[cifs-protocol] [REG:110110481276509] Please include bitfield names in MS-NRPC LogonParameters

Christopher R. Hertel crh at samba.org
Fri Nov 5 16:12:13 MDT 2010 

Bryan,

When you say "Windows-specific variable names", to what are you referring?
The values you list below appear to be constant values, and should have
names associated with them.

In section 2 of [MS-CIFS] and [MS-SMB], we did a great deal of work to make
sure that constant values and their associated names were defined.  See, for
example, the definitions for bit values for the Flags and Flags2 fields in
the SMB Header, [MS-CIFS] section 2.2.3.1.

Perhaps I am not understanding the discussion here.  What clue am I missing?

Chris -)-----

Bryan Burgin wrote:
> Hi Andrew.
> 
> Is the absence of the Windows-specific variable names blocking your development?  There may be push back to do so since this is in the normative section of the document.  I agree that it seems like a helpful suggestion.  Is there an argument I can present on your behalf to show a reason that doing so is required to implement the protocol.
> 
> As for adding the hex values, I'm prepared to make that request.
>  
> Bryan
> 
> -----Original Message-----
> From: Andrew Bartlett [mailto:abartlet at samba.org] 
> Sent: Friday, November 05, 2010 1:57 PM
> To: Bryan Burgin
> Cc: cifs-protocol at samba.org; MSSolve Case Email
> Subject: Re: [REG:110110481276509] Please include bitfield names in MS-NRPC LogonParameters
> 
> On Fri, 2010-11-05 at 17:53 +0000, Bryan Burgin wrote:
>> Hi Andrew.
>>
>> I can help you with this.
>>
>> My understanding that this is a continuation of the issue you 
>> discussed in the past where we would add the hex value of each bit 
>> field to improve readability and make searching easier.  Is that 
>> correct?  For example, the table entry for 2.2.1.4.15's 
>> ParameterContol "Value A", "Clear text passwords can be transmitted 
>> for this logon identity" would also list that its hex value as 
>> 0x00000002.
>>
>> If my understanding is correct, I'll proceed with making the documentation request.  If you are requesting a different outcome, please let me know.  The recommendation would add a new column as follows:
> 
> Almost, I also need name names from the referenced URL included. 
> 
>> A: 0x00000002: Clear text passwords can be transmitted for this logon identity.
>> B: 0x00000004: Update the logon statistics for this account upon successful logon.
>> C: 0x00000008: Return the user parameter list for this account upon successful logon.
>> D: 0x00000010: Do not attempt to log this account on as a guest upon logon failure.
>> E: 0x00000020: Allow this account to log on with the domain controller account.
>> F: 0x00000040: Return the password expiration date and time upon successful logon.
>> G: 0x00000080: Send a client challenge upon logon request.
>> H: 0x00000100: Attempt logon as a guest for this account only.
>> I: 0x00000200: Return the profile path upon successful logon.
>> J: 0x00000400: Attempt logon to the specified domain only.
>> K: 0x00000800: Allow this account to log on with the computer account.
>> L: 0x00001000: Disable allowing fallback to guest account for this account.
>> M: 0x00002000: Force the logon of this account as a guest if the password is incorrect.
>> N: 0x00004000: This account has supplied a clear text password.
>> O: 0x00010000: Allow NTLMv1 authentication ([MS-NLMP]) when only NTLMv2 ([NTLM]) is allowed.
>> P: 0x00100000: Use sub-authentication ([MS-APDS] section 3.1.5.2.1). 
>> Q-X: 0xFF000000: Encode the sub-authentication package identifier. Bits Q–X are used to encode the integer value of the sub-authentication package identifier (this is in little-endian order).
> 
> eg:
> 
> A: 0x00000002: MSV1_0_CLEARTEXT_PASSWORD_ALLOWED: Clear text passwords can be transmitted for this logon identity.
> 
> Andrew Bartlett
> 

-- 
"Implementing CIFS - the Common Internet FileSystem" ISBN: 013047116X
Samba Team -- http://www.samba.org/     -)-----   Christopher R. Hertel
jCIFS Team -- http://jcifs.samba.org/   -)-----   ubiqx development, uninq.
ubiqx Team -- http://www.ubiqx.org/     -)-----   crh at ubiqx.mn.org
OnLineBook -- http://ubiqx.org/cifs/    -)-----   crh at ubiqx.org

More information about the cifs-protocol mailing list