Andrew, Thank you for the request. I will be working with you on this issue. I need to review the documentation and will get back to you with a response shortly.
Richard Guthrie Open Protocols Support Team Support Escalation Engineer, US-CSS DSC PROTOCOL TEAM 7100 N Hwy 161, Irving, TX - 75039 "Las Colinas - LC2" Tel: +1 469 775 7794 E-mail: [EMAIL PROTECTED] We're hiring http://members.microsoft.com/careers/search/details.aspx?JobID=A976CE32-B0B9-41E3-AF57-05A82B88383E&start=1&interval=10&SortCol=DatePosted -----Original Message----- From: Andrew Bartlett [mailto:[EMAIL PROTECTED] Sent: Friday, August 08, 2008 3:07 AM To: Interoperability Documentation Help Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: How to validate the PAC in NETLOGON In MS-APDS 2.2.2.1 is claims that the client will send to the server the PAC signatures (but not apparently the whole PAC), and that the NETLOGON server (on the DC) must verify them. How is it meant to verify the signatures, if it does not have the PAC to verify checksum over? Also, is there a command I can run on windows to cause this NETLOGON pac validation to happen? (The document could do with a worked example here, and in the PAC document). Thanks, Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc. _______________________________________________ cifs-protocol mailing list [email protected] https://lists.samba.org/mailman/listinfo/cifs-protocol
