[cifs-protocol] [REG:110110481276509] Please include bitfield names in MS-NRPC LogonParameters
bburgin at microsoft.com
Fri Nov 5 15:51:22 MDT 2010
Is the absence of the Windows-specific variable names blocking your development? There may be push back to do so since this is in the normative section of the document. I agree that it seems like a helpful suggestion. Is there an argument I can present on your behalf to show a reason that doing so is required to implement the protocol.
As for adding the hex values, I'm prepared to make that request.
From: Andrew Bartlett [mailto:abartlet at samba.org]
Sent: Friday, November 05, 2010 1:57 PM
To: Bryan Burgin
Cc: cifs-protocol at samba.org; MSSolve Case Email
Subject: Re: [REG:110110481276509] Please include bitfield names in MS-NRPC LogonParameters
On Fri, 2010-11-05 at 17:53 +0000, Bryan Burgin wrote:
> Hi Andrew.
> I can help you with this.
> My understanding that this is a continuation of the issue you
> discussed in the past where we would add the hex value of each bit
> field to improve readability and make searching easier. Is that
> correct? For example, the table entry for 126.96.36.199.15's
> ParameterContol "Value A", "Clear text passwords can be transmitted
> for this logon identity" would also list that its hex value as
> If my understanding is correct, I'll proceed with making the documentation request. If you are requesting a different outcome, please let me know. The recommendation would add a new column as follows:
Almost, I also need name names from the referenced URL included.
> A: 0x00000002: Clear text passwords can be transmitted for this logon identity.
> B: 0x00000004: Update the logon statistics for this account upon successful logon.
> C: 0x00000008: Return the user parameter list for this account upon successful logon.
> D: 0x00000010: Do not attempt to log this account on as a guest upon logon failure.
> E: 0x00000020: Allow this account to log on with the domain controller account.
> F: 0x00000040: Return the password expiration date and time upon successful logon.
> G: 0x00000080: Send a client challenge upon logon request.
> H: 0x00000100: Attempt logon as a guest for this account only.
> I: 0x00000200: Return the profile path upon successful logon.
> J: 0x00000400: Attempt logon to the specified domain only.
> K: 0x00000800: Allow this account to log on with the computer account.
> L: 0x00001000: Disable allowing fallback to guest account for this account.
> M: 0x00002000: Force the logon of this account as a guest if the password is incorrect.
> N: 0x00004000: This account has supplied a clear text password.
> O: 0x00010000: Allow NTLMv1 authentication ([MS-NLMP]) when only NTLMv2 ([NTLM]) is allowed.
> P: 0x00100000: Use sub-authentication ([MS-APDS] section 188.8.131.52.1).
> Q-X: 0xFF000000: Encode the sub-authentication package identifier. Bits Q–X are used to encode the integer value of the sub-authentication package identifier (this is in little-endian order).
A: 0x00000002: MSV1_0_CLEARTEXT_PASSWORD_ALLOWED: Clear text passwords can be transmitted for this logon identity.
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Cisco Inc.
More information about the cifs-protocol