On Wed, 2009-09-02 at 22:09 +0000, Hongwei Sun wrote: > Andrew, > > We confirmed that Windows server 2008 and later systems addressed the > problem by implementing validation of the DNSHostName and SPN in > NetrLogonGetDomainInfo to enforce the same constraints as specified in > section 3.1.1.5.3.1.1.2(dNSHostName) and > 3.1.1.5.3.1.1.4(servicePrincipalName) in MS-ADTS. Therefore you should > follow these rules to match the Windows behaviors. > > Please let us know if you have further questions.
Did we determine earlier that these updates occur regardless of the access control on the object (confirmed with AD Dev team, but I don't think it's in the docs). Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Cisco Inc.
signature.asc
Description: This is a digitally signed message part
_______________________________________________ cifs-protocol mailing list [email protected] https://lists.samba.org/mailman/listinfo/cifs-protocol
