On Fri, 2008-08-29 at 13:32 -0700, John Dunning wrote: > Hello Andrew, > I have reviewed the network capture and it clearly shows what you > are describing. The reason that the msprc fault occurred in Frame 1695 > is that there is no Authverifier information in the > LSARPC:LsarLookupSids3 Request in Frame 1694. Looking at a successful > LSARPC:LsarLookupSids3 Request in a different capture I see that the > Authverifier field is present. This field contains the > RPC_C_AUTHN_NETLOGON and the RPC_C_AUTHN_LEVEL_INTEGRITY information. > I am theorizing that the Authverifier field is missing in your trace > because there was not a RPC Bind exchange prior to this request.
Well, you have the full trace - see the RPC bind in packet 22 > My source code investigation indicates that if the Authverifier field > is present that the server will behave as described in MS-LSAT > 3.1.4.9. When the Authverifier field is absent then it will lead to an > msrpc Fault of access denied. We have connected with level 'connect', which does not have an authentication verifier. All previous packets (prepared similarly) are processed. Why is this call different? > Is it the intention of your test to determine what would happen when a > LSARPC:LsarLookupSids3 Request is made when there is no Authverifier > information present? The intention of this test is to run over all the calls, and test each one. We were expecting an error code of NT_STATUS_RPC_PROTSEQ_NOT_SUPPORTED or NT_STATUS_ACCESS_DENIED. Getting an RPC fault was most unexpected. Perhaps there is there a way certain calls are marked in the IDL as to cause this behaviour? > Thanks > John > > PS: I looked into your question about running your test suites. I > found out that some of the Interop folks have an instance of your > Samba 4 running as a DC and that some of the SMBTorture tests have > been run against it. More information in this area should be > forthcoming. That part is easy - do they have smbtorture running against Windows servers, or your tests running against Samba? -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc.
signature.asc
Description: This is a digitally signed message part
_______________________________________________ cifs-protocol mailing list [email protected] https://lists.samba.org/mailman/listinfo/cifs-protocol
