[cifs-protocol] more ms-dfsc.pdf questions
mat+Informatique.Samba at matws.net
Sun May 2 03:16:23 MDT 2010
The paragraph "188.8.131.52 Domain Name"
define domain name as
" Unless specified otherwise, a domain name MUST be a null-terminated
Unicode character string
consisting of the name of a domain. This can be either a NetBIOS name
or a fully qualified domain
name (FQDN), as specified in [MS-ADTS]."
So when we have in "184.108.40.206 Receiving a DC Referral Request"
" The domain name in the referral request MUST be either a domain in
the current forest or a domain
in a trusted forest. The server MUST fail DC referral requests for
other domain names with a
STATUS_INVALID_PARAMETER (0xC000000D) return code."
We expect the client to request either FOOBAR (netbios domain) or
But it turns out that windows XP at least is requesting \FOOBAR and
\foobar.demo.com when w7 and w2k8 are requestion FOOBAR and foobar.demo.com
Also in the same paragraph "The SpecialNameOffset field MUST be set to
the offset in bytes from the beginning of the
referral entry to the string that contains the domain name for the
It let me think that this field should contain FOOBAR or foobar.demo.com
but it turns out that it's \FOOBAR or \foobar.demo.com that is returned
(the example in the mails out dfs questions from Bill Wesse was also
The same remark apply the ExpandedName that also present a '\'.
In this paragraph it stated that:
"The ExpandedNameOffset field MUST be set to the offset in bytes from
the beginning of the
referral entry to the first null-terminated DC Unicode string. Each DC
name immediately follows
its null-terminated predecessor without any padding. An implementation
MUST use the value in
the NumberOfExpandedNames field to determine how many names are present
in the list at
but in this doc:
"The client checks its domain cache for an existing domain controller
referral for the Contoso.com domain. If this referral is in the cache,
the client proceeds to step 5. If no domain controller referral is in
the domain cache, the client connects to the IPC$ shared folder of the
active domain controller in the context of the LocalSystem account and
sends a domain controller referral request containing the appropriate
domain name (Contoso.com). The domain controller returns the list of
domain controllers in the Contoso.com domain. The domain controllers in
the clients site are at the top of the list. If least-expensive target
selection is enabled, domain controllers outside of the targets site are
sorted by lowest cost. If same-site target selection is enabled, DFS
ignores this setting and lists the remaining domain controllers in
random order. "
Tells us that the same-site target or other parameters have an influence.
Maybe the MS-DFSC needs to be updated ? Also where those parameters
(same-site target, least-expensive, ...) are stored (in the DS or
The next paragraph sates: "From the IP address of the client, determine
the site of the client" what should happen is the client is not in a
site (for instance if it has a static ip and the admin forgot to declare
this subnet in one site) ?
More information about the cifs-protocol