It turns out that the Netlogon PAC verification is encrypted.

This test now passes against Win2k3, and a implementation in the Samba4 server should follow shortly. Andrew Bartlett (This used to be commit c6b8ba893dd3ed90bca32c0ae89fd33be729c238)
author: Andrew Bartlett <abartlet@samba.org> 2008-08-29 15:06:30 +1000
committer: Andrew Bartlett <abartlet@samba.org> 2008-08-29 15:06:30 +1000
commit: 81dcc99e9acb9a7e4c2358e5e44998e4718dc658 (patch)
tree: b8a78b33cce3dd118304d2deeb387ca51c948ab1 /source4/librpc/idl/krb5pac.idl
parent: bfec8985cfef462dd58503138f7c25caefc24332 (diff)
download: samba-81dcc99e9acb9a7e4c2358e5e44998e4718dc658.tar.gz
samba-81dcc99e9acb9a7e4c2358e5e44998e4718dc658.tar.bz2
samba-81dcc99e9acb9a7e4c2358e5e44998e4718dc658.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/source4/librpc/idl/krb5pac.idl b/source4/librpc/idl/krb5pac.idl
index 699f0b896b..dcee280150 100644
--- a/source4/librpc/idl/krb5pac.idl
+++ b/source4/librpc/idl/krb5pac.idl
@@ -100,8 +100,10 @@ interface krb5pac
 		PAC_BUFFER_RAW buffers[num_buffers];
 	} PAC_DATA_RAW;
 
+	const int NETLOGON_GENERIC_KRB5_PAC_VALIDATE = 3;
+
 	typedef [public] struct {
-		uint32 MessageType;
+		[value(NETLOGON_GENERIC_KRB5_PAC_VALIDATE)] uint32 MessageType;
 		uint32 ChecksumLength;
 		uint32 SignatureType;
 		uint32 SignatureLength;
author	Andrew Bartlett <abartlet@samba.org>	2008-08-29 15:06:30 +1000
committer	Andrew Bartlett <abartlet@samba.org>	2008-08-29 15:06:30 +1000
commit	81dcc99e9acb9a7e4c2358e5e44998e4718dc658 (patch)
tree	b8a78b33cce3dd118304d2deeb387ca51c948ab1 /source4/librpc/idl/krb5pac.idl
parent	bfec8985cfef462dd58503138f7c25caefc24332 (diff)
download	samba-81dcc99e9acb9a7e4c2358e5e44998e4718dc658.tar.gz samba-81dcc99e9acb9a7e4c2358e5e44998e4718dc658.tar.bz2 samba-81dcc99e9acb9a7e4c2358e5e44998e4718dc658.zip