Compartilhar via


2.2.9.2.1 SMB2_REMOTED_IDENTITY_TREE_CONNECT Context

The SMB2_REMOTED_IDENTITY_TREE_CONNECT context is specified in SMB2_TREE_CONNECT_CONTEXT structure when the ContextType is set to SMB2_REMOTED_IDENTITY_TREE_CONNECT_CONTEXT_ID. The format of the data in the Data field of this SMB2_TREE_CONNECT_CONTEXT is as follows:


0


1


2


3


4


5


6


7


8


9

1
0


1


2


3


4


5


6


7


8


9

2
0


1


2


3


4


5


6


7


8


9

3
0


1

TicketType

TicketSize

User

UserName

Domain

Groups

RestrictedGroups

Privileges

PrimaryGroup

Owner

DefaultDacl

DeviceGroups

UserClaims

DeviceClaims

TicketInfo (variable)

...

TicketType (2 bytes): A 16-bit integer specifying the type of ticket requested. The value in this field MUST be set to 0x0001.

TicketSize (2 bytes): A 16-bit integer specifying the total size of this structure.

User (2 bytes): A 16-bit integer specifying the offset, in bytes, from the beginning of this structure to the user information in the TicketInfo buffer. The user information is stored in SID_ATTR_DATA format as specified in section 2.2.9.2.1.2.

UserName (2 bytes): A 16-bit integer specifying the offset, in bytes, from the beginning of this structure to the null-terminated Unicode string containing the username in the TicketInfo field.

Domain (2 bytes): A 16-bit integer specifying the offset, in bytes, from the beginning of this structure to the null-terminated Unicode string containing the domain name in the TicketInfo field.

Groups (2 bytes): A 16-bit integer specifying the offset, in bytes, from the beginning of this structure to the information about the groups in the TicketInfo buffer. The information is stored in SID_ARRAY_DATA format as specified in section 2.2.9.2.1.3.

RestrictedGroups (2 bytes): A 16-bit integer specifying the offset, in bytes, from the beginning of this structure to the information about the restricted groups in the TicketInfo field. The information is stored in SID_ARRAY_DATA format as specified in section 2.2.9.2.1.3.

Privileges (2 bytes): A 16-bit integer specifying the offset, in bytes, from the beginning of this structure to the information about the privileges in the TicketInfo field. The information is stored in PRIVILEGE_ARRAY_DATA format as specified in section 2.2.9.2.1.6.

PrimaryGroup (2 bytes): A 16-bit integer specifying the offset, in bytes, from the beginning of this structure to the information about the primary group in the TicketInfo field. The information is stored in SID_ARRAY_DATA format as specified in section 2.2.9.2.1.3.

Owner (2 bytes): A 16-bit integer specifying the offset, in bytes, from the beginning of this structure to the information about the owner in the TicketInfo field. The information is stored in BLOB_DATA format as specified in section 2.2.9.2.1.1, where BlobData contains the SID, as specified in [MS-DTYP] section 2.4.2.2, representing the owner, and BlobSize contains the size of SID.

DefaultDacl (2 bytes): A 16-bit integer specifying the offset, in bytes, from the beginning of this structure to the information about the DACL, as specified in [MS-DTYP] section 2.5.2, in the TicketInfo field. Information about the DACL is stored in BLOB_DATA format as specified in section 2.2.9.2.1.1, where BlobSize contains the size of the ACL structure, as specified in [MS-DTYP] section 2.4.5, and BlobData contains the DACL data.

DeviceGroups (2 bytes): A 16-bit integer specifying the offset, in bytes, from the beginning of this structure to the information about the device groups in the TicketInfo field. The information is stored in SID_ARRAY_DATA format as specified in section 2.2.9.2.1.3.

UserClaims (2 bytes): A 16-bit integer specifying the offset, in bytes, from the beginning of this structure to the user claims data in the TicketInfo field. Information about user claims is stored in BLOB_DATA format as specified in section 2.2.9.2.1.1, where BlobData contains an array of CLAIM_SECURITY_ATTRIBUTE_RELATIVE_V1 structures, as specified in [MS-DTYP] section 2.4.10.1, representing the claims issued to the user, and BlobSize contains the size of the user claims data.

DeviceClaims (2 bytes): A 16-bit integer specifying the offset, in bytes, from the beginning of this structure to the device claims data in the TicketInfo field. Information about device claims is stored in BLOB_DATA format as specified in section 2.2.9.2.1.1, where BlobData contains an array of CLAIM_SECURITY_ATTRIBUTE_RELATIVE_V1 structures, as specified in [MS-DTYP] section 2.4.10.1, representing the claims issued to the account of the device which the user is connected from, and BlobSize contains the size of the device claims data.

TicketInfo (variable): A variable-length buffer containing the remoted identity tree connect context data, including the information about all the previously defined fields in this structure.