G'Day, I was looking for a concise reference for the cryptography used in SamrSetUserInfo2 for my security overview doc.
However https://msdn.microsoft.com/en-us/library/cc245793.aspx 3.1.5.6.4 SamrSetInformationUser2 (Opnum 58) does not really fill in the details of the cryptographic operation. In https://msdn.microsoft.com/en-us/library/cc245798.aspx 3.1.5.6.4.5 UserInternal4InformationNew and https://msdn.microsoft.com/en-us/library/cc245797.aspx 3.1.5.6.4.4 UserInternal4Information it does say the server MUST update the clearTextPassword attribute with the (decrypted) but it only makes sense if you search the PDF for RC4 and find 3.2.2.1 RC4 Cipher Usage, but even this references different structure names. I think this could be improved to link clearly back to the exact cryptographic operations from the operation that uses it, rather than just saying 'decrypted'. Thanks, Andrew Bartlett -- Andrew Bartlett https://samba.org/~abartlet/ Authentication Developer, Samba Team https://samba.org Samba Development and Support, Catalyst IT https://catalyst.net.nz/services/samba _______________________________________________ cifs-protocol mailing list cifs-protocol@lists.samba.org https://lists.samba.org/mailman/listinfo/cifs-protocol
