Re: [cifs-protocol] [REG:110011477385004] RE: userParameters attribute

2010-06-21 Thread Andrew Bartlett 
On Mon, 2010-06-21 at 22:54 +, Hongwei Sun wrote:
> Andrew,
> 
>   Sorry about the delay to give you a confirmation.  

No worries. 

> We have been spending time to review the usage of UserParameters in
> other Windows components based on the information you provided.   We
> found that this attribute is indeed still used by at least one other
> Microsoft product, such as RAS Server.  The related product team is
> working on this to find how to document it.  During my vacation, I
> will ask one of my team member (Obaid) to monitor the progress and
> send you the update when it is available.

Isn't software archeology fun!

Enjoy your break, and don't stress about this one too much.  I look
forward to seeing a final breakdown of the structure some day, to help
those trying to write user management tools for Samba4.

Thanks,

Andrew Bartlett

___
cifs-protocol mailing list
cifs-protocol@cifs.org
https://lists.samba.org/mailman/listinfo/cifs-protocol

Re: [cifs-protocol] [REG:110011477385004] RE: userParameters attribute

2010-06-21 Thread Hongwei Sun 
Andrew,

  Sorry about the delay to give you a confirmation.  We have been spending time 
to review the usage of UserParameters in other Windows components based on the 
information you provided.   We found that this attribute is indeed still used 
by at least one other Microsoft product, such as RAS Server.  The related 
product team is working on this to find how to document it.  During my 
vacation, I will ask one of my team member (Obaid) to monitor the progress and 
send you the update when it is available.

Thanks!

Hongwei 

 
-Original Message-
From: Andrew Bartlett [mailto:abart...@samba.org] 
Sent: Tuesday, June 01, 2010 5:57 PM
To: Hongwei Sun
Cc: tri...@samba.org; p...@tridgell.net; cifs-proto...@samba.org; MSSolve Case 
Email; Michael Ströder
Subject: RE: [cifs-protocol] [REG:110011477385004] RE: userParameters attribute

On Tue, 2010-06-01 at 22:51 +, Hongwei Sun wrote:
> Andrew,
> 
>This 96 bytes unused data is not currently used by Terminal Service. The 
> following is the update to the documentation:
> 
>UnusedData (96 bytes):  A 96 byte array of unused data. This array is 
> filled with the ASCII character for space (0x20). 

So I take it that the 'dial back number' stuff no longer exists?

Andrew Bartlett

-- 
Andrew Bartletthttp://samba.org/~abartlet/
Authentication Developer, Samba Team   http://samba.org
Samba Developer, Cisco Inc.

___
cifs-protocol mailing list
cifs-protocol@cifs.org
https://lists.samba.org/mailman/listinfo/cifs-protocol

Re: [cifs-protocol] [REG:110011477385004] RE: userParameters attribute

2010-06-01 Thread Andrew Bartlett 
On Tue, 2010-06-01 at 22:51 +, Hongwei Sun wrote:
> Andrew,
> 
>This 96 bytes unused data is not currently used by Terminal Service. The 
> following is the update to the documentation:
> 
>UnusedData (96 bytes):  A 96 byte array of unused data. This array is 
> filled with the ASCII character for space (0x20). 

So I take it that the 'dial back number' stuff no longer exists?

Andrew Bartlett

-- 
Andrew Bartletthttp://samba.org/~abartlet/
Authentication Developer, Samba Team   http://samba.org
Samba Developer, Cisco Inc.



signature.asc
Description: This is a digitally signed message part
___
cifs-protocol mailing list
cifs-protocol@cifs.org
https://lists.samba.org/mailman/listinfo/cifs-protocol

Re: [cifs-protocol] [REG:110011477385004] RE: userParameters attribute

2010-06-01 Thread Hongwei Sun 
Andrew,

   This 96 bytes unused data is not currently used by Terminal Service. The 
following is the update to the documentation:

   UnusedData (96 bytes):  A 96 byte array of unused data. This array is filled 
with the ASCII character for space (0x20). 

Thanks!

Hongwei


-Original Message-
From: Andrew Bartlett [mailto:abart...@samba.org] 
Sent: Wednesday, May 26, 2010 6:19 PM
To: Hongwei Sun
Cc: tri...@samba.org; p...@tridgell.net; cifs-proto...@samba.org; MSSolve Case 
Email; Michael Ströder
Subject: RE: [cifs-protocol] [REG:110011477385004] RE: userParameters attribute

On Wed, 2010-05-26 at 23:07 +, Hongwei Sun wrote:
> Andrew,
> 
>We have confirmed that currently "UserParameter" attribute is only used by 
> the Terminal Service and there is no any other Microsoft product that also 
> uses this attribute. The Terminal Service doesn't use the first 96 bytes of 
> the "UserParameter" attribute.  In order to avoid any confusion, we will 
> rename "MSProductData" to "UnusedData" in the 2.3.1 of the future release of 
> MS-TSTS.
> 
>Please let us know if you have any more question, if not, I will consider 
> this case closed.

