2.10 UPN_DNS_INFO
The UPN_DNS_INFO structure contains the client's UPN and fully qualified domain name (FQDN) (1). It is used to provide the UPN and FQDN (1) that corresponds to the client of the ticket. The UPN_DNS_INFO structure is placed directly after the Buffers array of the topmost PACTYPE structure (section 2.3), at the offset specified in the Offset field of the corresponding PAC_INFO_BUFFER structure (section 2.4) in the Buffers array. The ulType field of the corresponding PAC_INFO_BUFFER is set to 0x0000000C.<19>
|
|
|
|
|
|
|
|
|
|
1 |
|
|
|
|
|
|
|
|
|
2 |
|
|
|
|
|
|
|
|
|
3 |
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
UpnLength |
UpnOffset |
||||||||||||||||||||||||||||||
|
DnsDomainNameLength |
DnsDomainNameOffset |
||||||||||||||||||||||||||||||
|
Flags |
|||||||||||||||||||||||||||||||
UpnLength (2 bytes): An unsigned 16-bit integer in little-endian format that specifies the length, in bytes, of the UPN information. The location of the UPN information is described later in this section.
UpnOffset (2 bytes): An unsigned 16-bit integer in little-endian format that contains the offset to the beginning of the UPN information, in bytes, from the beginning of the UPN_DNS_INFO structure.
DnsDomainNameLength (2 bytes): An unsigned 16-bit integer in little-endian format that specifies the length, in bytes, of the DNS information. The location of the DNS information is described later in this section.
DnsDomainNameOffset (2 bytes): An unsigned 16-bit integer in little-endian format that contains the offset to the beginning of the DNS information, in bytes, from the beginning of the UPN_DNS_INFO structure.
Flags (4 bytes): A set of bit flags in little-endian format. A flag is TRUE (or set) if its value is equal to 1. The value is constructed from zero or more bit flags from the following table:
-
0
1
2
3
4
5
6
7
8
91
0
1
2
3
4
5
6
7
8
92
0
1
2
3
4
5
6
7
8
93
0
10
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
U
-
Where the bits are defined as:
-
Value
Description
U
The user account object does not have the userPrincipalName attribute ([MS-ADA3] section 2.349) set. A UPN constructed by concatenating the user name with the DNS domain name of the account domain is provided.
-
All other bits are set to zero and MUST be ignored on receipt.
The actual DNS and UPN information is placed after the UPN_DNS_INFO structure following the header and starting with the corresponding offset in a consecutive buffer. The UPN and FQDN (1) are encoded using a two-byte UTF16 scheme, in little-endian order.