[cifs-protocol] [MS-KILE] Certificate strings
Joseph Sutton
jsutton at samba.org
Fri Aug 18 02:26:03 UTC 2023
Hi dochelp,
[MS-KILE] 3.3.5.6.4.6, “PAC_CLIENT_CLAIMS_INFO Structure”, mentions that
the KDC should call GetClaimsForPrincipal() to get the claims blob with
which to populate the PAC_CLIENT_CLAIMS_INFO structure. One of the
parameters to GetClaimsForPrincipal(), namely
“pCertificateStringsArray”, comprises “[a] set of Unicode strings”, but
nothing is said as to how these strings are to be derived from the
client’s certificate.
Can you outline the procedure by which these strings are formed, and
perhaps provide an example of such a string?
Regards,
Joseph
More information about the cifs-protocol
mailing list