2.2.2 SSL_CERT_LOGON_RESP Message
The SSL_CERT_LOGON_RESP structure defines a successful response to an SSL_CERT_LOGON_REQ request. It contains the PAC that is returned to the caller. All member fields MUST be encoded in little-endian order.
|
|
|
|
|
|
|
|
|
|
1 |
|
|
|
|
|
|
|
|
|
2 |
|
|
|
|
|
|
|
|
|
3 |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
MessageType |
|||||||||||||||||||||||||||||||
Length |
|||||||||||||||||||||||||||||||
OffsetAuthData |
|||||||||||||||||||||||||||||||
AuthDataLength |
|||||||||||||||||||||||||||||||
Flags |
|||||||||||||||||||||||||||||||
OffsetDomain |
|||||||||||||||||||||||||||||||
DomainLength |
|||||||||||||||||||||||||||||||
Align |
|||||||||||||||||||||||||||||||
Payload (variable) |
|||||||||||||||||||||||||||||||
... |
MessageType (4 bytes): A 32-bit unsigned integer that defines the Remote Certificate Mapping Protocol message type. This member MUST be 0x00000002, matching SSL_CERT_LOGON_REQ.
Length (4 bytes): A 32-bit unsigned integer that defines the length, in bytes, of the SSL_CERT_LOGON_RESP response structure, including the variable Payload section.
OffsetAuthData (4 bytes): A 32-bit unsigned integer that defines the offset, in bytes, from the beginning of the SSL_CERT_LOGON_RESP response structure to the PAC, as specified in [MS-PAC], contained in the Payload field. This MUST be aligned to an 8-byte boundary.
AuthDataLength (4 bytes): A 32-bit unsigned integer that defines the length, in bytes, of the PAC, as specified in [MS-PAC], contained in the Payload field.
Flags (4 bytes): A 32-bit unsigned integer that MUST be 0, and ignored upon receipt. This field was intended for future expansion but was not used.
OffsetDomain (4 bytes): A 32-bit unsigned integer that defines the offset, in bytes, from the beginning of the SSL_CERT_LOGON_RESP request structure to a string of 16-bit Unicode characters comprising the name of the domain used for retrieving the authorization information. The domain name MUST be the NetBIOS name of the account domain.
DomainLength (4 bytes): A 32-bit unsigned integer that defines the length, in bytes, of the domain name referred to by the OffsetDomain member. The length does not include any trailing NULL character; because the string is counted, there need not be a trailing NULL.
Align (4 bytes): A 32-bit unsigned integer used to maintain 64-bit alignment. This member MUST be 0x00000000.
Payload (variable): This field contains the PAC, as specified in [MS-PAC], referred to by the OffsetAuthData field, and the domain name referred to by the OffsetDomain field.