[PATCH] Adds support for Resource SID Compression a new Windows Server 2012 KDC feature - 3rd Version
abartlet at samba.org
Tue Apr 2 14:28:29 MDT 2013
On Tue, 2013-04-02 at 13:58 +0200, Markus Baier wrote:
> this is a new patch for adding support for the resource sid
> compression feature of Microsoft Server 2012 KDC
> This patch version manipulates the PAC_LOGON_INFO structure
> within the decode_pac_data function in /source3/libads/authdata.c
> Now this one works for modules which receive the PAC Data from a
> deeper point in the program structure, like CIFS logins, too.
> Maybe somebody can review the patch.
I'm sorry I didn't get back to you yesterday, but I still don't think
that's the right place. I'm entirely uncomfortable with the idea of
having a filter which 'fixes' this structure. Instead, we need to be
patching the code where we extract SIDs from the structure.
For example, in master that code would be:
What I'm saying is that we need to consolidate the duplicate code in
these routines, and then to fix this exactly once.
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba-technical