[cifs-protocol] [EXTERNAL] Update of MS-PAC spec regarding November 2021 security updates - TrackingID#2111240040005432

Jeff McCashland jeffm at microsoft.com
Wed Nov 24 17:17:55 UTC 2021

[Kristian to BCC]

Hi Alexander and Metze,

I will look into this and get back to you.

Best regards,
Jeff McCashland | Senior Escalation Engineer | Microsoft Protocol Open Specifications Team 
Phone: +1 (425) 703-8300 x38300 | Hours: 9am-5pm | Time zone: (UTC-08:00) Pacific Time (US and Canada)
Local country phone number found here: http://support.microsoft.com/globalenglish | Extension 1138300
We value your feedback.  My manager is Natesha Morrison (namorri), +1 (704) 430-4292

-----Original Message-----
From: Kristian Smith <Kristian.Smith at microsoft.com> 
Sent: Wednesday, November 24, 2021 8:40 AM
To: metze <metze at samba.org>; Alexander Bokovoy <ab at samba.org>
Cc: cifs-protocol at lists.samba.org
Subject: RE:[EXTERNAL] [cifs-protocol] Update of MS-PAC spec regarding November 2021 security updates - TrackingID#2111240040005432

[DocHelp to Bcc]

Hi Alexander and Metze,

Thank you for your request. The case number 2111240040005432 has been created for this inquiry. One of our team members will follow-up with you soon.


Kristian Smith
Support Escalation Engineer
Windows Open Spec Protocols
Office: (425) 421-4442
krsmith at microsoftsupport.com

-----Original Message-----
From: metze <metze at samba.org>
Sent: Wednesday, November 24, 2021 2:13 AM
To: Alexander Bokovoy <ab at samba.org>; Interoperability Documentation Help <dochelp at microsoft.com>
Cc: cifs-protocol at lists.samba.org
Subject: [EXTERNAL] Re: [cifs-protocol] Update of MS-PAC spec regarding November 2021 security updates

Am 24.11.21 um 10:33 schrieb Alexander Bokovoy via cifs-protocol:
> Hello dochelp,
> I can see inconsistency in what is published on 
> https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs
> .microsoft.com%2Fen-us%2Fopenspecs%2Fwindows_protocols%2Fms-pac%2F&amp
> ;data=04%7C01%7CKristian.Smith%40microsoft.com%7C976b8182b4b84582f4bd0
> 8d9af334186%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C6377334569597
> 45681%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJB
> TiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=7gzSojo9ov6Uwx80K%2FwOQGhB
> drb8oxqR%2F7yid5vn8tQ%3D&reserved=0
> with regards to the changes introduced as a part of the Microsoft 
> Windows security update of November 2021. Could this inconsistency be 
> clarified by publishing the new revision of the MS-PAC document?
> Errata document[1] talks about changes dated 2021/11/11 post V22.0 but 
> the rest of the linked documents are only V22.0.
> In particular, the errata document[1] is saying:
> -----
> The following sections were changed or added. Please see the diff 
> document for the details.
> In section 2.10 UPN_DNS_INFO, added four new fields and a flag to the 
> UPN_DNS_INFO structure.
> In section 2.14 PAC_ATTRIBUTES_INFO, added section.
> In section 2.15 PAC_REQUESTOR, added section.
> -----
> The document published, however, does not have these changes. The last 
> section in chapter 2 is '14', there is no section 2.15.

I'm seeing it here:

But for me the PAC_ATTRIBUTES_INFO documentation is a bit unclear:

We have this in Samba:
        typedef [bitmap32bit] bitmap {
                PAC_ATTRIBUTE_FLAG_PAC_WAS_REQUESTED = 0x00000001,

        typedef struct {
                uint32 flags_length; /* length in bits */
                PAC_ATTRIBUTE_INFO_FLAGS flags;

And the documentation has:

  FlagsLength (4 bytes): An unsigned 32-bit integer in little-endian format that describes the length,
                         in bits, of the Flags field.

  Flags (variable): an array of 32-bit unsigned integers in little-endian format that contains flag bits
                    describing the PAC.

It's not really clear that the array size is '((int)(flags_length/32))+1', for now it's seems to be just a single
uint32 element with two defined flags. Unless bit 33 will be defined someday, it would be easier to have it as

typedef struct {
  uint32 number_of_valid_flags;
  uint32 flags;

which is basically what we currently have in Samba, but in theory it would have to be

typedef struct {
  uint32 number_of_valid_flags;
  uint32 flags[(number_of_valid_flags/32)+1];


More information about the cifs-protocol mailing list