Hi Andrew - I am sending this, as I have not received responses to my last several emails.
Please let me know if I have answered your questions satisfactorily; if so, I will consider the case resolved. Thanks for helping us improve our documentation. Please note that I will archive / close the case early next week if I do not hear from you. We can reopen the case if there are any open issues! Regards, Bill Wesse MCSE, MCTS / Senior Escalation Engineer, US-CSS DSC PROTOCOL TEAM 8055 Microsoft Way Charlotte, NC 28273 TEL: +1(980) 776-8200 CELL: +1(704) 661-5438 FAX: +1(704) 665-9606 -----Original Message----- From: Bill Wesse Sent: Tuesday, September 22, 2009 8:18 AM To: 'Andrew Bartlett' Cc: 'cifs-proto...@samba.org'; 'p...@tridgell.net'; 'Matthias Dieter Wallnöfer' Subject: RE: [cifs-protocol] Please clarify LSA and OsVersion behaviour in MS-NRPC (SRX090727600015) Hi Andrew - it was great talking to you at the SNIA SDC last week! I hope your trip back home wasn't too exhausting. Please let me know if you have any continuing issues concerning OsVersion behavior. Regards, Bill Wesse MCSE, MCTS / Senior Escalation Engineer, US-CSS DSC PROTOCOL TEAM 8055 Microsoft Way Charlotte, NC 28273 TEL: +1(980) 776-8200 CELL: +1(704) 661-5438 FAX: +1(704) 665-9606 -----Original Message----- From: Bill Wesse Sent: Friday, September 11, 2009 7:37 AM To: 'Andrew Bartlett' Cc: 'cifs-proto...@samba.org'; 'p...@tridgell.net'; 'Matthias Dieter Wallnöfer' Subject: RE: [cifs-protocol] Please clarify LSA and OsVersion behaviour in MS-NRPC (SRX090727600015) Good morning Andrew - just checking in to see if we have covered everything! -----Original Message----- From: Hongwei Sun Sent: Wednesday, September 02, 2009 5:10 PM To: 'Andrew Bartlett'; Bill Wesse Cc: p...@tridgell.net; cifs-proto...@samba.org; Matthias Dieter Wallnöfer Subject: RE: [cifs-protocol] Please clarify LSA and OsVersion behaviour in MS-NRPC (SRX090727600015) Andrew, We confirmed that Windows server 2008 and later systems addressed the problem by implementing validation of the DNSHostName and SPN in NetrLogonGetDomainInfo to enforce the same constraints as specified in section 3.1.1.5.3.1.1.2(dNSHostName) and 3.1.1.5.3.1.1.4(servicePrincipalName) in MS-ADTS. Therefore you should follow these rules to match the Windows behaviors. Please let us know if you have further questions. Thanks! -------------------------------------------------------------------- Hongwei Sun - Sr. Support Escalation Engineer DSC Protocol Team, Microsoft hongw...@microsoft.com Tel: 469-7757027 x 57027 --------------------------------------------------------------------- Regards, Bill Wesse MCSE, MCTS / Senior Escalation Engineer, US-CSS DSC PROTOCOL TEAM 8055 Microsoft Way Charlotte, NC 28273 TEL: +1(980) 776-8200 CELL: +1(704) 661-5438 FAX: +1(704) 665-9606 -----Original Message----- From: Bill Wesse Sent: Friday, August 28, 2009 10:53 AM To: 'Andrew Bartlett' Cc: 'cifs-proto...@samba.org'; 'p...@tridgell.net'; 'Matthias Dieter Wallnöfer'; Hongwei Sun Subject: RE: [cifs-protocol] Please clarify LSA and OsVersion behaviour in MS-NRPC (SRX090727600015) I will be out of the office on vacation, returning Monday, September 7. My colleague, Hongwei Sun will be your contact during my absence. Regards, Bill Wesse MCSE, MCTS / Senior Escalation Engineer, US-CSS DSC PROTOCOL TEAM 8055 Microsoft Way Charlotte, NC 28273 TEL: +1(980) 776-8200 CELL: +1(704) 661-5438 FAX: +1(704) 665-9606 -----Original Message----- From: Bill Wesse Sent: Friday, August 28, 2009 7:27 AM To: 'Andrew Bartlett' Cc: cifs-proto...@samba.org; p...@tridgell.net; Matthias Dieter Wallnöfer Subject: RE: [cifs-protocol] Please clarify LSA and OsVersion behaviour in MS-NRPC (SRX090727600015) Thanks for the information Andrew; I have proposed we add additional NetrLogonGetDomainInfo coverage to our test suites. Regards, Bill Wesse MCSE, MCTS / Senior Escalation Engineer, US-CSS DSC PROTOCOL TEAM 8055 Microsoft Way Charlotte, NC 28273 TEL: +1(980) 776-8200 CELL: +1(704) 661-5438 FAX: +1(704) 665-9606 -----Original Message----- From: Andrew Bartlett [mailto:abart...@samba.org] Sent: Thursday, August 27, 2009 5:44 PM To: Bill Wesse Cc: cifs-proto...@samba.org; p...@tridgell.net; Matthias Dieter Wallnöfer Subject: RE: [cifs-protocol] Please clarify LSA and OsVersion behaviour in MS-NRPC (SRX090727600015) On Wed, 2009-08-26 at 09:52 -0700, Bill Wesse wrote: > Hello again Andrew - I have a 'short' answer for you. > > Windows 2008 does the following additional checks: > > 1. NETLOGON_WORKSTATION_INFO.DnsHostName and ComputerName match > appropriately (re: trailing '$' on ComputerName) 2. > NETLOGON_WORKSTATION_INFO.DnsHostName suffix is checked against > msDS-AllowedDNSSuffixes. > > I can't at the moment be more complete, without exercising > NetrLogonGetDomainInfo against 2000, 2003 and so on. I hesitate to attempt a > description against code hand-checks, as it is just too easy to miss > something. > > Do you have any test software already configured to do that? You could hack the GetDomainInfo test in smbtorture's RPC-NETLOGON. We don't have anything that lets you set it arbitrarily from the command line (yet, I could write it). Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Cisco Inc. _______________________________________________ cifs-protocol mailing list cifs-protocol@cifs.org https://lists.samba.org/mailman/listinfo/cifs-protocol
