Hi Alexander, If you have any network traces of this interaction, please upload them to the link below. In the meantime, I am setting up a Windows-to-Windows repro of this scenario to collect traces for analysis.
I'll check back with you next week. Best regards, Jeff McCashland (He/him) | Senior Escalation Engineer | Microsoft Corporation Phone: +1 (425) 703-8300 x38300 | Hours: 9am-5pm | Time zone: (UTC-08:00) Pacific Time (US and Canada) Local country phone number found here: http://support.microsoft.com/globalenglish | Extension 1138300 ________________________________ From: Jeff McCashland (He/him) <[email protected]> Sent: Monday, August 18, 2025 3:36 PM To: Alexander Bokovoy (Samba) <[email protected]> Cc: [email protected] <[email protected]>; Microsoft Support <[email protected]> Subject: Re: [EXTERNAL] Network Ticket Logon clarification - TrackingID#2508140040006509 [Kristian to BCC] Hi Alexander, I will research the logon interaction and see what I can find. Best regards, Jeff McCashland (He/him) | Senior Escalation Engineer | Microsoft Corporation Phone: +1 (425) 703-8300 x38300 | Hours: 9am-5pm | Time zone: (UTC-08:00) Pacific Time (US and Canada) Local country phone number found here: http://support.microsoft.com/globalenglish | Extension 1138300 ________________________________ From: Kristian Smith <[email protected]> Sent: Thursday, August 14, 2025 8:39 AM To: Alexander Bokovoy (Samba) <[email protected]> Cc: [email protected] <[email protected]>; Microsoft Support <[email protected]> Subject: RE: [EXTERNAL] Network Ticket Logon clarification - TrackingID#2508140040006509 [DocHelp to Bcc] Hi Alexander, Thanks for reaching out with your Kerberos/Netlogon question. I've created case 2508140040006509 to track the issue. One of our engineers will investigate this and contact you soon. Regards, Kristian Smith Support Escalation Engineer | Microsoft(r) Corporation Email: [email protected] -----Original Message----- From: Alexander Bokovoy <[email protected]> Sent: Thursday, August 14, 2025 5:41 AM To: Interoperability Documentation Help <[email protected]> Cc: [email protected] Subject: [EXTERNAL] Network Ticket Logon clarification Hello Dochelp, I am reading through MS-KILE v45 update that was published this week (v20250811) and trying to understand how would KDC receive the request which processing is described in the section [MS-KILE] 3.3.5.8 Network Ticket Logon. As referenced in [MS-KILE] 3.3.5.8, [MS-NRPC] 3.2.4.2 describes the process on the Netlogon side, namely: -------------------------------------- Broadly, there are five major steps in the network ticket logon process: - The Kerberos client prepares and makes a request (see [MS-APDS] sections 3.2.5.1 and 3.2.5.2) - Netlogon delivers the request (see section 3.2.4.2.1) - The Key Distribution Center (KDC) processes the request and sends a reply (see [MS-KILE] section 3.3.5.8.1) - Netlogon processes the reply and sends it to the client (see section 3.2.4.2.2) - The Kerberos client receives the reply (see [MS-APDS] section 3.2.5.4) ------------------------------------- My question is related to the steps 'Netlogon delivers the request' and 'KDC processes the requests and sends a reply'. Unfortunately, neither [MS-NRPC] 3.2.4.2.1 nor [MS-KILE] 3.3.5.8.1 clarify how exactly Netlogon and KDC communicate the request between each other. Could you please clarify it? Is it a specially formatted TGS-REQ? Or is it some special form of a back-channel between these components? -- / Alexander Bokovoy
_______________________________________________ cifs-protocol mailing list [email protected] https://lists.samba.org/mailman/listinfo/cifs-protocol
