On Wed, 2008-09-03 at 12:38 -0700, Richard Guthrie wrote: > Andrew, > > I have completed my research on LsarSetSecret. The documentation > provides information when you have an exception case such as when one > updates EncryptedCurrentValue. I have included a scenario that might > help clarify the behavior: > > Scenario: > I have a secret object with old and new secret values set and both > have timestamps indicating when the values were last updated/set. I > then make a call to LsarSetSecret passing in null for new secret value > and a value I choose for old secret value. > > This will null out the new secret value and update the old secret > value. I should also observe that the timestamps for both old/new > secret values would be set to current server time. The table you > reference shows this to be the behavior.
Indeed it does. Did this table change from it's original description? As it stands, the format is confusing because of the way the operations are linked but also independent. A table with headings New value | Old Value | Effect on old time | effect on new time would be more clear, or as they are (almost) independent operations, describe them as such. > However, tests against Window 2008 show that setting the old value > (but not the new) removes the new value, and sets the time to 'current > server time' Perhaps however you should note the change in behaviour since windows 2003? Perhaps run RPC-LSA from our GIT tree to see the changes. (It seems the NULL behaviour changed from 'don't change' to 'remove' in some cases). Thanks, Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc.
signature.asc
Description: This is a digitally signed message part
_______________________________________________ cifs-protocol mailing list [email protected] https://lists.samba.org/mailman/listinfo/cifs-protocol
