAIN_INFO (SupportedEncTypes)', pointing to '[MS-ADTS] msDs-supportedEncryptionTypes'.

This request is currently pending review.

Bill Wesse
MCSE, MCTS / Senior Escalation Engineer, US-CSS DSC PROTOCOL TEAM
8055 Microsoft Way
Charlotte, NC 28273
Email:	billwe at microsoft.com
Tel: 	+1(980) 776-8200
Cell: 	+1(704) 661-5438
Fax: 	+1(704) 665-9606

More information about the cifs-protocol mailing list