On Wed, 2008-09-10 at 03:34 -0700, Bill Wesse wrote: > Good morning Andrew. I have created the new case as noted in the > Subject line. I expect you will be happy to know that we are > initiating a strong recommendation that the objectSid definition in > [MS-ADA3] be modified as shown below. Thank you for your persistence > on this topic.
No worries. > I will keep you advised of progress! > > > Change: > > 2.44 Attribute objectSid > This attribute specifies a binary value that specifies the security > identifier (SID) of the user. The SID is a unique value used to > identify the user as a security principal. For more information on the > SID data type, refer to [MS-DTYP] section 2.4.2. SID usage is also > discussed in [MS-ADTS], in particular in section 3.1.1.1.3. > > To: > > 2.44 Attribute objectSid > This attribute specifies a variable-length byte array value that > specifies the security identifier (SID) of the user. For more > information on the SID data type, refer to [MS-DTYP] section 2.4.2. It > also may be represented as a UTF-8 string that is a valid SDDL SID > string beginning with "S-" (see [MS-DTYP] sections 2.4.2 and 2.5.1, > and [MS-ADTS] 3.1.1.3.1.2.5). The SID is a unique value used to > identify the user as a security principal. SID usage is also discussed > in [MS-ADTS], in particular in section 3.1.1.1.3. That looks good. Let me know how you go - I had understood from the call that we were at a stalemate, so I'm particularly glad to see this (potentially) moving forward. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc.
signature.asc
Description: This is a digitally signed message part
_______________________________________________ cifs-protocol mailing list [email protected] https://lists.samba.org/mailman/listinfo/cifs-protocol
