[cifs-protocol] [EXTERNAL] KB5028166 introduced undocumented changes to MS-NRPC? - TrackingID#2307130040006898
Jeff McCashland (He/him)
jeffm at microsoft.com
Wed Jul 19 17:44:59 UTC 2023
Hi Ralph,
The updates have been published in an Errata document for later inclusion in [MS-NRPC]:
Windows Protocols Errata: [MS-NRPC]: Netlogon Remote Protocol
https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-winerrata/69ffd0ac-a0dd-49f2-96ad-6720441b0a93
Please let us know if this does not address the issue below.
Best regards,
Jeff McCashland (He/him) | Senior Escalation Engineer | Microsoft Protocol Open Specifications Team
Phone: +1 (425) 703-8300 x38300 | Hours: 9am-5pm | Time zone: (UTC-08:00) Pacific Time (US and Canada)
Local country phone number found here: http://support.microsoft.com/globalenglish | Extension 1138300
-----Original Message-----
From: Jeff McCashland (He/him)
Sent: Monday, July 17, 2023 2:03 PM
To: Ralph Böhme <slow at samba.org>
Cc: cifs-protocol at lists.samba.org; Microsoft Support <supportmail at microsoft.com>
Subject: RE: [EXTERNAL] KB5028166 introduced undocumented changes to MS-NRPC? - TrackingID#2307130040006898
Hi Ralph,
We expect to publish an updated [MS-NRPC] release this week with changes related to the 7/11 updates.
Best regards,
Jeff McCashland (He/him) | Senior Escalation Engineer | Microsoft Protocol Open Specifications Team
Phone: +1 (425) 703-8300 x38300 | Hours: 9am-5pm | Time zone: (UTC-08:00) Pacific Time (US and Canada) Local country phone number found here: http://support.microsoft.com/globalenglish | Extension 1138300
-----Original Message-----
From: Jeff McCashland (He/him)
Sent: Thursday, July 13, 2023 2:02 PM
To: Ralph Böhme <slow at samba.org>
Cc: cifs-protocol at lists.samba.org; Microsoft Support <supportmail at microsoft.com>
Subject: RE: [EXTERNAL] KB5028166 introduced undocumented changes to MS-NRPC? - TrackingID#2307130040006898
[Mike to BCC]
Hi Ralph,
I will look into these questions and let you know what I find.
Best regards,
Jeff McCashland (He/him) | Senior Escalation Engineer | Microsoft Protocol Open Specifications Team
Phone: +1 (425) 703-8300 x38300 | Hours: 9am-5pm | Time zone: (UTC-08:00) Pacific Time (US and Canada) Local country phone number found here: http://support.microsoft.com/globalenglish | Extension 1138300
-----Original Message-----
From: Michael Bowen <Mike.Bowen at microsoft.com>
Sent: Thursday, July 13, 2023 8:46 AM
To: Ralph Böhme <slow at samba.org>
Cc: cifs-protocol at lists.samba.org; Microsoft Support <supportmail at microsoft.com>
Subject: RE: [EXTERNAL] KB5028166 introduced undocumented changes to MS-NRPC? - TrackingID#2307130040006898
[DocHelp to BCC]
Hi Ralph.
Thank you for your inquiry. The case 2307130040006898 has been created to track this issue. One of our team members will contact you soon.
Best regards,
Mike Bowen
Escalation Engineer - Microsoft Open Specifications
-----Original Message-----
From: Ralph Boehme <slow at samba.org>
Sent: Thursday, July 13, 2023 2:11 AM
To: Interoperability Documentation Help <dochelp at microsoft.com>
Cc: cifs-protocol at lists.samba.org
Subject: [EXTERNAL] KB5028166 introduced undocumented changes to MS-NRPC?
Hello dochelp,
we're receiving numerous user reports that after installing KB5028166 related updates applications on Windows clients can't authenticate anymore against Samba AD DCs.
https://bugzilla.samba.org/show_bug.cgi?id=15418
It looks like the Windows update introduced changes to netlogon that are not implemented in Samba and also not documented in MS-NRPC.
The logs on the Samba DC tells us the problem is a new NETLOGON_CAPABILITIES type "2":
[2023/07/12 18:04:47.063445, 1, pid=11202, effective(0, 0), real(0, 0), class=rpc_parse] ../../librpc/ndr/ndr.c:490(ndr_print_function_debug)
netr_LogonGetCapabilities: struct netr_LogonGetCapabilities
out: struct netr_LogonGetCapabilities
return_authenticator : *
return_authenticator: struct netr_Authenticator
cred: struct netr_Credential
data : XXXXXXXXXXXXXXXX
timestamp : (time_t)0
capabilities : *
capabilities : union
netr_Capabilities(case 2)
UNKNOWN LEVEL 2
result : NT_STATUS_NOT_SUPPORTED
MS-NRPC only documents type 1:
<https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-nrpc/f03cad67-077f-4042-80b0-cdc38dca9968>
Please read my description with a grain of salt, I'm not the netlogon expert on our team, just wanted to set the ball rolling... :)
Thanks!
-slow
--
Ralph Boehme, Samba Team https://samba.org/
SerNet Samba Team Lead https://sernet.de/en/
More information about the cifs-protocol
mailing list