Kerberos PAC info on MSDN Library
Luke Howard
lukeh at PADL.COM
Tue Feb 26 18:18:00 EST 2002
>lkcl> the samba tng project also actually contains
>lkcl> more info (i.e. all of those "reserved" fields
>lkcl> that's bullshit, they're well-known fields!)
>lkcl> in some areas than is outlined in this microsoft
>lkcl> document.
>
>Are these well-known fields that are claimed to be "reserved" in the
>MS document actually required for proper functioning of a MS service?
I'm not sure whether the LSA retrieves these from the PAC or ignores
them and retrieves them directly from Active Directory. Probably the
former.
Luke Leighton's book on DCE/RPC and SMB contains a Network Monitor
excerpt that reveals the NETLOGON_VALIDATION_SAM_INFO2 structure;
this is layed out similarly to KERB_VALIADTION_INFO without the
last three fields (no resource groups). The "reserved" fields are
labelled. (I assume we can treat this as public information as
it has been published in a book. :-))
-- Luke
--
Luke Howard | lukehoward.com
PADL Software | www.padl.com
More information about the krbdev
mailing list