Re: [cifs-protocol] [REG:110011477385004] RE: userParameters attribute
On Mon, 2010-06-21 at 22:54 +, Hongwei Sun wrote: > Andrew, > > Sorry about the delay to give you a confirmation. No worries. > We have been spending time to review the usage of UserParameters in > other Windows components based on the information you provided. We > found that this attribute is indeed still used by at least one other > Microsoft product, such as RAS Server. The related product team is > working on this to find how to document it. During my vacation, I > will ask one of my team member (Obaid) to monitor the progress and > send you the update when it is available. Isn't software archeology fun! Enjoy your break, and don't stress about this one too much. I look forward to seeing a final breakdown of the structure some day, to help those trying to write user management tools for Samba4. Thanks, Andrew Bartlett ___ cifs-protocol mailing list cifs-protocol@cifs.org https://lists.samba.org/mailman/listinfo/cifs-protocol
Re: [cifs-protocol] [REG:110011477385004] RE: userParameters attribute
Andrew, Sorry about the delay to give you a confirmation. We have been spending time to review the usage of UserParameters in other Windows components based on the information you provided. We found that this attribute is indeed still used by at least one other Microsoft product, such as RAS Server. The related product team is working on this to find how to document it. During my vacation, I will ask one of my team member (Obaid) to monitor the progress and send you the update when it is available. Thanks! Hongwei -Original Message- From: Andrew Bartlett [mailto:abart...@samba.org] Sent: Tuesday, June 01, 2010 5:57 PM To: Hongwei Sun Cc: tri...@samba.org; p...@tridgell.net; cifs-proto...@samba.org; MSSolve Case Email; Michael Ströder Subject: RE: [cifs-protocol] [REG:110011477385004] RE: userParameters attribute On Tue, 2010-06-01 at 22:51 +, Hongwei Sun wrote: > Andrew, > >This 96 bytes unused data is not currently used by Terminal Service. The > following is the update to the documentation: > >UnusedData (96 bytes): A 96 byte array of unused data. This array is > filled with the ASCII character for space (0x20). So I take it that the 'dial back number' stuff no longer exists? Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Cisco Inc. ___ cifs-protocol mailing list cifs-protocol@cifs.org https://lists.samba.org/mailman/listinfo/cifs-protocol
Re: [cifs-protocol] [REG:110011477385004] RE: userParameters attribute
On Tue, 2010-06-01 at 22:51 +, Hongwei Sun wrote: > Andrew, > >This 96 bytes unused data is not currently used by Terminal Service. The > following is the update to the documentation: > >UnusedData (96 bytes): A 96 byte array of unused data. This array is > filled with the ASCII character for space (0x20). So I take it that the 'dial back number' stuff no longer exists? Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Cisco Inc. signature.asc Description: This is a digitally signed message part ___ cifs-protocol mailing list cifs-protocol@cifs.org https://lists.samba.org/mailman/listinfo/cifs-protocol
Re: [cifs-protocol] [REG:110011477385004] RE: userParameters attribute
Andrew, This 96 bytes unused data is not currently used by Terminal Service. The following is the update to the documentation: UnusedData (96 bytes): A 96 byte array of unused data. This array is filled with the ASCII character for space (0x20). Thanks! Hongwei -Original Message- From: Andrew Bartlett [mailto:abart...@samba.org] Sent: Wednesday, May 26, 2010 6:19 PM To: Hongwei Sun Cc: tri...@samba.org; p...@tridgell.net; cifs-proto...@samba.org; MSSolve Case Email; Michael Ströder Subject: RE: [cifs-protocol] [REG:110011477385004] RE: userParameters attribute On Wed, 2010-05-26 at 23:07 +, Hongwei Sun wrote: > Andrew, > >We have confirmed that currently "UserParameter" attribute is only used by > the Terminal Service and there is no any other Microsoft product that also > uses this attribute. The Terminal Service doesn't use the first 96 bytes of > the "UserParameter" attribute. In order to avoid any confusion, we will > rename "MSProductData" to "UnusedData" in the 2.3.1 of the future release of > MS-TSTS. > >Please let us know if you have any more question, if not, I will consider > this case closed. That's weird. For ages, this was referred to in samba as the 'munged dialback field', because (from memory) the first part was meant to contain the phone number to call back for old-style modem-callback security. I take it that this does not exist any more? For reference, we finally got rid of the field in this commit: http://www.mail-archive.com/samba-...@lists.samba.org/msg49021.html UNISTR2 uni_munged_dial ; /* munged path name and dial-back tel no */ Where the field after 'comment' on SAM_USER_INFO_23 became 'parameters' from the IDL. This 'parameters' maps to userParameter in LDAP. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Cisco Inc. ___ cifs-protocol mailing list cifs-protocol@cifs.org https://lists.samba.org/mailman/listinfo/cifs-protocol
