[cifs-protocol] [EXTERNAL] Re: [MS-ADTS] SID as DN alternative for querying groups by member - TrackingID#2209290040008412
Jeff McCashland (He/him)
jeffm at microsoft.com
Sat Oct 29 00:59:28 UTC 2022
Hi Christof,
Please collect and upload LSASS TTT traces as before, so we can debug the issue with referral chasing enabled.
Best regards,
Jeff McCashland (He/him) | Senior Escalation Engineer | Microsoft Protocol Open Specifications Team
Phone: +1 (425) 703-8300 x38300 | Hours: 9am-5pm | Time zone: (UTC-08:00) Pacific Time (US and Canada)
Local country phone number found here: http://support.microsoft.com/globalenglish | Extension 1138300
-----Original Message-----
From: Christof Schmitt <cs at samba.org>
Sent: Friday, October 28, 2022 4:05 PM
To: Jeff McCashland (He/him) <jeffm at microsoft.com>
Cc: Andrew Bartlett <abartlet at samba.org>; cifs-protocol at lists.samba.org; Microsoft Support <supportmail at microsoft.com>
Subject: Re: [EXTERNAL] Re: [cifs-protocol] [MS-ADTS] SID as DN alternative for querying groups by member - TrackingID#2209290040008412
On Tue, Oct 25, 2022 at 09:42:37PM +0000, Jeff McCashland (He/him) wrote:
> Hi Christof,
>
> This appears to be a scenario where referral chasing is needed to return the full results. Are you able to turn on referral chasing for this query, or query the global catalog directly?
>
> Here is an blog article in case it's helpful:
Hi Jeff,
testing with referral chasing seems to return the same result (query by SID does not work). Same for querying the GC directly on port 3268.
We can try to provide traces for these two scenarios, if that helps with the analysis.
Regards,
Christof
More information about the cifs-protocol
mailing list