[cifs-protocol] [REG:110110481276509] Please include bitfield names in MS-NRPC LogonParameters

Bryan Burgin bburgin at microsoft.com
Fri Nov 5 11:53:42 MDT 2010 

Hi Andrew.

I can help you with this.

My understanding that this is a continuation of the issue you discussed in the past where we would add the hex value of each bit field to improve readability and make searching easier.  Is that correct?  For example, the table entry for 2.2.1.4.15's ParameterContol "Value A", "Clear text passwords can be transmitted for this logon identity" would also list that its hex value as 0x00000002.

If my understanding is correct, I'll proceed with making the documentation request.  If you are requesting a different outcome, please let me know.  The recommendation would add a new column as follows:

A: 0x00000002: Clear text passwords can be transmitted for this logon identity.
B: 0x00000004: Update the logon statistics for this account upon successful logon.
C: 0x00000008: Return the user parameter list for this account upon successful logon.
D: 0x00000010: Do not attempt to log this account on as a guest upon logon failure.
E: 0x00000020: Allow this account to log on with the domain controller account.
F: 0x00000040: Return the password expiration date and time upon successful logon.
G: 0x00000080: Send a client challenge upon logon request.
H: 0x00000100: Attempt logon as a guest for this account only.
I: 0x00000200: Return the profile path upon successful logon.
J: 0x00000400: Attempt logon to the specified domain only.
K: 0x00000800: Allow this account to log on with the computer account.
L: 0x00001000: Disable allowing fallback to guest account for this account.
M: 0x00002000: Force the logon of this account as a guest if the password is incorrect.
N: 0x00004000: This account has supplied a clear text password.
O: 0x00010000: Allow NTLMv1 authentication ([MS-NLMP]) when only NTLMv2 ([NTLM]) is allowed.
P: 0x00100000: Use sub-authentication ([MS-APDS] section 3.1.5.2.1). 
Q-X: 0xFF000000: Encode the sub-authentication package identifier. Bits Q–X are used to encode the integer value of the sub-authentication package identifier (this is in little-endian order).

Bryan

-----Original Message-----
From: Andrew Bartlett [mailto:abartlet at samba.org] 
Sent: Thursday, November 04, 2010 2:03 PM
To: Interoperability Documentation Help
Cc: cifs-protocol at samba.org
Subject: Please include bitfield names in MS-NRPC LogonParameters

In 2.2.1.4.15 NETLOGON_LOGON_IDENTITY_INFO we have the description of LogonParameters.

These values have well-known names, see
http://msdn.microsoft.com/en-us/library/aa378767%28VS.85%29.aspx

Can you please include these names an in particular the associated values in the WSPP docs, so that we can find the documentation without manually parsing the bit-field?

Thanks,

Andrew Bartlett 

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Cisco Inc.

More information about the cifs-protocol mailing list