On Tue, 2008-08-12 at 19:57 -0700, Richard Guthrie wrote: > Andrew, > We have completed our investigation of your request to include information > linking the structures in the backing store for LSA with the MS-LSAD > documents. We have focused on the methods related to trusted domain > operations. The list of these methods can be found in section 3.1.4.7. To > summarize, all of these methods deal with various aspects of > manipulating/querying Trusted Domain Objects as defined in section 7.1.6 of > the MS-ADTS documentation.
I think we still have a fair way to go with this, but that at least provides some of the missing links. I'll note that on further reading, much of what I'm after can actually be answered pretty simply - if the table in MS-LSAD 3.1.1.5 and MS-ADTS 7.1.6.7 were combined. But as to your response, as a start, I'll pick on: > 3.) InformationClass == TrustedPasswordInformation > LSAPR_TRUSTED_PASSWORD_INFO (MS-LSAD section 2.2.46) > This can be any of the stored secret objects on the TDO such as > TrustAuthIncoming and TrustAuthOutgoing (MS-ADTS section 7.1.6.7.10 > and 7.1.6.7.11) So (and this in part relates to my broader question), what is the link between G$$<trustedomainname> secrets and trustAuthIncoming. Please specify to the extent that given an LDAP database, possibly containing such trust objects, I could both set and query these values, with the this call and with the secrets calls. Thanks, Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc.
signature.asc
Description: This is a digitally signed message part
_______________________________________________ cifs-protocol mailing list [email protected] https://lists.samba.org/mailman/listinfo/cifs-protocol
