[cifs-protocol] Extended rights as LDIF, 117112017192160

Andrew Bartlett abartlet at samba.org
Mon Dec 4 18:11:04 UTC 2017

On Mon, 2017-12-04 at 17:58 +0000, Edgar Olougouna wrote:
> Andrew, Garming,
> After review, I conferred with the AD product group and confirmed the following. We do not believe there is a protocol significance for the validAccesses on Extended Rights. To the best of our knowledge, our AD protocols do not depend on it for protocol operations. This defines the use of the control access right for the administrative tools, which are implementation-specific. 
> Please provide a concrete and detailed example where it was not possible to create a directory object that impacts protocol interop, and we will be happy to evaluate. Otherwise, I consider this question as closed on my side.
> The LocalizationDisplayId you referred to is defined in MS-ADA1 (2.365 Attribute localizationDisplayId https://msdn.microsoft.com/en-us/library/cc220067.aspx). This is used to index UI resources file for UI purposes.
> and MS-ADTS also specifies 
> localizationDisplayId: This is implementation-specific information for the administrative application.
> validAccesses: This is implementation-specific information for the administrative application.

G'Day Edgar,

What does the administrative tool do if these are not present?  


Andrew Bartlett

Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba

More information about the cifs-protocol mailing list