Good morning Andrew. I have created the new case as noted in the Subject line. I expect you will be happy to know that we are initiating a strong recommendation that the objectSid definition in [MS-ADA3] be modified as shown below. Thank you for your persistence on this topic.
I will keep you advised of progress! Change: 2.44 Attribute objectSid This attribute specifies a binary value that specifies the security identifier (SID) of the user. The SID is a unique value used to identify the user as a security principal. For more information on the SID data type, refer to [MS-DTYP] section 2.4.2. SID usage is also discussed in [MS-ADTS], in particular in section 3.1.1.1.3. To: 2.44 Attribute objectSid This attribute specifies a variable-length byte array value that specifies the security identifier (SID) of the user. For more information on the SID data type, refer to [MS-DTYP] section 2.4.2. It also may be represented as a UTF-8 string that is a valid SDDL SID string beginning with "S-" (see [MS-DTYP] sections 2.4.2 and 2.5.1, and [MS-ADTS] 3.1.1.3.1.2.5). The SID is a unique value used to identify the user as a security principal. SID usage is also discussed in [MS-ADTS], in particular in section 3.1.1.1.3. Regards, Bill Wesse MCSE / Escalation Engineer, US-CSS DSC PROTOCOL TEAM 8055 Microsoft Way Charlotte, NC 28273 TEL: +1(980) 776-8200 CELL: +1(704) 661-5438 FAX: +1(704) 665-9606 _______________________________________________ cifs-protocol mailing list cifs-protocol@cifs.org https://lists.samba.org/mailman/listinfo/cifs-protocol