Re: [cifs-protocol] [REG:110011477385004] RE: userParameters attribute
On Wed, 2010-05-26 at 23:07 +, Hongwei Sun wrote: > Andrew, > >We have confirmed that currently "UserParameter" attribute is only used by > the Terminal Service and there is no any other Microsoft product that also > uses this attribute. The Terminal Service doesn't use the first 96 bytes of > the "UserParameter" attribute. In order to avoid any confusion, we will > rename "MSProductData" to "UnusedData" in the 2.3.1 of the future release of > MS-TSTS. > >Please let us know if you have any more question, if not, I will consider > this case closed. That's weird. For ages, this was referred to in samba as the 'munged dialback field', because (from memory) the first part was meant to contain the phone number to call back for old-style modem-callback security. I take it that this does not exist any more? For reference, we finally got rid of the field in this commit: http://www.mail-archive.com/samba-...@lists.samba.org/msg49021.html UNISTR2 uni_munged_dial ; /* munged path name and dial-back tel no */ Where the field after 'comment' on SAM_USER_INFO_23 became 'parameters' from the IDL. This 'parameters' maps to userParameter in LDAP. Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Cisco Inc. signature.asc Description: This is a digitally signed message part ___ cifs-protocol mailing list cifs-protocol@cifs.org https://lists.samba.org/mailman/listinfo/cifs-protocol
Re: [cifs-protocol] [REG:110011477385004] RE: userParameters attribute
Andrew, We have confirmed that currently "UserParameter" attribute is only used by the Terminal Service and there is no any other Microsoft product that also uses this attribute. The Terminal Service doesn't use the first 96 bytes of the "UserParameter" attribute. In order to avoid any confusion, we will rename "MSProductData" to "UnusedData" in the 2.3.1 of the future release of MS-TSTS. Please let us know if you have any more question, if not, I will consider this case closed. Thanks! Hongwei -Original Message- From: Andrew Bartlett [mailto:abart...@samba.org] Sent: Friday, May 14, 2010 6:12 PM To: Hongwei Sun Cc: tri...@samba.org; p...@tridgell.net; cifs-proto...@samba.org; MSSolve Case Email; Michael Ströder Subject: Re: [cifs-protocol] [REG:110011477385004] RE: userParameters attribute On Tue, 2010-04-13 at 18:18 +, Hongwei Sun wrote: > Tridge, > >I just want to check with you to see if you have any question regarding > the newly added documentation for this attribute. If not, I will close this > CAR. The reference is good, but it seems there is a problem because of the way this parameter is split between products. In particular, while this may be true for MS-TSTS: [MS-TSTS] 2.3.1 UserParamerters: MSProductData (96 bytes): A 96 byte Unicode character array containing 48 Unicode characters. This field is not used by Microsoft Terminal Services. We need to know the full decode of the structure, regardless of which product or document owns it. In short, what is the meaning and expected contents of MSProductData? Thanks, Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Cisco Inc. ___ cifs-protocol mailing list cifs-protocol@cifs.org https://lists.samba.org/mailman/listinfo/cifs-protocol
Re: [cifs-protocol] [REG:110011477385004] RE: userParameters attribute
Andrew, I will work on your request and let you know when I get the information you need. Thanks! Hongwei -Original Message- From: Andrew Bartlett [mailto:abart...@samba.org] Sent: Friday, May 14, 2010 6:12 PM To: Hongwei Sun Cc: tri...@samba.org; p...@tridgell.net; cifs-proto...@samba.org; MSSolve Case Email; Michael Ströder Subject: Re: [cifs-protocol] [REG:110011477385004] RE: userParameters attribute On Tue, 2010-04-13 at 18:18 +, Hongwei Sun wrote: > Tridge, > >I just want to check with you to see if you have any question regarding > the newly added documentation for this attribute. If not, I will close this > CAR. The reference is good, but it seems there is a problem because of the way this parameter is split between products. In particular, while this may be true for MS-TSTS: [MS-TSTS] 2.3.1 UserParamerters: MSProductData (96 bytes): A 96 byte Unicode character array containing 48 Unicode characters. This field is not used by Microsoft Terminal Services. We need to know the full decode of the structure, regardless of which product or document owns it. In short, what is the meaning and expected contents of MSProductData? Thanks, Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Cisco Inc. ___ cifs-protocol mailing list cifs-protocol@cifs.org https://lists.samba.org/mailman/listinfo/cifs-protocol
