[cifs-protocol] [MS-SAMR] SamrSetInformationUser2 over an authenticated DCERPC connection
Stefan Metzmacher
metze at samba.org
Mon Apr 8 11:15:53 UTC 2019
Hi,
> I got the two scenarios authenticated DCERPC connection over SMB (named pipe)
> and TCP/IP working with krb5, speneg or ntlmssp authentication type and an
> authentication level set to PRIVACY (seal) if I use the fixed string
> "SystemLibraryDTC" as the session key!
>
> Could you please update the documentation, it would also be great to know if
> this is the case for all Windows versions.
>
> The code changes to get this correctly working with rpcclient (using
> "SystemLibraryDTC" as the session key for sealed and authenticated DCEPRC
> connections can be found here:
>
> https://gitlab.com/samba-team/samba/merge_requests/361
>
>
> Thanks you very much for your assistance.
Something similar was discussed before here:
https://lists.samba.org/archive/cifs-protocol/2012-June/002343.html
And I'm pretty sure is that constant was present somewhere in the Window
Protocols documentation, but I can't find it anymore.
So somethings has changed in the documentation and also the
implementation over time.
It was also part of the discussion with Microsoft around CVE-2016-2118,
but the Microsoft fixes for that CVE didn't include any change.
So I guess the changes happened after the CVE-2016-2118 changes.
metze
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/cifs-protocol/attachments/20190408/01ffca0f/signature.sig>
More information about the cifs-protocol
mailing list