2.2.1.3.1 NL_AUTH_MESSAGE

  • Article

The NL_AUTH_MESSAGE structure is a token containing information that is part of the first message in establishing a security context between a client and a server. It is used for establishing the secure session when Netlogon functions as a security support provider (SSP). For details about NL_AUTH_MESSAGE construction, see section 3.3.4.1.


0


1


2


3


4


5


6


7


8


9

1
0


1


2


3


4


5


6


7


8


9

2
0


1


2


3


4


5


6


7


8


9

3
0


1

MessageType

Flags

Buffer (variable)

...

MessageType (4 bytes): A 32-bit unsigned integer. This value is used to indicate whether the message is a negotiate request message sent from a client to a server, or a negotiate response message sent from the server to the client. MessageType MUST be one, and only one, of the following.

Value

Meaning

0x00000000

This is a negotiate request message.

0x00000001

This is a negotiate response message.

Flags (4 bytes): A set of bit flags indicating the principal names carried in the request. A flag is TRUE (or set) if its value is equal to 1. These flags are set only in negotiate request messages. The value is constructed from one or more bit flags from the following table.


0


1


2


3


4


5


6


7


8


9

1
0


1


2


3


4


5


6


7


8


9

2
0


1


2


3


4


5


6


7


8


9

3
0


1

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

E

D

C

B

A

Where the bits are defined as:

Value

Description

A

Buffer contains a NetBIOS domain name as an OEM_STRING ([MS-CIFS] section 2.2.1.1).

B

Buffer contains a NetBIOS computer name as an OEM_STRING.

C

Buffer contains a DNS domain name as a compressed UTF-8 string, as specified in [RFC1035] section 4.1.4.

D

Buffer contains a DNS host name as a compressed UTF-8 string.

E

Buffer contains a NetBIOS computer name as a compressed UTF-8 string.

All other bits MUST be set to zero and MUST be ignored on receipt.

Buffer (variable): A text buffer that contains a concatenation of null-terminated strings for each of the name flags set in the Flags field. The order is the same as the order of the Flags values (A–E). This buffer is only used in negotiate request messages. For negotiate response messages, the buffer contains a NULL character.