In MS-LSAD 3.1.4.6.3 LsarSetSecret it states that:
The server MUST also maintain "time stamp" values for current and old values of
the secret object.
The following table lists the rules by which the time stamps are computed.
Value Effect on old time
Effect on new time
Old secret value NULL Old value of "new secret time" Not
applicable
Old secret value Non-NULL Current server time Not
applicable
New secret value NULL Not applicable
Current server time
New secret value Non-NULL Not applicable
Current server timeHowever, tests against Window 2008 show that setting the old value (but not the new) removes the new value, and sets the time to 'current server time' Please update the docs, Thanks, Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc.
signature.asc
Description: This is a digitally signed message part
_______________________________________________ cifs-protocol mailing list [email protected] https://lists.samba.org/mailman/listinfo/cifs-protocol
