[cifs-protocol] more ms-dfsc.pdf questions

Matthieu Patou mat+Informatique.Samba at matws.net
Sun May 2 03:16:23 MDT 2010


Dear dochelp,

The paragraph "2.2.1.3    Domain Name"
define domain name as
"  Unless specified otherwise, a domain name MUST be a null-terminated 
Unicode character string
   consisting of the name of a domain. This can be either a NetBIOS name 
or a fully qualified domain
   name (FQDN), as specified in [MS-ADTS]."

So when we have in "3.3.5.3    Receiving a DC Referral Request"

  " The domain name in the referral request MUST be either a domain in 
the current forest or a domain
   in a trusted forest. The server MUST fail DC referral requests for 
other domain names with a
   STATUS_INVALID_PARAMETER (0xC000000D) return code."

We expect the client to request either FOOBAR (netbios domain) or 
foobar.demo.com (fqdn).

But it turns out that windows XP at least is requesting \FOOBAR and 
\foobar.demo.com when w7 and w2k8 are requestion FOOBAR and foobar.demo.com

Also in the same paragraph "The SpecialNameOffset field MUST be set to 
the offset in bytes from the beginning of the
referral entry to the string that contains the domain name for the 
referral response."
It let me think that this field should contain FOOBAR or foobar.demo.com 
but it turns out that it's \FOOBAR or \foobar.demo.com that is returned 
(the example in the mails out dfs questions from Bill Wesse was also 
showing this).

The same remark apply the ExpandedName that also present a '\'.


In this paragraph it stated that:
"The ExpandedNameOffset field MUST be set to the offset in bytes from 
the beginning of the
referral entry to the first null-terminated DC Unicode string. Each DC 
name immediately follows
its null-terminated predecessor without any padding. An implementation 
MUST use the value in
the NumberOfExpandedNames field to determine how many names are present 
in the list at
ExpandedNameOffset.
"
but in this doc: 
"http://technet.microsoft.com/ru-ru/library/cc782417%28WS.10%29.aspx" 
this point:

"The client checks its domain cache for an existing domain controller 
referral for the Contoso.com domain. If this referral is in the cache, 
the client proceeds to step 5. If no domain controller referral is in 
the domain cache, the client connects to the IPC$ shared folder of the 
active domain controller in the context of the LocalSystem account and 
sends a domain controller referral request containing the appropriate 
domain name (Contoso.com). The domain controller returns the list of 
domain controllers in the Contoso.com domain. The domain controllers in 
the clients site are at the top of the list. If least-expensive target 
selection is enabled, domain controllers outside of the targets site are 
sorted by lowest cost. If same-site target selection is enabled, DFS 
ignores this setting and lists the remaining domain controllers in 
random order. "

Tells us that the same-site target or other parameters have an influence.

Maybe the MS-DFSC needs to be updated ? Also where those parameters 
(same-site target, least-expensive, ...) are stored (in the DS or 
somewhere else).

The next paragraph sates: "From the IP address of the client, determine 
the site of the client" what should happen is the client is not in a 
site (for instance if it has a static ip and the admin forgot to declare 
this subnet in one site) ?

Regards.

Matthieu.





More information about the cifs-protocol mailing list