Hi Andrew:
Thanks for contacting Microsoft. I have created a case to track this issue. A
member of the open specifications team will be in touch soon.
Regards,
Obaid Farooqi
Escalation Engineer | Microsoft
-Original Message-
From: Andrew Bartlett
Sent: Monday, October 23, 2023 4:15 PM
Hi Dochelp,
MS-ADTS 3.1.1.3.4.1.3 LDAP_SERVER_DIRSYNC_OID
describes LDAP_DIRSYNC_OBJECT_SECURITY as:
Windows Server 2003 operating system and later: If
this flag is present, the client can only view objects and attributes
that are otherwise accessible to the client. If this flag is not
Hi,
I’ve uploaded a trace of a Kerberos AS exchange using PKINIT where I
expect to see, in the PAC of the resulting ticket, a claim having the
display name “CertClaim”; but I see only a claim with the display name
“ObjectClass”.
Regards,
Joseph
On 21/10/23 2:18 pm, Jeff McCashland (He/him)
Hi,
I’ve uploaded a trace of a Kerberos TGS exchange with a TGT issued by an
RODC krbtgt and with an authentication policy enforced. In response to
the TGS-REQ I expect to get a TGS-REP, but, as the trace shows, I get a
KDC_ERR_POLICY error instead.
Regards,
Joseph
On 20/10/23 11:50 am,
