Hi again, On Sun, Jan 26, 2020 at 1:57 PM Isaac Boukris <[email protected]> wrote: > > When a KDC replies with Service Ticket (MS-SFU 3.2.5.2.2), how does it > determine the reply cname and crealm. > > https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-sfu/ce6bbf34-0f11-40d6-93d1-165a3afa0223 > > Per the above doc, it sounds like it should be the cname and crealm > from the additional-ticket, however in RBCD, when the > additional-ticket is a cross-tgt the cname and cream are of service-1 > and not of the impersonated client. > > In contrast, I've observed that Windows KDC constructs the > impersonated client's principal name from the PAC, and set the reply > cname and crealm to that principal's. However, I can't find any clear > document that reflects it.
I've sent this over the weekend, and perhaps got lost. In short, I think MS-SFU 3.2.5.2.2 section was not updated for cross-realm RBCD, as other parts of the document. Please review and assign :) _______________________________________________ cifs-protocol mailing list [email protected] https://lists.samba.org/mailman/listinfo/cifs-protocol
