In MS-LSAD 2.2.53 POLICY_DOMAIN_KERBEROS_TICKET_INFO, it states: AuthenticationOptions: Optional flags that affect validations performed during authentication.
What are the optional flags, what do they do, and where are they defined?
(this is the packet against Windows 2008)
trying QueryDomainInformationPolicy level 3
lsa_QueryDomainInformationPolicy: struct lsa_QueryDomainInformationPolicy
in: struct lsa_QueryDomainInformationPolicy
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid :
5b01caf4-d140-4325-b851-18cafb0c251c
level : 0x0003 (3)
lsa_QueryDomainInformationPolicy: struct lsa_QueryDomainInformationPolicy
out: struct lsa_QueryDomainInformationPolicy
info : *
info : union
lsa_DomainInformationPolicy(case 3)
kerberos_info: struct lsa_DomainInfoKerberos
enforce_restrictions : 0x00000080 (128)
service_tkt_lifetime : 0x00000053d1ac1000 (360000000000)
user_tkt_lifetime : 0x00000053d1ac1000 (360000000000)
user_tkt_renewaltime : 0x0000058028e44000
(6048000000000)
clock_skew : 0x00000000b2d05e00 (3000000000)
unknown6 : 0x0000000000000000 (0)
result : NT_STATUS_OK
Thanks,
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
signature.asc
Description: This is a digitally signed message part
_______________________________________________ cifs-protocol mailing list [email protected] https://lists.samba.org/mailman/listinfo/cifs-protocol
