[cifs-protocol] [EXTERNAL] Re: [MS-ADTS] SID as DN alternative for querying groups by member - TrackingID#2209290040008412
Jeff McCashland (He/him)
jeffm at microsoft.com
Mon Oct 31 18:50:05 UTC 2022
Thank you for the traces. I'll review these with our LDAP team and let you know what we find.
Jeff McCashland (He/him) | Senior Escalation Engineer | Microsoft Protocol Open Specifications Team
Phone: +1 (425) 703-8300 x38300 | Hours: 9am-5pm | Time zone: (UTC-08:00) Pacific Time (US and Canada)
Local country phone number found here: http://support.microsoft.com/globalenglish | Extension 1138300
From: Christof Schmitt <cs at samba.org>
Sent: Monday, October 31, 2022 11:25 AM
To: Jeff McCashland (He/him) <jeffm at microsoft.com>
Cc: Andrew Bartlett <abartlet at samba.org>; cifs-protocol at lists.samba.org; Microsoft Support <supportmail at microsoft.com>
Subject: Re: [EXTERNAL] Re: [cifs-protocol] [MS-ADTS] SID as DN alternative for querying groups by member - TrackingID#2209290040008412
On Sat, Oct 29, 2022 at 12:59:28AM +0000, Jeff McCashland (He/him) wrote:
> Hi Christof,
> Please collect and upload LSASS TTT traces as before, so we can debug the issue with referral chasing enabled.
new traces are uploaded. One is from a test with referral chasing disabled and querying the GC port 3268. The other one is from a test is with referral chasing enabled to the standard LDAP port 389. Both yield the same result, querying the group membership by SID does not return the group.
Please let me know if you need anything else.
More information about the cifs-protocol