[cifs-protocol] [REG: 111101553031054] SystemLibraryDTC

Hongwei Sun hongweis at microsoft.com
Mon Oct 17 16:55:54 MDT 2011


  I am  looking into this request.   I understand your request and  I found where it is used.   I also confirmed that it is not mentioned in any documents such as MS-NLMP.    I  will give an update soon.     



-----Original Message-----
From: cifs-protocol-bounces at cifs.org [mailto:cifs-protocol-bounces at cifs.org] On Behalf Of Edgar Olougouna
Sent: Saturday, October 15, 2011 9:47 AM
To: Andrew Bartlett
Cc: cifs-protocol at cifs.org
Subject: [cifs-protocol] [REG: 111101553031054] SystemLibraryDTC

[Dochelp to bcc]
[Case number in subject]


One of our teammates will follow-up on this issue. The case number is 111101553031054.


-----Original Message-----
From: Andrew Bartlett [mailto:abartlet at samba.org] 
Sent: Saturday, October 15, 2011 12:51 AM
To: Interoperability Documentation Help
Cc: cifs-protocol at cifs.org
Subject: SystemLibraryDTC

Tridge and I out of curiosity looked up SystemLibraryDTC in the documentation, and couldn't find it.  For those unaware of the history here, this is the fixed-value key used for encryption of passwords and other sensitive data over RPC pipes, when RPC-level authentication is used (ie, not inherited named pipe authentication).  

(The exception is DRSUAPI, which uses the real session key from the authentication context).

Did our grep simply miss it, or did this never get documented?

Recent work we did with calls needing this key (CreateTrustedDomainEx2) returning NT_STATUS_NO_SESSION_KEY, which suggests a possible windows behaviour change. 

I hope what I've written above gives enough detail to start looking into the problem.  


Andrew Bartlett
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org

cifs-protocol mailing list
cifs-protocol at cifs.org

More information about the cifs-protocol mailing list