[prev in list] [next in list] [prev in thread] [next in thread]
List: cifs-protocol
Subject: Re: [cifs-protocol] [REG:114112412079949] Is MS-ADTS DL_DRSGetMemberships correct for workstation tr
From: Obaid Farooqi <obaidf () microsoft ! com>
Date: 2014-11-26 5:10:56
Message-ID: BN1PR03MB1215B798476A804C1D0BF83C6700 () BN1PR03MB121 ! namprd03 ! prod ! outlook ! com
[Download RAW message or body]
Hi Andrew:
I'll help you with this issue and would be in touch as soon as I have an answer.
Regards,
Obaid Farooqi
Escalation Engineer | Microsoft
Exceeding your expectations is my highest priority. If you would like to provide \
feedback on your case you may contact my manager at nkang at Microsoft dot com
-----Original Message-----
From: "Vilmos Foltenyi" <vilmosf@microsoft.com>
Sent: Sunday, November 23, 2014 11:28 PM
To: "Andrew Bartlett" <abartlet@samba.org>
Cc: "cifs-protocol@samba.org" <cifs-protocol@samba.org>; "MSSolve Case Email" \
<casemail@microsoft.com>
Subject: [REG:114112412079949] Is MS-ADTS DL_DRSGetMemberships correct for \
workstation trust accounts?
[dochelp to Bcc, SR # to Subject]
Hi Andrew,
Thank you for your question. I created the case SR 114112412079949 to track this \
issue with the Protocol Documentation support team. An engineer from our team will \
contact you soon via e-mail to begin working with you.
Regards,
Vilmos Foltenyi - MSFT
-----Original Message-----
From: Andrew Bartlett [mailto:abartlet@samba.org]
Sent: Sunday, November 23, 2014 20:32
To: Interoperability Documentation Help
Cc: cifs-protocol@samba.org
Subject: Is MS-ADTS DL_DRSGetMemberships correct for workstation trust accounts?
In MS-ADTS 4.1.8.3 Server Behavior of the IDL_DRSGetMemberships Method
It has this in the psudocode:
if((u!userAccountControl & ADS_UF_WORKSTATION_TRUST_ACCOUNT =
ADS_UF_WORKSTATION_TRUST_ACCOUNT) or
(u!userAccountControl & ADS_UF_PARTIAL_SECRETS_ACCOUNT =
ADS_UF_PARTIAL_SECRETS_ACCOUNT))
wSet := wSet + GetDSNameOfEnterpriseRODCsGroup() endif
I'm curious about the 'or' in the middle of the if statement. Shoudn't it be an \
'and', because you only want to put the object in the EnterpriseRODCs Group if it is \
both a workstation trust account, and a partial secrets account (otherwise, all \
workstations would be in it).
Thanks,
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org Samba Developer, Catalyst IT \
http://catalyst.net.nz/services/samba
_______________________________________________
cifs-protocol mailing list
cifs-protocol@samba.org
https://lists.samba.org/mailman/listinfo/cifs-protocol
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic