[cifs-protocol] RE: Status: SRX081013600536: [MS-NRPC] operation backing store linkages
Good morning Andrew. I am sending this to let you know that I have not yet finished my survey and annotation of the backing store linkages (on a function by function basis). I don't expect to finish this for at least another week. Thanks for your patience! Regards, Bill Wesse MCSE, MCTS / Escalation Engineer, US-CSS DSC PROTOCOL TEAM 8055 Microsoft Way Charlotte, NC 28273 TEL: +1(980) 776-8200 CELL: +1(704) 661-5438 FAX: +1(704) 665-9606 -Original Message- From: Bill Wesse Sent: Monday, October 20, 2008 7:20 AM To: 'Andrew Bartlett' Cc: '[EMAIL PROTECTED]'; '[EMAIL PROTECTED]' Subject: RE: Status: SRX080811600226 ([MS-NRPC] 2.2.1.3.12 Trust Account Details) superceded by SRX081013600536: [MS-NRPC] operation backing store linkages Thank you again Andrew. I am proceeding with an enumeration of the linkage list, for submission to document development. Regards, Bill Wesse MCSE, MCTS / Escalation Engineer, US-CSS DSC PROTOCOL TEAM 8055 Microsoft Way Charlotte, NC 28273 TEL: +1(980) 776-8200 CELL: +1(704) 661-5438 FAX: +1(704) 665-9606 -Original Message- From: Andrew Bartlett [mailto:[EMAIL PROTECTED] Sent: Friday, October 17, 2008 8:02 AM To: Bill Wesse Cc: '[EMAIL PROTECTED]'; '[EMAIL PROTECTED]' Subject: RE: Status: SRX080811600226 ([MS-NRPC] 2.2.1.3.12 Trust Account Details) superceded by SRX081013600536: [MS-NRPC] operation backing store linkages On Fri, 2008-10-17 at 03:38 -0700, Bill Wesse wrote: > Thanks Andrew - especially for the corrections. > > Just to clarify, the document was never meant to be standalone; It is a very useful thing standalone, or alongside the main document, because it is organised differently, and even just that makes it easier to work with (sometimes it is great to have two different ways to approach the info). Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc. ___ cifs-protocol mailing list cifs-protocol@cifs.org https://lists.samba.org/mailman/listinfo/cifs-protocol
[cifs-protocol] RE: List of interfaces used by Trusted domains (SRX081021600181)
Good morning again Andrew. As I noted in my other email, I will provide unencrypted network packet contents as soon as I can (I will keep you advised on this). Meanwhile, I have spent considerable time handchecking the source code in various versions of Windows Server (2000 - 2008), in order to profile trust management. In the general case, the same functions are used, but I have not yet collected the version dependant detail differences. I would again like to thank you for your patience; I expect to have a progress update for you next week. Regards, Bill Wesse MCSE, MCTS / Escalation Engineer, US-CSS DSC PROTOCOL TEAM 8055 Microsoft Way Charlotte, NC 28273 TEL: +1(980) 776-8200 CELL: +1(704) 661-5438 FAX: +1(704) 665-9606 -Original Message- From: Andrew Bartlett [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 6:17 PM To: Bill Wesse Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: List of interfaces used by Trusted domains (SRX081021600181) On Tue, 2008-10-21 at 09:47 -0700, Bill Wesse wrote: > Good morning Andrew. Bill Wesse here again. I have just taken > ownership of this case (SRX081021600181), and have already begun work. > > Please note that the attached document ([SCENARIO_DOMAIN_TRUST].pdf) > contains some of the information you are looking for (for external > trusts only, at this point). > > I am currently setting up a virtual machine to house FreeBSD and MIT > Kerberos in order to detail the network traffic involved with trust > manipulation, and will keep you advised of my progress. Thankyou very much. One note I would make about the packet dumps, which form the majority of this document is that while the cleartext headers are specified in incredible detail, they provide little information. At the same time, the actually useful parts are still encrypted. Perhaps these could be reversed, with the headers excluded (if an implementer can't understand the headers, they should look at the right RPC doc) but the payload in the clear. This would save space, paper and provide more useful information. Thanks, Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc. ___ cifs-protocol mailing list cifs-protocol@cifs.org https://lists.samba.org/mailman/listinfo/cifs-protocol
[cifs-protocol] Status: SRX080909600334: [MS-APDS] Backing store and policy application information
