2.2.10.4 Primary:Kerberos - KERB_STORED_CREDENTIAL
The KERB_STORED_CREDENTIAL structure is a variable-length structure that defines the format of the Primary:Kerberos property within the supplementalCredentials attribute. For information on how this structure is created, see section 3.1.1.8.11.4.
This structure is stored as a property value in a USER_PROPERTY structure.
|
|
|
|
|
|
|
|
|
|
1 |
|
|
|
|
|
|
|
|
|
2 |
|
|
|
|
|
|
|
|
|
3 |
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Revision |
Flags |
||||||||||||||||||||||||||||||
|
CredentialCount |
OldCredentialCount |
||||||||||||||||||||||||||||||
|
DefaultSaltLength |
DefaultSaltMaximumLength |
||||||||||||||||||||||||||||||
|
DefaultSaltOffset |
|||||||||||||||||||||||||||||||
|
Credentials (variable) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
OldCredentials (variable) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
DefaultSalt (variable) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
KeyValues (variable) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
Revision (2 bytes): This value MUST be set to 3.
Flags (2 bytes): This value MUST be zero and ignored on read.
CredentialCount (2 bytes): This is the count of elements in the Credentials array. This value MUST be set to 2.
OldCredentialCount (2 bytes): This is the count of elements in the OldCredentials array that contain the keys for the previous password. This value MUST be set to 0 or 2.
DefaultSaltLength (2 bytes): The length, in bytes, of a salt value.
-
This value is in little-endian byte order. This value SHOULD be ignored on read.
DefaultSaltMaximumLength (2 bytes): The length, in bytes, of the buffer containing the salt value.
-
This value is in little-endian byte order. This value SHOULD be ignored on read.
DefaultSaltOffset (4 bytes): An offset, in little-endian byte order, from the beginning of the attribute value (that is, from the beginning of the Revision field of KERB_STORED_CREDENTIAL) to where the salt value starts. This value SHOULD be ignored on read.
Credentials (variable): An array of CredentialCount KERB_KEY_DATA (section 2.2.10.5) elements.
OldCredentials (variable): An array of OldCredentialCount KERB_KEY_DATA elements.
DefaultSalt (variable): The default salt value.
KeyValues (variable): An array of CredentialCount + OldCredentialCount key values. Each key value MUST be located at the offset specified by the corresponding KeyOffset values specified in Credentials and OldCredentials.