diff options
| author | Gary Lockyer <gary@catalyst.net.nz> | 2018-12-20 15:02:30 +1300 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2019-02-20 06:03:09 +0100 |
| commit | 96e6adedcd9dfb7556f503a9d7602ac04fe870c1 (patch) | |
| tree | 63e39bfb76446929ba01ea54baafd461eea64bae /source4/torture/ndr | |
| parent | 87e63a8665ffb5547140b4bbc25529e20e345a6c (diff) | |
| download | samba-96e6adedcd9dfb7556f503a9d7602ac04fe870c1.tar.gz | |
librpc idl: netlogon netr_identity_info logon_id to 64 bit
Fold the two 32 bit values logon_id_high and logon_id_low into a single
64 bit logon_id in netr_identity_info. This will be used to tie
together winbind and SamLogon requests in audit logging.
Summary of the of the Query and Response from Microsoft on it's usage.
[REG:119013019612095] [MS-NRPC]: NETLOGON_LOGON_IDENTITY_INFO: Does
the Reserved field have LogonId meaning?
Questions:
In NetrLogonSamLogonEx does the Reserved field
(of NETLOGON_LOGON_IDENTITY_INFO) have LogonId meaning?
What is a valid LogonID, and does have any audit usage?
Samba is sending a constant "deadbeef" in hex and would like to
understand any usage of this field.
Response:
The NRPC spec is accurate in defining the field as Reserved, and without
protocol significance. In the header file in our source code, it is
defined as LogonId and commented as such, but it’s effectively not used.
This is probably why the API structure has that field name. It may have
been intended as such but it’s not used.
Samba will send a random value in this field.
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'source4/torture/ndr')
| -rw-r--r-- | source4/torture/ndr/netlogon.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/source4/torture/ndr/netlogon.c b/source4/torture/ndr/netlogon.c index 2e20ff748b9..05a68eb79d2 100644 --- a/source4/torture/ndr/netlogon.c +++ b/source4/torture/ndr/netlogon.c @@ -154,8 +154,7 @@ static bool netrlogonsamlogon_w2k_in_check(struct torture_context *tctx, torture_assert_int_equal(tctx, r->in.logon->password->identity_info.domain_name.size, 12, "domain_name.size"); torture_assert_str_equal(tctx, r->in.logon->password->identity_info.domain_name.string, "W2KDOM", "domain_name.string"); torture_assert_int_equal(tctx, r->in.logon->password->identity_info.parameter_control, 0, "parameter_control"); - torture_assert_int_equal(tctx, r->in.logon->password->identity_info.logon_id_low, 0xdead, "logon_id_low"); - torture_assert_int_equal(tctx, r->in.logon->password->identity_info.logon_id_high, 0xbeef, "logon_id_high"); + torture_assert_u64_equal(tctx, r->in.logon->password->identity_info.logon_id, 0xbeef0000dead, "logon_id"); torture_assert_int_equal(tctx, r->in.logon->password->identity_info.account_name.length, 26, "account_name.length"); torture_assert_int_equal(tctx, r->in.logon->password->identity_info.account_name.size, 26, "account_name.size"); torture_assert_str_equal(tctx, r->in.logon->password->identity_info.account_name.string, "administrator", "account_name.string"); |