Good morning Andrew. Thank you for your question! I have created a new case for this (info below); one of my colleagues will take ownership of this and contact you soon.
SRX080903600016 [MS-ADTS] 3.1.1.4.5.16 kvno for trusted domain entities Regards, Bill Wesse MCSE / Escalation Engineer, US-CSS DSC PROTOCOL TEAM 8055 Microsoft Way Charlotte, NC 28273 TEL: +1(980) 776-8200 CELL: +1(704) 661-5438 FAX: +1(704) 665-9606 We're Hiring http://members.microsoft.com/careers/search/details.aspx?JobID=A976CE32-B0B9-41E3-AF57-05A82B88383E&start=1&interval=10&SortCol=DatePosted -----Original Message----- From: Andrew Bartlett [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 03, 2008 12:13 AM To: Interoperability Documentation Help Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: KVNO of trusts How do I determine what Key Version Number (kvno) to assign to trusted domain entities in the KDC? For normal users, we have msDS-KeyVersionNumber, but as per our previous discussions, trusts do not need cn=user type objects for interoperability (I point I dispute, but regardless). So, what is the source of the key version number for these principals? (Is it the 'for NETLOGON use' version number in the trustAuthIncoming and trustAuthOutgoing attributes, for example?) Thanks, Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc. _______________________________________________ cifs-protocol mailing list [email protected] https://lists.samba.org/mailman/listinfo/cifs-protocol
