unknown RPC opcodes during join+logon

Richard Sharpe rsharpe at ns.aus.com
Fri Sep 20 00:46:59 GMT 2002

On Thu, 19 Sep 2002, Vijay Kota wrote:

> I too think the algorithm is not the same since I implemented the RPC
> using the same algorithm (cred_session_key() and cred_create(zerotime))
> but got 0xC0000022. This was with a flags value of 0x0007FFFF. However,
> the PDC returns STATUS_SUCCESS if flags = 0x000001FF. So the flags field
> seems to be significant.
> Strangely though, if I don't align after the challenge and push a
> 0x006B006B (or 0x0000006B) before the neg_flags (= 0x0007FFFF), I could
> get it to work. I am not claiming that the preceding statement was very
> logical :-)) but it would be great if someone could verify it and at
> least disprove it.

OK, it seems to require that it is 4-byte aligned after the challenge.

Richard Sharpe, rsharpe at ns.aus.com, rsharpe at samba.org, 
sharpe at ethereal.com

More information about the samba-technical mailing list