[cifs-protocol] Archival of [MS-CAESO], despite still being used
David Mulder
dmulder at samba.org
Wed Jun 1 18:07:52 UTC 2022
The [MS-CAESO] document has been archived, despite being heavily relied
on by my multiple vendors (Vintela/OneIdentity, Centrify, BeyondTrust,
Samba, to name a few). Even Windows clients still appear to use the
process described in [MS-CAESO].
The only explanation given for it's archival is that the [MS-CERSOD]
overview document replaces [MS-CAESO]
(https://social.msdn.microsoft.com/Forums/en-US/3bf244db-5194-400f-9f0d-da0c769011ef/mscaeso-missing?forum=os_windowsprotocols),
but [MS-CERSOD] isn't sufficiently detailed to implement autoenrollment.
You replaced an entire detailed document with a pretty picture and a
couple paragraphs:
https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-cersod/dd492d51-9c18-4d52-a8db-e9cfe35a80b2
[MS-CERSOD] doesn't even mention the GPO AEPolicy setting, or how to
parse endpoints from LDAP and from GPO PolicyServers.
Please either return [MS-CAESO] from archive, or provide an actual
replacement that isn't missing all details.
--
*David Mulder*
Labs Software Engineer, Samba
SUSE
1221 Valley Grove Way
Pleasant Grove, UT 84062
dmulder at suse.com
http://www.suse.com
More information about the cifs-protocol
mailing list