Change request for [MS-NRPC]: NETLOGON_VALIDATION_SAM_INFO4 Structure Member Derivations and References ([MS-NRPC] 2.2.1.4.13) Status is that the information in the PasswordPolicyAndValidation.pdf document will not become part of the [MS-NRPC] document. This is because of the unwieldy amount of inter-document cross references in the tables. Change request for [MS-SAMR]: Password Policy Checks ([MS-SAMR] 3.1.5.14.2) 3. Password Validation Attributes ([MS-SAMR] 5.2) - Documentation development has not yet responded; I have alerted them concerning this. Regards, Bill Wesse MCSE, MCTS / Escalation Engineer, US-CSS DSC PROTOCOL TEAM 8055 Microsoft Way Charlotte, NC 28273 TEL: +1(980) 776-8200 CELL: +1(704) 661-5438 FAX: +1(704) 665-9606 -Original Message- From: Bill Wesse Sent: Tuesday, October 14, 2008 6:18 AM To: 'Andrew Bartlett' Cc: '[EMAIL PROTECTED]'; '[EMAIL PROTECTED]' Subject: RE: Resend: Response: SRX080909600334: [MS-APDS] Backing store and policy application information Good morning Andrew. I have created document change requests, using the attached document as a source. The 3 topics below, from the attached document, have been submitted against the noted open protocol docs. I will keep you advised of progress. Thanks for your patience! Change request for [MS-NRPC] created: 1. NETLOGON_VALIDATION_SAM_INFO4 Structure Member Derivations and References ([MS-NRPC] 2.2.1.4.13) Change request for [MS-SAMR] created: 2. Password Policy Checks ([MS-SAMR] 3.1.5.14.2) 3. Password Validation Attributes ([MS-SAMR] 5.2) Regards, Bill Wesse MCSE, MCTS / Escalation Engineer, US-CSS DSC PROTOCOL TEAM 8055 Microsoft Way Charlotte, NC 28273 TEL: +1(980) 776-8200 CELL: +1(704) 661-5438 FAX: +1(704) 665-9606 -Original Message- From: Bill Wesse Sent: Thursday, October 09, 2008 2:37 PM To: 'Andrew Bartlett' Cc: '[EMAIL PROTECTED]'; '[EMAIL PROTECTED]' Subject: RE: Resend: Response: SRX080909600334: [MS-APDS] Backing store and policy application information Hi Andrew. I hope interop & SNIA went well (I heard some positive feedback on the interop, but SNIA is outside my working set ). I am the sole author of PasswordPolicyAndValidation.pdf - and gather you are interested in the entire set of tables & information in it being inserted into the appropriate documents. So, I will proceed to file document change requests as applicable, using PasswordPolicyAndValidation.pdf as the source for change proposals. I wish I could say that the pdf will serve as a model - but I do know there is an ongoing conversation here about top-down versus bottom-up documentation style & content. I recognize much of the AD documentation is bottom-up, which doesn't provide the most straightforward route to an implementation... Hence that other document I sent a (very) rough copy of a while back ([SCENARIO_DOMAIN_TRUST].pdf - which currently deconstructs most of the wired operations & some of data flow for trusts). As I noted in a separate email, I expect to be able to provide you with the latest copy soon. How much of that doc will end up on other forthcoming items under development is currently a big unknown. Regards, Bill Wesse MCSE / Escalation Engineer, US-CSS DSC PROTOCOL TEAM 8055 Microsoft Way Charlotte, NC 28273 TEL: +1(980) 776-8200 CELL: +1(704) 661-5438 FAX: +1(704) 665-9606 -Original Message- From: Andrew Bartlett [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 08, 2008 4:53 PM To: Bill Wesse Cc: '[EMAIL PROTECTED]'; '[EMAIL PROTECTED]' Subject: RE: Resend: Response: SRX080909600334: [MS-APDS] Backing store and policy application information On Wed, 2008-10-08 at 08:09 -0700, Bill Wesse wrote: > Good morning again Andrew! I am resending this since I have not > received a response to my email of Sept 26. Could you advise me > concerning how you would like the document to read? > > Good morning Andrew. I have completed my preliminary investigation > concerning your questions about password policy, validation and > concrete backing store for user and trust account attributes. I'm so sorry I didn't get back to you. As I said to everyone else (at the interop and SNIA events), I just wish the rest of the documentation was so clear and provided such a useful mapping. Very well done! Now, what is the long-term status of this document, and how can we make it a modal for other protocols? Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc. ___ cifs-protocol mailing list cifs-protocol@cifs.org https://lists.samba.org/mailman/listinfo/cifs-protocol