[cifs-protocol] [REG: 210050354365053001 ] more ms-dfsc.pdf questions

Obaid Farooqi obaidf at microsoft.com
Tue May 4 12:00:59 MDT 2010

Hi Matthieu:
Thank you for the traces. I'll get back to you as soon as I have something concrete.

Obaid Farooqi
Sr. Support Escalation Engineer | Microsoft

-----Original Message-----
From: Matthieu Patou [mailto:mat+Informatique.Samba at matws.net] 
Sent: Tuesday, May 04, 2010 12:01 PM
To: Obaid Farooqi
Cc: MSSolve Case Email; pfif at tridgell.net; cifs-protocol at samba.org
Subject: Re: [REG: 210050354365053001 ] more ms-dfsc.pdf questions

Hi Obaid,

> Hi Mathieu:
> I'll be assisting you with your questions regarding MS-DFSC. Please feel free to contact me if you have any question/clarification regarding this issue.
> Please send me the network traces for windows XP and Win 7/Win2k8 where you see a difference in netbios name and FQDN.
Find attached 2 traces, one with xp where you see that xp is requesting for a referral (in order to get dcs) for \home.matws.net, and w7 is requesting home.matws.net.

I also made a trace before with w2k8 against w2k3 and had something similar as well.

> Regards,
> Obaid Farooqi
> Sr. Support Escalation Engineer | Microsoft
> -----Original Message-----
> From: Dominic Salemno
> Sent: Monday, May 03, 2010 5:21 AM
> To: Matthieu Patou
> Cc: Interoperability Documentation Help
> Subject: RE: more ms-dfsc.pdf questions
> Matthieu,
> One of our engineers will follow-up with you in regards to your issue.
> Thank you.
> Dominic Michael Salemno
> Senior Support Escalation Engineer
> US-CSS DSC Protocols Team
> ________________________________________
> From: Matthieu Patou [mat+Informatique.Samba at matws.net]
> Sent: Sunday, May 02, 2010 5:16 AM
> To: Interoperability Documentation Help; pfif at tridgell.net; 
> cifs-protocol at samba.org
> Subject: more ms-dfsc.pdf questions
> Dear dochelp,
> The paragraph "    Domain Name"
> define domain name as
> "  Unless specified otherwise, a domain name MUST be a null-terminated Unicode character string
>     consisting of the name of a domain. This can be either a NetBIOS name or a fully qualified domain
>     name (FQDN), as specified in [MS-ADTS]."
> So when we have in "    Receiving a DC Referral Request"
>    " The domain name in the referral request MUST be either a domain in the current forest or a domain
>     in a trusted forest. The server MUST fail DC referral requests for other domain names with a
>     STATUS_INVALID_PARAMETER (0xC000000D) return code."
> We expect the client to request either FOOBAR (netbios domain) or foobar.demo.com (fqdn).
> But it turns out that windows XP at least is requesting \FOOBAR and 
> \foobar.demo.com when w7 and w2k8 are requestion FOOBAR and 
> foobar.demo.com
> Also in the same paragraph "The SpecialNameOffset field MUST be set to the offset in bytes from the beginning of the referral entry to the string that contains the domain name for the referral response."
> It let me think that this field should contain FOOBAR or foobar.demo.com but it turns out that it's \FOOBAR or \foobar.demo.com that is returned (the example in the mails out dfs questions from Bill Wesse was also showing this).
> The same remark apply the ExpandedName that also present a '\'.
> In this paragraph it stated that:
> "The ExpandedNameOffset field MUST be set to the offset in bytes from the beginning of the referral entry to the first null-terminated DC Unicode string. Each DC name immediately follows its null-terminated predecessor without any padding. An implementation MUST use the value in the NumberOfExpandedNames field to determine how many names are present in the list at ExpandedNameOffset.
> "
> but in this doc:
> "http://technet.microsoft.com/ru-ru/library/cc782417%28WS.10%29.aspx"
> this point:
> "The client checks its domain cache for an existing domain controller referral for the Contoso.com domain. If this referral is in the cache, the client proceeds to step 5. If no domain controller referral is in the domain cache, the client connects to the IPC$ shared folder of the active domain controller in the context of the LocalSystem account and sends a domain controller referral request containing the appropriate domain name (Contoso.com). The domain controller returns the list of domain controllers in the Contoso.com domain. The domain controllers in the clients site are at the top of the list. If least-expensive target selection is enabled, domain controllers outside of the targets site are sorted by lowest cost. If same-site target selection is enabled, DFS ignores this setting and lists the remaining domain controllers in random order."
> Tells us that the same-site target or other parameters have an influence.
> Maybe the MS-DFSC needs to be updated ? Also where those parameters (same-site target, least-expensive, ...) are stored (in the DS or somewhere else).
> The next paragraph sates: "From the IP address of the client, determine the site of the client" what should happen is the client is not in a site (for instance if it has a static ip and the admin forgot to declare this subnet in one site) ?
> Regards.
> Matthieu.

More information about the cifs-protocol mailing list