In MS-LSAT 3.1.4.9 it states that: The RPC server MUST ensure that the RPC_C_AUTHN_NETLOGON security provider (as specified in [MS-RPCE] section 2.2.1.1.7) and at least RPC_C_AUTHN_LEVEL_INTEGRITY authentication level (as specified in [MS-RPCE] section 2.2.1.1.8) are used in this RPC message. Otherwise, the RPC server MUST return STATUS_ACCESS_DENIED.
However the behaviour against Windows 2008 is to give an RPC-level fault (access denied), and to prevent any further communication on the named pipe (futher requests get NT_STATUS_PIPE_DISCONNECTED at the trans2 level). Please update the docs, Thanks, Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc.
signature.asc
Description: This is a digitally signed message part
_______________________________________________ cifs-protocol mailing list [email protected] https://lists.samba.org/mailman/listinfo/cifs-protocol