That's weird.  For ages, this was referred to in samba as the 'munged dialback 
field', because (from memory) the first part was meant to contain the phone 
number to call back for old-style modem-callback security.  I take it that this 
does not exist any more?

For reference, we finally got rid of the field in this commit:
http://www.mail-archive.com/samba-...@lists.samba.org/msg49021.html

UNISTR2 uni_munged_dial ; /* munged path name and dial-back tel no */

Where the field after 'comment' on SAM_USER_INFO_23 became 'parameters'
from the IDL.

This 'parameters' maps to userParameter in LDAP. 

Andrew Bartlett

-- 
Andrew Bartletthttp://samba.org/~abartlet/
Authentication Developer, Samba Team   http://samba.org
Samba Developer, Cisco Inc.

___
cifs-protocol mailing list
cifs-protocol@cifs.org
https://lists.samba.org/mailman/listinfo/cifs-protocol

Re: [cifs-protocol] [REG:110011477385004] RE: userParameters attribute

2010-05-26 Thread Andrew Bartlett 
On Wed, 2010-05-26 at 23:07 +, Hongwei Sun wrote:
> Andrew,
> 
>We have confirmed that currently "UserParameter" attribute is only used by 
> the Terminal Service and there is no any other Microsoft product that also 
> uses this attribute. The Terminal Service doesn't use the first 96 bytes of 
> the "UserParameter" attribute.  In order to avoid any confusion, we will 
> rename "MSProductData" to "UnusedData" in the 2.3.1 of the future release of 
> MS-TSTS.
> 
>Please let us know if you have any more question, if not, I will consider 
> this case closed.

That's weird.  For ages, this was referred to in samba as the 'munged
dialback field', because (from memory) the first part was meant to
contain the phone number to call back for old-style modem-callback
security.  I take it that this does not exist any more?

For reference, we finally got rid of the field in this commit:
http://www.mail-archive.com/samba-...@lists.samba.org/msg49021.html

UNISTR2 uni_munged_dial ; /* munged path name and dial-back tel no */

Where the field after 'comment' on SAM_USER_INFO_23 became 'parameters'
from the IDL.

This 'parameters' maps to userParameter in LDAP. 

Andrew Bartlett

-- 
Andrew Bartletthttp://samba.org/~abartlet/
Authentication Developer, Samba Team   http://samba.org
Samba Developer, Cisco Inc.



signature.asc
Description: This is a digitally signed message part
___
cifs-protocol mailing list
cifs-protocol@cifs.org
https://lists.samba.org/mailman/listinfo/cifs-protocol

Re: [cifs-protocol] [REG:110011477385004] RE: userParameters attribute

2010-05-26 Thread Hongwei Sun 
Andrew,

   We have confirmed that currently "UserParameter" attribute is only used by 
the Terminal Service and there is no any other Microsoft product that also uses 
this attribute. The Terminal Service doesn't use the first 96 bytes of the 
"UserParameter" attribute.  In order to avoid any confusion, we will rename 
"MSProductData" to "UnusedData" in the 2.3.1 of the future release of MS-TSTS.

   Please let us know if you have any more question, if not, I will consider 
this case closed.

Thanks!

Hongwei


-Original Message-
From: Andrew Bartlett [mailto:abart...@samba.org] 
Sent: Friday, May 14, 2010 6:12 PM
To: Hongwei Sun
Cc: tri...@samba.org; p...@tridgell.net; cifs-proto...@samba.org; MSSolve Case 
Email; Michael Ströder
Subject: Re: [cifs-protocol] [REG:110011477385004] RE: userParameters attribute

On Tue, 2010-04-13 at 18:18 +, Hongwei Sun wrote:
> Tridge,
> 
>I just want to check with you to see if  you have any question regarding 
> the newly added documentation for this attribute.  If not, I will close this 
> CAR.  

The reference is good, but it seems there is a problem because of the way this 
parameter is split between products. 

