unknown RPC opcodes during join+logon
Jean Francois Micouleau
Jean-Francois.Micouleau at dalalu.fr
Fri Sep 20 00:45:21 GMT 2002
On Fri, 20 Sep 2002, Richard Sharpe wrote:
> On Thu, 19 Sep 2002, Vijay Kota wrote:
>
> > I am attaching the traces for 2 clients - FUBAR and FOOBAR.
>
> OK, thanks for that, but there is insufficient info in just two packets to
> allow Ethereal to dissect all the stuff in there.
>
> That makes it difficult to see what is going on.
I would say it's enough.
vijay, I guess the odd/even name are unicode strings. What are the
string length values W2K is sending and what samba is sending ?
if there is an alignment bug it's before the credential blob.
I'll look at it but not before next week.
J.F.
>
> I can make available a trace of a WinXP system joining an AD domain.
>
> > Here's what my Win2K clients do (pl. refer to trace):
> > Odd name: <8-byte-credential><4-byte flags = 0x6007ffff>
> > Even name: <8-byte-credential>,0x6B,0,<4-byte flags =
> > 0x0007ffff>
> >
> > But here are the results I got with changes to Samba:
> > Odd name: <credential><4-byte flags = 0x0007ffff>: Access Denied
> > Even name: <credential>,0x6B,0,<flags=0x0007ffff>: Access Denied
> > Odd name: <credential><flags = 0x000001ff>:
> > Success but "servicePrincipalName" attribute in Active
> > Directory disappears
> > Even name: <credential>,0x6B,0,<flags=0x000001ff>:
> > Success but "servicePrincipalName" attribute in Active
> > Directory disappears
> > Odd/even name: <credential>,0x6B,0,0x6B,0,<flags=0x0007ffff>
> > Everything seems ok. However I think Luke is most
> > probably right about the PDC ignoring the flag value -
> > at
> > least part of it. I haven't tried diff. flag settings
> >
> > Hope this helps,
> > Vijay
> >
> > -----Original Message-----
> > From: samba-technical-admin at lists.samba.org
> > [mailto:samba-technical-admin at lists.samba.org] On Behalf Of Richard
> > Sharpe
> > Sent: Thursday, September 19, 2002 1:24 PM
> > To: Vijay Kota
> > Cc: samba-technical at lists.samba.org
> > Subject: RE: unknown RPC opcodes during join+logon
> >
> > On Thu, 19 Sep 2002, Vijay Kota wrote:
> >
> > > That would seem like the logical interpretation but Microsoft works in
> > > mysterious ways :-)
> > >
> > > Btw, I tried 0x6B because I saw it consistently in traces between my
> > > Win2K clients and Win2K PDC (to see it, netbios name should have an
> > even
> > > length) Not sure if this is just because of some configuration issue
> > > though - which is why I was hoping you could cross-check for me ;-)
> >
> > Are you sure it is not simply padding? Any mention of even vs odd
> > NetBIOS
> > names makes me think of padding.
> >
> > Can you extract the relevant packets and post them to us?
> >
> >
> > Regards
> > -----
> > Richard Sharpe, rsharpe at ns.aus.com, rsharpe at samba.org,
> > sharpe at ethereal.com
> >
>
> --
> Regards
> -----
> Richard Sharpe, rsharpe at ns.aus.com, rsharpe at samba.org,
> sharpe at ethereal.com
>
>
More information about the samba-technical
mailing list