[cifs-protocol] Extended rights as LDIF, 117112017192160
abartlet at samba.org
Mon Dec 4 18:11:04 UTC 2017
On Mon, 2017-12-04 at 17:58 +0000, Edgar Olougouna wrote:
> Andrew, Garming,
> After review, I conferred with the AD product group and confirmed the following. We do not believe there is a protocol significance for the validAccesses on Extended Rights. To the best of our knowledge, our AD protocols do not depend on it for protocol operations. This defines the use of the control access right for the administrative tools, which are implementation-specific.
> Please provide a concrete and detailed example where it was not possible to create a directory object that impacts protocol interop, and we will be happy to evaluate. Otherwise, I consider this question as closed on my side.
> The LocalizationDisplayId you referred to is defined in MS-ADA1 (2.365 Attribute localizationDisplayId https://msdn.microsoft.com/en-us/library/cc220067.aspx). This is used to index UI resources file for UI purposes.
> and MS-ADTS also specifies
> localizationDisplayId: This is implementation-specific information for the administrative application.
> validAccesses: This is implementation-specific information for the administrative application.
What does the administrative tool do if these are not present?
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the cifs-protocol