In particular, while this may be true for MS-TSTS:
[MS-TSTS] 2.3.1 UserParamerters:
MSProductData (96 bytes): A 96 byte Unicode character array containing
48 Unicode characters. This field is not used by Microsoft Terminal Services.

We need to know the full decode of the structure, regardless of which product 
or document owns it.  In short, what is the meaning and expected contents of 
MSProductData?

Thanks,

Andrew Bartlett
-- 
Andrew Bartletthttp://samba.org/~abartlet/
Authentication Developer, Samba Team   http://samba.org
Samba Developer, Cisco Inc.

___
cifs-protocol mailing list
cifs-protocol@cifs.org
https://lists.samba.org/mailman/listinfo/cifs-protocol

Re: [cifs-protocol] [REG:110011477385004] RE: userParameters attribute

2010-05-17 Thread Hongwei Sun 
Andrew,

   I will work on your request and let you know when I get the information you 
need.

Thanks!

Hongwei

-Original Message-
From: Andrew Bartlett [mailto:abart...@samba.org] 
Sent: Friday, May 14, 2010 6:12 PM
To: Hongwei Sun
Cc: tri...@samba.org; p...@tridgell.net; cifs-proto...@samba.org; MSSolve Case 
Email; Michael Ströder
Subject: Re: [cifs-protocol] [REG:110011477385004] RE: userParameters attribute

On Tue, 2010-04-13 at 18:18 +, Hongwei Sun wrote:
> Tridge,
> 
>I just want to check with you to see if  you have any question regarding 
> the newly added documentation for this attribute.  If not, I will close this 
> CAR.  

The reference is good, but it seems there is a problem because of the way this 
parameter is split between products. 

In particular, while this may be true for MS-TSTS:
[MS-TSTS] 2.3.1 UserParamerters:
MSProductData (96 bytes): A 96 byte Unicode character array containing
48 Unicode characters. This field is not used by Microsoft Terminal Services.

We need to know the full decode of the structure, regardless of which product 
or document owns it.  In short, what is the meaning and expected contents of 
MSProductData?

Thanks,

Andrew Bartlett
-- 
Andrew Bartletthttp://samba.org/~abartlet/
Authentication Developer, Samba Team   http://samba.org
Samba Developer, Cisco Inc.

___
cifs-protocol mailing list
cifs-protocol@cifs.org
https://lists.samba.org/mailman/listinfo/cifs-protocol

Re: [cifs-protocol] [REG:110011477385004] RE: userParameters attribute

2010-05-14 Thread Andrew Bartlett 
On Tue, 2010-04-13 at 18:18 +, Hongwei Sun wrote:
> Tridge,
> 
>I just want to check with you to see if  you have any question regarding 
> the newly added documentation for this attribute.  If not, I will close this 
> CAR.  

The reference is good, but it seems there is a problem because of the
way this parameter is split between products. 

In particular, while this may be true for MS-TSTS:
[MS-TSTS] 2.3.1 UserParamerters:
MSProductData (96 bytes): A 96 byte Unicode character array containing
48 Unicode characters. This field is not used by Microsoft Terminal
Services.

We need to know the full decode of the structure, regardless of which
product or document owns it.  In short, what is the meaning and expected
contents of MSProductData?

Thanks,

Andrew Bartlett
-- 
Andrew Bartletthttp://samba.org/~abartlet/
Authentication Developer, Samba Team   http://samba.org
Samba Developer, Cisco Inc.



signature.asc
Description: This is a digitally signed message part
___
cifs-protocol mailing list
cifs-protocol@cifs.org
https://lists.samba.org/mailman/listinfo/cifs-protocol

Re: [cifs-protocol] [REG:110011477385004] RE: userParameters attribute

2010-04-28 Thread Hongwei Sun 
Andrew,

  Yes, I already filed a request to add the reference to the information we 
added to 2.345 MS-ADA3 "Userparameter Attribute".  

Thanks!

Hongwei

 
-Original Message-
From: Andrew Bartlett [mailto:abart...@samba.org] 
Sent: Tuesday, April 27, 2010 8:25 PM
To: Hongwei Sun
Cc: tri...@samba.org; p...@tridgell.net; cifs-proto...@samba.org; MSSolve Case 
Email; Michael Ströder
Subject: Re: [cifs-protocol] [REG:110011477385004] RE: userParameters attribute

On Tue, 2010-04-13 at 18:18 +, Hongwei Sun wrote:
> Tridge,
> 
>I just want to check with you to see if  you have any question regarding 
> the newly added documentation for this attribute.  If not, I will close this 
> CAR.  

Can you make sure this information is referenced from the schema docs and 
available under WSPP?  

Thanks,

Andrew Bartlett

-- 
Andrew Bartletthttp://samba.org/~abartlet/
Authentication Developer, Samba Team   http://samba.org
Samba Developer, Cisco Inc.
___
cifs-protocol mailing list
cifs-protocol@cifs.org
https://lists.samba.org/mailman/listinfo/cifs-protocol

Re: [cifs-protocol] [REG:110011477385004] RE: userParameters attribute

2010-04-27 Thread Andrew Bartlett 
On Tue, 2010-04-13 at 18:18 +, Hongwei Sun wrote:
> Tridge,
> 
>I just want to check with you to see if  you have any question regarding 
> the newly added documentation for this attribute.  If not, I will close this 
> CAR.  

Can you make sure this information is referenced from the schema docs
and available under WSPP?  

Thanks,

Andrew Bartlett

-- 
Andrew Bartletthttp://samba.org/~abartlet/
Authentication Developer, Samba Team   http://samba.org
Samba Developer, Cisco Inc.


signature.asc
Description: This is a digitally signed message part
___
cifs-protocol mailing list
cifs-protocol@cifs.org
https://lists.samba.org/mailman/listinfo/cifs-protocol

Re: [cifs-protocol] [REG:110011477385004] RE: userParameters attribute

2010-04-13 Thread Hongwei Sun 
Tridge,

   I just want to check with you to see if  you have any question regarding the 
newly added documentation for this attribute.  If not, I will close this CAR.  

Thanks!

Hongwei

-Original Message-
From: Hongwei Sun 
Sent: Tuesday, April 06, 2010 2:49 PM
To: 'tri...@samba.org'
Cc: cifs-proto...@samba.org; p...@tridgell.net; Michael Ströder; MSSolve Case 
Email
Subject: [REG:110011477385004] RE: userParameters attribute

Tridge,

  We finished updating the protocol document for the userParameters attribute.  
 Since this attribute is used by the Terminal Services Terminal Server Runtime 
Interface, it is documented in [MS-TSTS]: Terminal Services Terminal Server 
Runtime Interface Protocol Specification 
(http://msdn.microsoft.com/en-us/library/cc248570(v=PROT.10).aspx) , which is a 
part of MCPP document set.   The information below has been added to the 
document and will appear in the future release on MSDN.

  The following are the updated sections in MS-TSTS.  I  attached a separate 
PDF file for your reference.

1.   The table in Section 2.3, Directory Service Schema Elements, was modified 
to denote that the attributes listed previously are not used by Microsoft 
Terminal Services and a new attribute, userParameters, was added to the table.

2.  The section 2.3.1,  UserParameters, was added.

3.  The section 2.3.2,   Encoding and decoding PropValue field, was added. 

4.  The section 4.5,   example for Encoding/Decoding, was added

  Please let us know if you need any more information for this topic.

Thanks!

Hongwei


-Original Message-
From: tri...@samba.org [mailto:tri...@samba.org]
Sent: Thursday, January 14, 2010 2:55 PM
To: Interoperability Documentation Help
Cc: cifs-proto...@samba.org; p...@tridgell.net; Michael Ströder
Subject: CAR: userParameters attribute

Dear Dochelp,

The userParameters attribute on a user in AD seems to be a bit of a puzzle. 
Could you add some docs on it at some stage? Not a really high priority, but we 
would eventually like to be able to offer admin tools that manage things like 
session activity timeouts, and it seems that we need to know how to parse and 
create userParameters to do that.

An example userParameters attribute from w2k8r2 (in base64 form) is this:

userParameters:: Q3R4Q2ZnUHJlc2VudCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgI
  CAgUAsaCAFDdHhDZmdQcmVzZW5045S15pSx5oiw44GiIAIBQ3R4V0ZQcm9maWxlUGF0aOOAsBgCAU
  N0eFdGSG9tZURpcuOAsCICAUN0eFdGSG9tZURpckRyaXZl44CwEggBQ3R4U2hhZG9344Sw44Cw44C
  w44CwLggBQ3R4TWF4RGlzY29ubmVjdGlvblRpbWXjgaXjjLnjkLDjgLAoCAFDdHhNYXhDb25uZWN0
  aW9uVGltZeOAtOOct+aIseOAsBwIAUN0eE1heElkbGVUaW1l44Gj45yy46Sw44CwIAIBQ3R4V29ya
  0RpcmVjdG9yeeOAsBgIAUN0eENmZ0ZsYWdzMeOAsOOBpuOYsuOAuCICAUN0eEluaXRpYWxQcm9ncm
  Ft44Cw

the above came from using the windows user admin tool to change the session 
activity timeout for a test user.

Michael Ströder has also pointed out this page:

  http://daduke.org/linux/userparameters.html

which documents a previous effort by the Linux thin client community to work 
out the format of userParameters. I'm guessing the strange encoding is used to 
try to keep the attribute as valid UTF8. If you can confirm that the attribute 
is always valid UTF8 that would be great (as otherwise we might corrupt it 
during replication with windows).

As I mentioned, this is not a high priority, but it would be nice to know the 
format at some stage.

Cheers, Tridge

___
cifs-protocol mailing list
cifs-protocol@cifs.org
https://lists.samba.org/mailman/listinfo/cifs-protocol

Re: [cifs-protocol] [REG:110011477385004] RE: userParameters attribute

2010-02-01 Thread Hongwei Sun 
Tridge,

  Could you please take a look at my question below so I can proceed with this 
request ?   If you are busy,  we can always come back to visit it whenever it 
is good time for you.

Thanks !

Hongwei 

-Original Message-
From: Hongwei Sun 
Sent: Tuesday, January 19, 2010 9:31 PM
To: 'tri...@samba.org'
Cc: cifs-proto...@samba.org; p...@tridgell.net; Michael Ströder; MSSolve Case 
Email
Subject: [REG:110011477385004] RE: userParameters attribute

Tridge,

   How did you generate the UserParameters you mentioned in the e-mail ?  I got 
a little bit different result.   The steps  I used are

(1) Open "Avtive Directory Users and Computers" ->  "User"  ->  select a user 
such as "Administrator"
(2) In Properties windows , select "Sessions" tab and then change "Active 
session limit" 
(3) Then the UserParametes attribute was added to the user object,  the value 
is something like 
 userParameters:   
PCtxCfgPresentCtxCfgFlags1CtxShadow*CtxMinEncryptionLevel?"
 

  UserParameters attribute is used for storing user specific data for 
individual programs, such as RAS and Terminal Service.  I just want to make 
sure we are looking at the same tool. 

Thanks!

Hongwei

-Original Message-
From: tri...@samba.org [mailto:tri...@samba.org] 
Sent: Thursday, January 14, 2010 2:55 PM
To: Interoperability Documentation Help
Cc: cifs-proto...@samba.org; p...@tridgell.net; Michael Ströder
Subject: CAR: userParameters attribute

Dear Dochelp,

The userParameters attribute on a user in AD seems to be a bit of a
puzzle. Could you add some docs on it at some stage? Not a really high
priority, but we would eventually like to be able to offer admin tools
that manage things like session activity timeouts, and it seems that
we need to know how to parse and create userParameters to do that.

An example userParameters attribute from w2k8r2 (in base64 form) is this:

userParameters:: Q3R4Q2ZnUHJlc2VudCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgI
  CAgUAsaCAFDdHhDZmdQcmVzZW5045S15pSx5oiw44GiIAIBQ3R4V0ZQcm9maWxlUGF0aOOAsBgCAU
  N0eFdGSG9tZURpcuOAsCICAUN0eFdGSG9tZURpckRyaXZl44CwEggBQ3R4U2hhZG9344Sw44Cw44C
  w44CwLggBQ3R4TWF4RGlzY29ubmVjdGlvblRpbWXjgaXjjLnjkLDjgLAoCAFDdHhNYXhDb25uZWN0
  aW9uVGltZeOAtOOct+aIseOAsBwIAUN0eE1heElkbGVUaW1l44Gj45yy46Sw44CwIAIBQ3R4V29ya
  0RpcmVjdG9yeeOAsBgIAUN0eENmZ0ZsYWdzMeOAsOOBpuOYsuOAuCICAUN0eEluaXRpYWxQcm9ncm
  Ft44Cw

the above came from using the windows user admin tool to change the
session activity timeout for a test user.

Michael Ströder has also pointed out this page:

  http://daduke.org/linux/userparameters.html

which documents a previous effort by the Linux thin client community
to work out the format of userParameters. I'm guessing the strange
encoding is used to try to keep the attribute as valid UTF8. If you
can confirm that the attribute is always valid UTF8 that would be
great (as otherwise we might corrupt it during replication with
windows).

As I mentioned, this is not a high priority, but it would be nice to
know the format at some stage.

Cheers, Tridge

___
cifs-protocol mailing list
cifs-protocol@cifs.org
https://lists.samba.org/mailman/listinfo/cifs-protocol