Andrew, We are working to get you and answer for the entire table as you requested. At this time I don't have an ETA for completion but I will update you by the end of the week, regardless of whether I have a complete answer or not.
I did want to ask you if this link to the MS-SAMR document gives you the information you need with regard to the supplementalCredentials attribute http://msdn.microsoft.com/en-us/library/cc245499.aspx? Richard Guthrie Open Protocols Support Team Support Escalation Engineer, US-CSS DSC PROTOCOL TEAM 7100 N Hwy 161, Irving, TX - 75039 "Las Colinas - LC2" Tel: +1 469 775 7794 E-mail: [EMAIL PROTECTED] -----Original Message----- From: Andrew Bartlett [mailto:[EMAIL PROTECTED] Sent: Sunday, June 22, 2008 10:44 PM To: Richard Guthrie Cc: Interoperability Documentation Help; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: [cifs-protocol] format of password attributes in AD On Sat, 2008-06-14 at 22:55 +1000, Andrew Bartlett wrote: > On Thu, 2008-06-12 at 08:38 -0700, Richard Guthrie wrote: > > Andrew, > > > > I wanted to ensure I understand your question so please validate the > > following: > > > > The MS-ADTS document, section 3.1.1.4.4 Extended Access checks is > > missing information that describes the format of the attributes > > listed in the table. Your question relates to syncing these > > attributes via Directory Replication as described in MS-DRSR. The > > table indicates "Access is never granted." What is the format of > > these attributes when synced via DRS? > > The MS-ADTS document, section 3.1.1.4.4 Extended Access checks lists > attributes over which "Access is never granted.". Naturally this > makes them harder to inspect to determine their format. What is the > format of these attributes when synced via DRS (which does permit their > access)? > > I'm picking on this table because almost all these attributes listed > here as 'access is never granted' are in some way complex in their > representation (because they deal with passwords and similar > information), but most (all?) are described simply as 'octect string' > in the documentation. > > > Is this a correct interpretation of your question? > > No, see my revised attempt. Has there been any progress in documenting the format of these attributes? Thanks, -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc. http://redhat.com _______________________________________________ cifs-protocol mailing list cifs-protocol@cifs.org https://lists.samba.org/mailman/listinfo/cifs-protocol