Re: [cifs-protocol] [REG:110011477385004] RE: userParameters attribute
On Tue, 2010-04-13 at 18:18 +, Hongwei Sun wrote: > Tridge, > >I just want to check with you to see if you have any question regarding > the newly added documentation for this attribute. If not, I will close this > CAR. The reference is good, but it seems there is a problem because of the way this parameter is split between products. In particular, while this may be true for MS-TSTS: [MS-TSTS] 2.3.1 UserParamerters: MSProductData (96 bytes): A 96 byte Unicode character array containing 48 Unicode characters. This field is not used by Microsoft Terminal Services. We need to know the full decode of the structure, regardless of which product or document owns it. In short, what is the meaning and expected contents of MSProductData? Thanks, Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Cisco Inc. signature.asc Description: This is a digitally signed message part ___ cifs-protocol mailing list cifs-protocol@cifs.org https://lists.samba.org/mailman/listinfo/cifs-protocol
Re: [cifs-protocol] [REG:110011477385004] RE: userParameters attribute
Andrew, Yes, I already filed a request to add the reference to the information we added to 2.345 MS-ADA3 "Userparameter Attribute". Thanks! Hongwei -Original Message- From: Andrew Bartlett [mailto:abart...@samba.org] Sent: Tuesday, April 27, 2010 8:25 PM To: Hongwei Sun Cc: tri...@samba.org; p...@tridgell.net; cifs-proto...@samba.org; MSSolve Case Email; Michael Ströder Subject: Re: [cifs-protocol] [REG:110011477385004] RE: userParameters attribute On Tue, 2010-04-13 at 18:18 +, Hongwei Sun wrote: > Tridge, > >I just want to check with you to see if you have any question regarding > the newly added documentation for this attribute. If not, I will close this > CAR. Can you make sure this information is referenced from the schema docs and available under WSPP? Thanks, Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Cisco Inc. ___ cifs-protocol mailing list cifs-protocol@cifs.org https://lists.samba.org/mailman/listinfo/cifs-protocol
Re: [cifs-protocol] [REG:110011477385004] RE: userParameters attribute
On Tue, 2010-04-13 at 18:18 +, Hongwei Sun wrote: > Tridge, > >I just want to check with you to see if you have any question regarding > the newly added documentation for this attribute. If not, I will close this > CAR. Can you make sure this information is referenced from the schema docs and available under WSPP? Thanks, Andrew Bartlett -- Andrew Bartletthttp://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Cisco Inc. signature.asc Description: This is a digitally signed message part ___ cifs-protocol mailing list cifs-protocol@cifs.org https://lists.samba.org/mailman/listinfo/cifs-protocol
Re: [cifs-protocol] [REG:110011477385004] RE: userParameters attribute
Tridge, I just want to check with you to see if you have any question regarding the newly added documentation for this attribute. If not, I will close this CAR. Thanks! Hongwei -Original Message- From: Hongwei Sun Sent: Tuesday, April 06, 2010 2:49 PM To: 'tri...@samba.org' Cc: cifs-proto...@samba.org; p...@tridgell.net; Michael Ströder; MSSolve Case Email Subject: [REG:110011477385004] RE: userParameters attribute Tridge, We finished updating the protocol document for the userParameters attribute. Since this attribute is used by the Terminal Services Terminal Server Runtime Interface, it is documented in [MS-TSTS]: Terminal Services Terminal Server Runtime Interface Protocol Specification (http://msdn.microsoft.com/en-us/library/cc248570(v=PROT.10).aspx) , which is a part of MCPP document set. The information below has been added to the document and will appear in the future release on MSDN. The following are the updated sections in MS-TSTS. I attached a separate PDF file for your reference. 1. The table in Section 2.3, Directory Service Schema Elements, was modified to denote that the attributes listed previously are not used by Microsoft Terminal Services and a new attribute, userParameters, was added to the table. 2. The section 2.3.1, UserParameters, was added. 3. The section 2.3.2, Encoding and decoding PropValue field, was added. 4. The section 4.5, example for Encoding/Decoding, was added Please let us know if you need any more information for this topic. Thanks! Hongwei -Original Message- From: tri...@samba.org [mailto:tri...@samba.org] Sent: Thursday, January 14, 2010 2:55 PM To: Interoperability Documentation Help Cc: cifs-proto...@samba.org; p...