none
SID_NAME_USE Enumeration RRS feed

  • Question

  • Clarification would be appreciated and probaby relates to the SAMBA  "MS-SAMR missing SID name use type"
    issue,

    [MS-SAMR] – v20080207   2.2.2.6 SID_NAME_USE gives:
    typedef enum _SID_NAME_USE {
    SidTypeUser = 1,
    SidTypeGroup,
    SidTypeDomain,
    SidTypeAlias,
    SidTypeWellKnownGroup,
    SidTypeDeletedAccount,
    SidTypeInvalid,
    SidTypeUnknown
    } SID_NAME_USE, *PSID_NAME_USE;

    Whereas [MS-LSAT] – v20080828
    2.2.13 SID_NAME_USE gives

    typedef enum _SID_NAME_USE
    {
    SidTypeUser = 1,
    SidTypeGroup,
    SidTypeDomain,
    SidTypeAlias,
    SidTypeWellKnownGroup,
    SidTypeDeletedAccount,
    SidTypeInvalid,
    SidTypeUnknown,
    SidTypeComputer,
    SidTypeLabel
    } SID_NAME_USE, *PSID_NAME_USE;

    SidTypeComputer,  SidTypeLabel are extra in the second case.
    Is it actually the case the LSA uses an extended set or is it just a documentation issue?
    For what it is worth MSDN also gives the same form as MS-LSAT
    http://msdn.microsoft.com/en-us/library/aa379601.aspx




    Tuesday, November 4, 2008 11:12 AM

Answers

  • Thanks you for bringing this issue to our attention. 
    As communicated over email, this issue is now resolved. The answer to the question posted above is as follows:

    MS-SAMR does not document SidTypeComputer in enum SID_NAME_USE because the enum value SidTypeComputer =9 is not part of the SAMR protocol. The SAM object model does not distinguish between computer objects and user objects, that is, computers are users.

    In case of [MS-LSAT], while enum SidTypeComputer is mentioned in the document, it clearly states that:

    The SidTypeInvalid and SidTypeComputer enumeration values are not used in this protocol. Usage information on the remaining enumeration values is specified in section 3.1.1.

    Our investigation also concluded that enum SidTypeComputer does not appear on wire for any Windows scenario.

    If you see this enum on wire, please feel free to bring it to our attention.


    Regards, Obaid Farooqi
    Monday, December 15, 2008 10:57 PM
    Owner

All replies

  •  Good Morning Neil_b_m:

    My name is Obaid Farooqi and I'll be helping you with this request.

    Thank you for bringing this issue to our attention. I am already working on the same issue with Andrew Bartlett. I'll keep you posted on the progress of the resolution of this issue through email and post the results of our investigation to this forum.



    Regards, Obaid Farooqi
    Tuesday, November 4, 2008 5:18 PM
    Owner
  • Thanks you for bringing this issue to our attention. 
    As communicated over email, this issue is now resolved. The answer to the question posted above is as follows:

    MS-SAMR does not document SidTypeComputer in enum SID_NAME_USE because the enum value SidTypeComputer =9 is not part of the SAMR protocol. The SAM object model does not distinguish between computer objects and user objects, that is, computers are users.

    In case of [MS-LSAT], while enum SidTypeComputer is mentioned in the document, it clearly states that:

    The SidTypeInvalid and SidTypeComputer enumeration values are not used in this protocol. Usage information on the remaining enumeration values is specified in section 3.1.1.

    Our investigation also concluded that enum SidTypeComputer does not appear on wire for any Windows scenario.

    If you see this enum on wire, please feel free to bring it to our attention.


    Regards, Obaid Farooqi
    Monday, December 15, 2008 10:57 PM
    Owner