[Dochelp to bcc] Matthieu,
This issue is being tracked as case 112021212002899. An acknowledgement has been sent as well. One of our teammates will follow-up with you soon. Regards, Edgar -----Original Message----- From: Darryl Welch Sent: Monday, February 13, 2012 12:17 PM To: Interoperability Documentation Help Cc: [email protected] Subject: FW: encryption key for NetrLogonSamLogonEx It looks like Matt received an NDR when attempting to send this request to Dochelp. -----Original Message----- From: Matthieu Patou [mailto:[email protected]] Sent: Saturday, February 11, 2012 3:41 PM To: Interoperability Documentation Help; [email protected]; [email protected] Subject: encryption key for NetrLogonSamLogonEx Hello Dochelp, A bug report concerning user's session key was reported in samba when using level 3 validation for NetrLogonSamLogonEx. I did a bit of investigation and witnessed the corruption if we use level 3 validation for NetrLogonSamLogonEx and if samba opens more than 1 schannel connection with one DC and is not using the session key of the latest connection for decrypting the user's session key (and other encrypted fields) in the Validation 3 response. I checked that samba is using the same key for encrypting and decrypting schannel and sensitive fields in the validation 3 response of the NetrLogonSamLogonEx call. MS-NRPC seems to indicate that the session key should be the same and I didn't find a trace in the documentation saying that only the latest session key exchanged during a NetrAuthenticateX and what seems even more puzzeling is that using the "old" session key for schannel encryption and decryption works. Can you explain us the problem ? I can do TTTrace as the problem is highly reproducible. Matthieu. -- Matthieu Patou Samba Team http://samba.org _______________________________________________ cifs-protocol mailing list [email protected] https://lists.samba.org/mailman/listinfo/cifs-protocol
