Metze/Andrew,
We updated the description of userParameters in MS-ADA3 and other related
documents to clarify that it is not saved as utf16 or utf8 Unicode strings as
below. They will appear in the next release of the open protocol documents.
MS-ADA3
Section 2.345 (Attribute userParameters)
-- The description of the userParameters attribute, which has
been changed as follows:
Before:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - -
This attribute specifies parameters of the user. Points to a Unicode
string that is set aside for use by applications. This string can be a null
string, or it can have any number of characters before the terminating null
character. Terminal servers use this attribute to store session configuration
data for the user. For more information, see [MS-TSTS].
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - -
After:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - -
This attribute specifies parameters of the user and is set aside for
use by applications. Terminal servers use this attribute to store session
configuration data for the user. For more information, see [MS-TSTS].
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - -
MS-ADLS
Section 2.374 (Attribute userParameters)
-- The description of the userParameters attribute, which has been
changed as follows:
Before:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - -
This attribute specifies the user's parameters. This attribute
points to a Unicode string that is set aside for use by applications. This
string can be a null string, or it can have any number of characters before the
terminating null character. Microsoft products use this member to store user
data that is
specific to the individual program.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - -
After:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - -
This attribute specifies the user's parameters and is set aside
for use by applications. Microsoft products use this member to store user data
that is specific to the individual program.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - -
MS-TSTS
Section 2.3.1 (userParameters)
-- The description of the userParameters attribute, which has
been changed as follows:
Before:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
... This configuration data is returned in a USERCONFIG structure
by the RpcGetConfigData method. Microsoft Terminal Services stores the user
configuration data ... in the following format
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
After:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
... This configuration data is returned in a USERCONFIG structure
by the RpcGetConfigData method. Microsoft Terminal Services does not use UTF-8
or UTF-16 encoding to store the configuration data in the userParameters
attribute. Microsoft Terminal Services stores the user configuration data ...
in
the following format
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - -
As far as the detailed layout of the userParameter, we documented the
structure used by Microsoft Terminal Server in 2.3.1 of MS-TSTS last year,
except the first 96 bytes of userParameter property(marked as reservedData)
that is used by the RAS server. The following are preliminary technical
details of the structure in the first 96 bytes of the property.
typedef struct {
WCHAR up_MACid; // This value would be 'm'
WCHAR up_PriGrp[20];
WCHAR up_MAC_Terminator;
WCHAR up_DIALid; // This value would be 'd'
WCHAR up_Privilege;
WCHAR up_CBNum[24];
} USER_PARMS;
When up_DIALid of USER_PARMS structure is set to ‘d’, the up_Privilege
member contains any one of the following values.
Value Meaning
RASPRIV_NoCallback (0x01) The RAS server will
not call back the user to establish a connection.
RASPRIV_AdminSetCallback (0x02) When the user calls, the RAS server
hangs up and calls a preset call-back phone number stored in the user account
database. The up_CBNum member of USER_PARMS structure contains the user's
call-back phone number.
RASPRIV_CallerSetCallback (0x04) When the user calls, the RAS
server provides the option of specifying a call-back phone number. The user can
also choose to connect immediately without a call back. The up_CBNum member of
USER_PARMS contains a default number that the user can override.
RASPRIV_DialinPrivilege (0x08) The user has permission
to dial in to the RAS server.
We are still working on the process for adding this structure into one of
the RAS-related documents. When the process is finished, I will send you the
final version.
Combining MS-TSTS for the entire structure and the RAS document for the
first 96 bytes, we will provide the complete documentation for userParameter
attribute.
Thanks!
Hongwei
-----Original Message-----
From: Andrew Bartlett [mailto:abart...@samba.org]
Sent: Sunday, May 29, 2011 6:24 PM
To: Hongwei Sun
Cc: Stefan (metze) Metzmacher; p...@tridgell.net; cifs-proto...@samba.org;
Obaid Farooqi; Michael Ströder
Subject: Re: [REG: 111052361876778] RE: userParameters attribute
On Fri, 2011-05-27 at 22:40 +0000, Hongwei Sun wrote:
> Metze,
>
> The UserParameters attribute was documented in 2.345 MS-ADA3. It is
> defined as a Unicode string as below:
>
> " This attribute specifies parameters of the user. Points to a
> Unicode string that is set aside for use by applications. This string
> can be a null string, or it can have any number of characters before
> the terminating null character. Terminal servers use this attribute to store
> session configuration data for the user. For more information, see [MS-TSTS]."
>
> As per MD-GLOS , throughout the protocol document, unless otherwise
> specified , an Unicode string follows the UTF-
> 16LE encoding scheme with no Byte Order Mark (BOM). so it is not documented
> as UTF8 Unicode string.
>
> But I am wondering if it matters what kind of Unicode encoding (utf8 vs
> utf16) is used. The structure layout of this attribute is documented in
> 2.3.1 MS-TSTS. It is just a BLOB interpreted by the Terminal Service , not a
> null terminated Unicode string. We may be not correct to define the
> attribute as a Unicode string (attributeSyntax: 2.5.5.12 ) in 2.345 MS-ADA3.
> I will file a request to check with the product team.
I thought it wasn't NULL terminated in the traditional sense, as the Terminal
Services stuff has embedded NULLs, and was after a NULL that allowed it to be
stuffed there in the first place.
The story I recall is that when Terminal services was first developed outside
Microsoft, that the dialback string for RAS was the only parameter in the SAM
that could be safely extended, and this was done after the initial terminating
NULL (of the RAS dialback string).
We have had some real trouble dealing with this over time, with Samba3 domains
hosting terminal services, and that's why we want to get this right, once and
for all for Samba4. In particular, we are keen to ensure we know exactly the
right transformations required between the LDAP and RPC representations. Even
if it is a duplicate, it is a special enough case to warrant a clear, specific
explanation or clarification.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
_______________________________________________
cifs-protocol mailing list
cifs-protocol@cifs.org
https://lists.samba.org/mailman/listinfo/cifs-protocol
