[cifs-protocol] [MS-ADTS] msDS-ManagedPassword and creationTime - TrackingID#2401100040000760

Joseph Sutton jsutton at samba.org
Fri Jan 19 03:29:38 UTC 2024


Thank you for the clarification.

Regards,
Joseph

On 19/01/24 12:05 pm, Obaid Farooqi wrote:
> Hi Joseph:
> Thanks for bringing this to our attention. The creationTime is actually the attribute whenCreated, specified in section 2.371 in MS-ADA3.
> 
> https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-ada3/ada870e9-f8d3-4e3b-bc80-b3a888f05204
> 
> I have filed a bug to fix this issue in the MS-ADTS.
> Please let me know if this does not answer your question.
> Regards,
> Obaid Farooqi
> Escalation Engineer | Microsoft
> 
> -----Original Message-----
> From: Jeff McCashland (He/him) <jeffm at microsoft.com>
> Sent: Tuesday, January 9, 2024 8:08 PM
> To: Joseph Sutton <jsutton at samba.org>; cifs-protocol at lists.samba.org
> Cc: Microsoft Support <supportmail at microsoft.com>
> Subject: [MS-ADTS] msDS-ManagedPassword and creationTime - TrackingID#2401100040000760
> 
> [DocHelp to BCC, support on CC, SR ID on Subject]
> 
> Hi Joseph,
> 
> Thank you for your email. We have created SR 2401100040000760 to track this issue. One of our engineers will respond soon.
> 
> Best regards,
> Jeff McCashland (He/him) | Senior Escalation Engineer | Microsoft Protocol Open Specifications Team
> Phone: +1 (425) 703-8300 x38300 | Hours: 9am-5pm | Time zone: (UTC-08:00) Pacific Time (US and Canada) Local country phone number found here: http://support.microsoft.com/globalenglish | Extension 1138300
> 
> -----Original Message-----
> From: Joseph Sutton <jsutton at samba.org>
> Sent: Tuesday, January 9, 2024 4:37 PM
> To: cifs-protocol at lists.samba.org; Interoperability Documentation Help <dochelp at microsoft.com>
> Subject: [EXTERNAL] [MS-ADTS] msDS-ManagedPassword and creationTime
> 
> Hi dochelp,
> 
> [MS-ADTS] 3.1.1.4.5.39 (msDS-ManagedPassword) twice mentions using the value TO!creationTime to calculate the managed password for some object TO. The only problem is, as far as I can tell, Group Managed Service Accounts do not have a creationTime attribute.
> 
> Was createTimeStamp (or perhaps whenCreated) intended instead?
> 
> Regards,
> Joseph



More information about the cifs-protocol mailing list