[cifs-protocol] 119040819792359 [MS-SAMR] SamrSetInformationUser2 over an authenticated DCERPC connection
obaidf at microsoft.com
Mon Apr 8 22:32:16 UTC 2019
I'll help you with this issue and will be in touch as soon as I have an answer.
Escalation Engineer | Microsoft
Exceeding your expectations is my highest priority. If you would like to provide feedback on your case you may contact my manager at ramagane at Microsoft dot com
From: Sreekanth Nadendla <srenaden at microsoft.com>
Sent: Monday, April 8, 2019 8:48 AM
To: Stefan Metzmacher <metze at samba.org>; Andreas Schneider <asn at samba.org>
Cc: cifs-protocol <cifs-protocol at lists.samba.org>; MSSolve Case Email <casemail at microsoft.com>
Subject: 119040819792359 [cifs-protocol] [MS-SAMR] SamrSetInformationUser2 over an authenticated DCERPC connection
Casemail in Cc
Dochelp in Bcc
Thank you for your inquiry. We have created incident # 119040819792359 to investigate this issue. One of the Open specifications team member will contact you shortly.
Microsoft Windows Open Specifications
From: Stefan Metzmacher <metze at samba.org>
Sent: Monday, April 8, 2019 7:16 AM
To: Andreas Schneider <asn at samba.org>; Interoperability Documentation Help <dochelp at microsoft.com>
Cc: cifs-protocol <cifs-protocol at lists.samba.org>
Subject: Re: [cifs-protocol] [MS-SAMR] SamrSetInformationUser2 over an authenticated DCERPC connection
> I got the two scenarios authenticated DCERPC connection over SMB
> (named pipe) and TCP/IP working with krb5, speneg or ntlmssp
> authentication type and an authentication level set to PRIVACY (seal)
> if I use the fixed string "SystemLibraryDTC" as the session key!
> Could you please update the documentation, it would also be great to
> know if this is the case for all Windows versions.
> The code changes to get this correctly working with rpcclient (using
> "SystemLibraryDTC" as the session key for sealed and authenticated
> DCEPRC connections can be found here:
> Thanks you very much for your assistance.
Something similar was discussed before here:
And I'm pretty sure is that constant was present somewhere in the Window Protocols documentation, but I can't find it anymore.
So somethings has changed in the documentation and also the implementation over time.
It was also part of the discussion with Microsoft around CVE-2016-2118, but the Microsoft fixes for that CVE didn't include any change.
So I guess the changes happened after the CVE-2016-2118 changes.
More information about the cifs-protocol