On Fri, 2008-11-07 at 09:05 -0800, Bill Wesse wrote: > Good morning again Andrew. I have (once again) attached the latest > copy of the document. This document will not be part of the protocol > documentation set. > > Aside from the unencrypted versions of the network frames in the > document (which I will get to as soon as I can), I would like to know > if I have answered all of your questions - and where I may have missed > the target.
Sadly, this is way off target. I meant it when I said it was a good start - this is the first chapter, not the complete reference. A trusted domain relationship exists to be used - I need to have a clear overview of how authentication and other information flows between trusted domains. Is DRS synchronisation used? How is it used and between what trust types? How does a domain know which other domain to contact about an attempted login with a user principal name? How are the transitive trust relationships followed to allow access to a resource in some far-away domain? When a user (from a trusted domain) is added to a security descriptor, how is that name resolved? What purpose does the global catalog take in trusted domain environments and how is it consulted when dealing with inter-forest trusts? These are just some of the questions I would expect an overview of trusted domains to show (with links to the explicit details of calls, but 200 pages of packet captures isn't a substitute for real detail). Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc.
signature.asc
Description: This is a digitally signed message part
_______________________________________________ cifs-protocol mailing list [email protected] https://lists.samba.org/mailman/listinfo/cifs-protocol
