Ethereal-dev: Re: [Ethereal-dev] DCERPC-LSA

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Guy Harris <gharris@xxxxxxxxx>
Date: Mon, 22 Apr 2002 23:18:02 -0700
On Tue, Apr 23, 2002 at 05:21:32AM +0000, Pia Sahlberg wrote:
> >Does "lsa-muddle.idl" come from Microsoft?  If not, perhaps it's wrong.
> ( Was your capture from a MS implementation? If not, perhaps it's wrong :-) 
> )

NT 3.51, from the Session Setup AndX response from the machine sending
the NETSAMDELTAS reply with the problem.

Code that pays attention to the "Offset to owner SID" field's value in
an NT Security Descriptor dissects that SID correctly; code that doesn't
mis-dissects it.  The same applies to the "Offset to group SID" field's
value.