@tridgell.net; Michael Ströder Subject: CAR: userParameters attribute Dear Dochelp, The userParameters attribute on a user in AD seems to be a bit of a puzzle. Could you add some docs on it at some stage? Not a really high priority, but we would eventually like to be able to offer admin tools that manage things like session activity timeouts, and it seems that we need to know how to parse and create userParameters to do that. An example userParameters attribute from w2k8r2 (in base64 form) is this: userParameters:: Q3R4Q2ZnUHJlc2VudCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgI CAgUAsaCAFDdHhDZmdQcmVzZW5045S15pSx5oiw44GiIAIBQ3R4V0ZQcm9maWxlUGF0aOOAsBgCAU N0eFdGSG9tZURpcuOAsCICAUN0eFdGSG9tZURpckRyaXZl44CwEggBQ3R4U2hhZG9344Sw44Cw44C w44CwLggBQ3R4TWF4RGlzY29ubmVjdGlvblRpbWXjgaXjjLnjkLDjgLAoCAFDdHhNYXhDb25uZWN0 aW9uVGltZeOAtOOct+aIseOAsBwIAUN0eE1heElkbGVUaW1l44Gj45yy46Sw44CwIAIBQ3R4V29ya 0RpcmVjdG9yeeOAsBgIAUN0eENmZ0ZsYWdzMeOAsOOBpuOYsuOAuCICAUN0eEluaXRpYWxQcm9ncm Ft44Cw the above came from using the windows user admin tool to change the session activity timeout for a test user. Michael Ströder has also pointed out this page: http://daduke.org/linux/userparameters.html which documents a previous effort by the Linux thin client community to work out the format of userParameters. I'm guessing the strange encoding is used to try to keep the attribute as valid UTF8. If you can confirm that the attribute is always valid UTF8 that would be great (as otherwise we might corrupt it during replication with windows). As I mentioned, this is not a high priority, but it would be nice to know the format at some stage. Cheers, Tridge ___ cifs-protocol mailing list cifs-protocol@cifs.org https://lists.samba.org/mailman/listinfo/cifs-protocol
Re: [cifs-protocol] [REG:110011477385004] RE: userParameters attribute
Tridge, Could you please take a look at my question below so I can proceed with this request ? If you are busy, we can always come back to visit it whenever it is good time for you. Thanks ! Hongwei -Original Message- From: Hongwei Sun Sent: Tuesday, January 19, 2010 9:31 PM To: 'tri...@samba.org' Cc: cifs-proto...@samba.org; p...@tridgell.net; Michael Ströder; MSSolve Case Email Subject: [REG:110011477385004] RE: userParameters attribute Tridge, How did you generate the UserParameters you mentioned in the e-mail ? I got a little bit different result. The steps I used are (1) Open "Avtive Directory Users and Computers" -> "User" -> select a user such as "Administrator" (2) In Properties windows , select "Sessions" tab and then change "Active session limit" (3) Then the UserParametes attribute was added to the user object, the value is something like userParameters: PCtxCfgPresentCtxCfgFlags1CtxShadow*CtxMinEncryptionLevel?" UserParameters attribute is used for storing user specific data for individual programs, such as RAS and Terminal Service. I just want to make sure we are looking at the same tool. Thanks! Hongwei -Original Message- From: tri...@samba.org [mailto:tri...@samba.org] Sent: Thursday, January 14, 2010 2:55 PM To: Interoperability Documentation Help Cc: cifs-proto...@samba.org; p...@tridgell.net; Michael Ströder Subject: CAR: userParameters attribute Dear Dochelp, The userParameters attribute on a user in AD seems to be a bit of a puzzle. Could you add some docs on it at some stage? Not a really high priority, but we would eventually like to be able to offer admin tools that manage things like session activity timeouts, and it seems that we need to know how to parse and create userParameters to do that. An example userParameters attribute from w2k8r2 (in base64 form) is this: userParameters:: Q3R4Q2ZnUHJlc2VudCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgI CAgUAsaCAFDdHhDZmdQcmVzZW5045S15pSx5oiw44GiIAIBQ3R4V0ZQcm9maWxlUGF0aOOAsBgCAU N0eFdGSG9tZURpcuOAsCICAUN0eFdGSG9tZURpckRyaXZl44CwEggBQ3R4U2hhZG9344Sw44Cw44C w44CwLggBQ3R4TWF4RGlzY29ubmVjdGlvblRpbWXjgaXjjLnjkLDjgLAoCAFDdHhNYXhDb25uZWN0 aW9uVGltZeOAtOOct+aIseOAsBwIAUN0eE1heElkbGVUaW1l44Gj45yy46Sw44CwIAIBQ3R4V29ya 0RpcmVjdG9yeeOAsBgIAUN0eENmZ0ZsYWdzMeOAsOOBpuOYsuOAuCICAUN0eEluaXRpYWxQcm9ncm Ft44Cw the above came from using the windows user admin tool to change the session activity timeout for a test user. Michael Ströder has also pointed out this page: http://daduke.org/linux/userparameters.html which documents a previous effort by the Linux thin client community to work out the format of userParameters. I'm guessing the strange encoding is used to try to keep the attribute as valid UTF8. If you can confirm that the attribute is always valid UTF8 that would be great (as otherwise we might corrupt it during replication with windows). As I mentioned, this is not a high priority, but it would be nice to know the format at some stage. Cheers, Tridge ___ cifs-protocol mailing list cifs-protocol@cifs.org https://lists.samba.org/mailman/listinfo/cifs-protocol