diff options
author | erdgeist <> | 2003-12-06 19:59:06 +0000 |
---|---|---|
committer | erdgeist <> | 2003-12-06 19:59:06 +0000 |
commit | 71cabadee7b59a1ebac99aacb0121b3e43b89b89 (patch) | |
tree | 578382d4a3ab5e0e58635b896085bb61c8c8bb54 /doc | |
parent | a562311d7c3d3d1f844f95f33df5daf8e9b95f04 (diff) |
LANMAN
Diffstat (limited to 'doc')
-rwxr-xr-x | doc/cifsrap2.txt | 2427 |
1 files changed, 2427 insertions, 0 deletions
diff --git a/doc/cifsrap2.txt b/doc/cifsrap2.txt new file mode 100755 index 0000000..64a2cd7 --- /dev/null +++ b/doc/cifsrap2.txt | |||
@@ -0,0 +1,2427 @@ | |||
1 | |||
2 | |||
3 | |||
4 | |||
5 | |||
6 | |||
7 | Network Working Group Paul J. Leach, Microsoft | ||
8 | INTERNET-DRAFT Dilip C. Naik, Microsoft | ||
9 | draft-leach-cifs-rap-spec-00.txt | ||
10 | Category: Informational | ||
11 | Expires August 26, 1997 February 26, 1997 | ||
12 | |||
13 | CIFS Remote Administration Protocol | ||
14 | Preliminary Draft | ||
15 | |||
16 | STATUS OF THIS MEMO | ||
17 | |||
18 | THIS IS A PRELIMINARY DRAFT OF AN INTERNET-DRAFT. IT DOES NOT REPRESENT | ||
19 | THE CONSENSUS OF THE ANY WORKING GROUP. | ||
20 | |||
21 | This document is an Internet-Draft. Internet-Drafts are working | ||
22 | documents of the Internet Engineering Task Force (IETF), its areas, and | ||
23 | its working groups. Note that other groups may also distribute working | ||
24 | documents as Internet-Drafts. | ||
25 | |||
26 | Internet-Drafts are draft documents valid for a maximum of six months | ||
27 | and may be updated, replaced, or obsoleted by other documents at any | ||
28 | time. It is inappropriate to use Internet-Drafts as reference material | ||
29 | or to cite them other than as "work in progress". | ||
30 | |||
31 | To learn the current status of any Internet-Draft, please check the | ||
32 | "1id-abstracts.txt" listing contained in the Internet-Drafts Shadow | ||
33 | Directories on ftp.is.co.za (Africa), nic.nordu.net (Europe), | ||
34 | munnari.oz.au (Pacific Rim), ds.internic.net (US East Coast), or | ||
35 | ftp.isi.edu (US West Coast). | ||
36 | |||
37 | Distribution of this document is unlimited. Please send comments to the | ||
38 | authors or the CIFS mailing list at <cifs@listserv.msn.com>. | ||
39 | Discussions of the mailing list are archived at | ||
40 | <URL:http://microsoft.ease.lsoft.com/archives/cifs.html>. | ||
41 | |||
42 | |||
43 | ABSTRACT | ||
44 | |||
45 | This specification defines how an RPC like mechanism may be implemented | ||
46 | using the Common Internet File System (CIFS) Transact SMB. Specific | ||
47 | examples are provided of how a CIFS client may request a CIFS server to | ||
48 | execute a function. The examples show complete details of the request | ||
49 | sent by the CIFS client and the response from the CIFS server. | ||
50 | |||
51 | |||
52 | Table of Contents | ||
53 | |||
54 | |||
55 | 1.OBJECTIVE...........................................................2 | ||
56 | |||
57 | 2.PREREQUISITES AND SUGGESTED READING.................................2 | ||
58 | |||
59 | 3.REMOTE ADMINISTRATION PROTOCOL OVERVIEW.............................3 | ||
60 | |||
61 | |||
62 | |||
63 | |||
64 | Leach, Naik [Page 1] | ||
65 | |||
66 | |||
67 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
68 | |||
69 | |||
70 | 4.REMOTE ADMINISTRATION PROTOCOL......................................3 | ||
71 | |||
72 | 4.1 NOTATION.........................................................4 | ||
73 | 4.2 DESCRIPTORS......................................................5 | ||
74 | 4.2.1Request Parameter Descriptors.................................5 | ||
75 | 4.2.2Response Parameter Descriptors................................5 | ||
76 | 4.2.3Data Descriptors..............................................6 | ||
77 | 4.3 TRANSACTION REQUEST PARAMETERS SECTION...........................6 | ||
78 | 4.4 TRANSACTION REQUEST DATA SECTION.................................7 | ||
79 | 4.5 TRANSACTION RESPONSE PARAMETERS SECTION..........................7 | ||
80 | 4.6 TRANSACTION RESPONSE DATA SECTION................................7 | ||
81 | |||
82 | 5.NETSHAREENUM........................................................8 | ||
83 | |||
84 | 6.NETSERVERENUM2.....................................................10 | ||
85 | |||
86 | 7.NETSERVERGETINFO...................................................13 | ||
87 | |||
88 | 8.NETSHAREGETINFO....................................................15 | ||
89 | |||
90 | 9.NETWKSTAUSERLOGON..................................................19 | ||
91 | |||
92 | 10. NETWKSTAUSERLOGOFF...............................................24 | ||
93 | |||
94 | 11. NETUSERGETINFO...................................................26 | ||
95 | |||
96 | 12. NETWKSTAGETINFO..................................................30 | ||
97 | |||
98 | 13. SAMOEMCHANGEPASSWORD.............................................32 | ||
99 | |||
100 | 14. AUTHOR'S ADDRESSES...............................................34 | ||
101 | |||
102 | 15. APPENDIX A.......................................................34 | ||
103 | |||
104 | 15.1.1...................................................TRANSACTIONS 36 | ||
105 | |||
106 | 16. APPENDIX B.......................................................38 | ||
107 | |||
108 | 16.1MARSHALING AND UNMARSHALING USING DESCRIPTOR STRINGS............38 | ||
109 | |||
110 | |||
111 | |||
112 | |||
113 | 1. Objective | ||
114 | |||
115 | This document details an RPC like mechanism used by CIFS clients to | ||
116 | submit requests to CIFS servers and obtain the results of the request | ||
117 | back from the server. | ||
118 | |||
119 | For convenience, some sections from the CIFS specification have been | ||
120 | reproduced in part within this document. Note that the CIFS | ||
121 | specification should be considered to be the authoritative reference, in | ||
122 | case of any doubts, rather than this document. | ||
123 | |||
124 | 2. Prerequisites and suggested reading | ||
125 | |||
126 | |||
127 | |||
128 | |||
129 | Leach, Naik [Page 2] | ||
130 | |||
131 | |||
132 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
133 | |||
134 | |||
135 | @ Familiarity with Common Internet File Systems specification (CIFS) | ||
136 | |||
137 | |||
138 | 3. Remote Administration Protocol overview | ||
139 | |||
140 | The Remote Administration Protocol (RAP) is similar to an RPC protocol, | ||
141 | in that: | ||
142 | @ it is an at-most-once synchronous request-response protocol | ||
143 | @ it is a framework that can be used for remotely requesting many | ||
144 | different kinds of services | ||
145 | @ it is designed to allow (but not require) the programming interface | ||
146 | to the protocol to be that of remotely executed procedure calls – | ||
147 | which means that one thinks if the protocol in terms of marshaling | ||
148 | and unmarshaling procedure call input and output arguments into | ||
149 | messages and reliably transporting the messages to and from the | ||
150 | client and server | ||
151 | Each RAP request is characterized by a set of ASCII descriptor strings | ||
152 | that are sufficient to be used to interpretively drive the marshaling | ||
153 | and unmarshaling process, if an implementation wanted to use them for | ||
154 | that purpose. These descriptor strings are included in each request | ||
155 | packet, and make the requests self-describing. | ||
156 | |||
157 | RAP is layered on the CIFS Transact SMB, which provides reliable message | ||
158 | delivery, security, and messages larger than the underlying network | ||
159 | maximum packet size. When used for RAP, the name field in the Transact | ||
160 | SMB is always set to "\PIPE\LANMAN". The Transact SMB is sent on a | ||
161 | session/connection that is established to the remote server using a | ||
162 | SessionSetupAndX SMB, and using a TID obtained by doing a | ||
163 | TreeConnectAndX SMB to a share named "IPC$". | ||
164 | |||
165 | [Refer to the CIFS specification for complete details on SMBs in | ||
166 | general, and the Transact SMB in particular. For convenience, relevant | ||
167 | portions from the CIFS specification have been reproduced here in | ||
168 | Appendix A. Note that the CIFS specification should be considered the | ||
169 | authoritative source of information, rather than Appendix A as far as | ||
170 | details on the Transact SMB are concerned.] | ||
171 | |||
172 | The model of a RAP service is that there are a few parameters as inputs | ||
173 | and outputs to the service, exactly one of which may be a buffer | ||
174 | descriptor that indicates the presence of a potentially much larger | ||
175 | input or output data buffer. An argument may be a scalar, pointer, fixed | ||
176 | length small array or struct, or a buffer descriptor. The data buffer | ||
177 | consists of entries followed by a heap. An entry consists of a primary | ||
178 | data struct and a sequence of 0 or more auxiliary data structs. An | ||
179 | input buffer must contain exactly one entry; an output buffer may | ||
180 | contain 0 or more. The heap is where data is stored that is referenced | ||
181 | by pointers in the entries. The parameters are described by a parameter | ||
182 | descriptor string; the primary data struct by a data descriptor string; | ||
183 | and the auxiliary data structs by an auxiliary data descriptor string. | ||
184 | |||
185 | |||
186 | 4. Remote Administration Protocol | ||
187 | |||
188 | |||
189 | |||
190 | |||
191 | Leach, Naik [Page 3] | ||
192 | |||
193 | |||
194 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
195 | |||
196 | |||
197 | A RAP service request is sent to the server encapsulated in a Transact | ||
198 | request SMB and the server sends back a Transact SMB response. An | ||
199 | attribute of the Transact SMB is that it divides the payload of request | ||
200 | and response messages into two sections: a parameters section and a data | ||
201 | section. As might be expected from the nomenclature, RAP service | ||
202 | parameters are sent in the parameters section of a Transact SMB, and the | ||
203 | data buffer in the data section. Therefore, to define a service | ||
204 | protocol, it is necessary to define the formats of the parameter and | ||
205 | data sections of the Transact request and response. | ||
206 | |||
207 | This is done in two stages. First, a C-like declaration notation is used | ||
208 | to define descriptor strings, and then the descriptor strings define the | ||
209 | formats of the parameter and data sections.. Note well: even though the | ||
210 | declarations may look like a programming interface, they are not: they | ||
211 | are a notation for describing the contents of RAP requests and | ||
212 | responses; an implementation on any particular system can use any | ||
213 | programming interface to RAP services that is appropriate to that | ||
214 | system. | ||
215 | |||
216 | 4.1 Notation | ||
217 | |||
218 | Parameter descriptor strings are defined using a C-like function | ||
219 | declaration; data descriptor and auxiliary data descriptor strings are | ||
220 | defined using a C-like structure declaration. | ||
221 | |||
222 | Parameter descriptor strings are defined with the following C-like | ||
223 | function declaration syntax: | ||
224 | |||
225 | rap-service = "unsigned short" service-name "(" parameters ");" | ||
226 | service-name = <upper and lower case alpha and numeric> | ||
227 | The return type of the function is always "unsigned short", and | ||
228 | represents the status code from the function. The service-name is for | ||
229 | documentation purposes. | ||
230 | |||
231 | parameters = parameter [ ";" parameter ] | ||
232 | The parameter descriptor string for the service is the concatenation of | ||
233 | the descriptor characters for the parameters. | ||
234 | |||
235 | parameter = [ "const" ] param-data-type parameter-name | ||
236 | [ "[" size "]" ] | ||
237 | param-data-type = <from parameter descriptor tables below> | ||
238 | parameter-name = <upper and lower case alpha and numeric> | ||
239 | size = <string of ASCII 0-9> | ||
240 | The descriptor character for a parameter is determined by looking up the | ||
241 | data-type in the tables below for request or response parameter | ||
242 | descriptors. The parameter-name is for documentation purposes. If there | ||
243 | is a size following the parameter-name, then it is placed in the | ||
244 | descriptor string following the descriptor character. | ||
245 | |||
246 | Data and auxiliary data descriptor strings are defined with the | ||
247 | following C-like structure declaration syntax: | ||
248 | |||
249 | rap-struct = "struct" struct-name "{" members "}" | ||
250 | The descriptor string for the struct is the concatenation of the | ||
251 | descriptor characters for the members. The struct-name is for | ||
252 | documentation purposes. | ||
253 | |||
254 | members = member [ ";" member ] | ||
255 | member = member-data-type member-name [ "[" size "]" ] | ||
256 | |||
257 | |||
258 | Leach, Naik [Page 4] | ||
259 | |||
260 | |||
261 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
262 | |||
263 | |||
264 | |||
265 | member-data-type = <from data descriptor tables below> | ||
266 | The descriptor character for a member is determined by looking up the | ||
267 | data-type in the tables below for data descriptors. The member-name is | ||
268 | for documentation purposes. If there is a size following the member- | ||
269 | name, then it is placed in the descriptor string following the | ||
270 | descriptor character. | ||
271 | |||
272 | 4.2 Descriptors | ||
273 | |||
274 | The following section contain tables that specify the descriptor | ||
275 | character and the notation for each data type for that data type. | ||
276 | |||
277 | 4.2.1 Request Parameter Descriptors | ||
278 | |||
279 | |||
280 | Descriptor Data Type Format | ||
281 | ========== ========= ===== | ||
282 | W unsigned short indicates parameter type of 16 bit integer | ||
283 | (word). | ||
284 | D unsigned long indicates parameter type of 32 bit integer | ||
285 | (dword). | ||
286 | b BYTE indicates bytes (octets). May be followed | ||
287 | by an ASCII number indicating number of | ||
288 | bytes.. | ||
289 | O NULL indicates a NULL pointer | ||
290 | z char indicates a NULL terminated ASCII string | ||
291 | present in the parameter area | ||
292 | F PAD indicates Pad bytes (octets). May be | ||
293 | followed by an ASCII number indicating the | ||
294 | number of bytes | ||
295 | r RCVBUF pointer to receive data buffer in response | ||
296 | parameter section | ||
297 | L RCVBUFLEN 16 bit integer containing length of | ||
298 | receive data buffer in (16 bit) words | ||
299 | s SNDBUF pointer to send data buffer in request | ||
300 | parameter section | ||
301 | T SNDBUFLEN 16 bit integer containing length of send | ||
302 | data buffer in words | ||
303 | |||
304 | |||
305 | 4.2.2 Response Parameter Descriptors | ||
306 | |||
307 | |||
308 | Descriptor Data Type Format | ||
309 | ========== ========= ===== | ||
310 | g BYTE * indicates a byte is to be received. May | ||
311 | be followed by an ASCII number indicating | ||
312 | number of bytes to receive | ||
313 | h unsigned short * indicates a word is to be received | ||
314 | i unsigned long * indicates a dword is to be received | ||
315 | e ENTCOUNT indicates a word is to be received which | ||
316 | indicates the number of entries returned | ||
317 | |||
318 | |||
319 | |||
320 | |||
321 | Leach, Naik [Page 5] | ||
322 | |||
323 | |||
324 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
325 | |||
326 | |||
327 | 4.2.3 Data Descriptors | ||
328 | |||
329 | |||
330 | Descriptor Data Type Format | ||
331 | ========== ========= ===== | ||
332 | W unsigned short indicates data type of 16 bit integer | ||
333 | (word). Descriptor char may be followed by | ||
334 | an ASCII number indicating the number of | ||
335 | 16 bit words present | ||
336 | D unsigned long indicates data type of 32 bit integer | ||
337 | (dword). Descriptor char may be followed | ||
338 | by an ASCII number indicating the number | ||
339 | of 32 bit words present | ||
340 | B BYTE indicates item of data type 8 bit byte | ||
341 | (octet). The indicated number of bytes are | ||
342 | present in the data. Descriptor char may | ||
343 | be followed by an ASCII number indicating | ||
344 | the number of 8 bit bytes present | ||
345 | O NULL indicates a NULL pointer | ||
346 | z char * indicates a 32 bit pointer to a NULL | ||
347 | terminated ASCII string is present in the | ||
348 | response parameter area. The actual string | ||
349 | is in the response data area and the | ||
350 | pointer in the parameter area points to | ||
351 | the string in the data area. The high word | ||
352 | of the pointer should be ignored. The | ||
353 | converter word present in the response | ||
354 | parameter section should be subtracted | ||
355 | from the low 16 bit value to obtain an | ||
356 | offset into the data area indicating where | ||
357 | the data area resides. | ||
358 | N AUXCOUNT indicates number of auxiliary data | ||
359 | structures. The transaction response data | ||
360 | section contains an unsigned 16 bit number | ||
361 | corresponding to this data item. | ||
362 | |||
363 | |||
364 | 4.3 Transaction Request Parameters section | ||
365 | |||
366 | The parameters and data being sent and received are described by ASCII | ||
367 | descriptor strings. These descriptor strings are described in section | ||
368 | 4.2. | ||
369 | |||
370 | The parameters section of the Transact SMB request contains the | ||
371 | following (in the order described) | ||
372 | @ The function number: an unsigned short 16 bit integer identifying the | ||
373 | function being remoted | ||
374 | @ The parameter descriptor string: a null terminated ASCII string | ||
375 | @ The data descriptor string: a null terminated ASCII string. | ||
376 | @ The request parameters, as described by the parameter descriptor | ||
377 | string, in the order that the request parameter descriptor characters | ||
378 | appear in the parameter descriptor string | ||
379 | @ An optional auxiliary data descriptor string: a null terminated ASCII | ||
380 | string. It will be present if there is an auxiliary data structure | ||
381 | |||
382 | |||
383 | Leach, Naik [Page 6] | ||
384 | |||
385 | |||
386 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
387 | |||
388 | |||
389 | count in the primary data struct (an "N" descriptor in the data | ||
390 | descriptor string). | ||
391 | |||
392 | RAP requires that the length of the return parameters be less than or | ||
393 | equal to the length of the parameters being sent; this requirement is | ||
394 | made to simply buffer management in implementations. This is reasonable | ||
395 | as the functions were designed to return data in the data section and | ||
396 | use the return parameters for items like data length, handles, etc. If | ||
397 | need be, this restriction can be circumvented by filling in some pad | ||
398 | bytes into the parameters being sent. | ||
399 | |||
400 | 4.4 Transaction Request Data section | ||
401 | |||
402 | The Data section for the transaction request is present if the parameter | ||
403 | description string contains an "s" (SENDBUF) descriptor. If present, it | ||
404 | contains: | ||
405 | @ A primary data struct, as described by the data descriptor string | ||
406 | @ Zero or more instances of the auxiliary data struct, as described by | ||
407 | the auxiliary data descriptor string. The number of instances is | ||
408 | determined by the value of the an auxiliary data structure count | ||
409 | member of the primary data struct, indicated by the "N" (AUXCOUNT) | ||
410 | descriptor. The auxiliary data is present only if the auxiliary data | ||
411 | descriptor string is non null. | ||
412 | @ Possibly some pad bytes | ||
413 | @ The heap: the data referenced by pointers in the primary and | ||
414 | auxiliary data structs. | ||
415 | |||
416 | 4.5 Transaction Response Parameters section | ||
417 | |||
418 | The response sent by the server contains a parameter section which | ||
419 | consists of: | ||
420 | @ A 16 bit integer indicating the status or return code. The possible | ||
421 | values for different functions are different. | ||
422 | @ A 16 bit converter word, used adjust pointers to information in the | ||
423 | response data section. Pointers returned within the response buffer | ||
424 | are 32 bit pointers. The high order 16 bit word should be ignored. | ||
425 | The converter word needs to be subtracted from the low order 16 bit | ||
426 | word to arrive at an offset into the response buffer. | ||
427 | @ The response parameters, as described by the parameter descriptor | ||
428 | string, in the order that the response parameter descriptor | ||
429 | characters appear in the parameter descriptor string. | ||
430 | |||
431 | 4.6 Transaction Response Data section | ||
432 | |||
433 | The Data section for the transaction response is present if the | ||
434 | parameter description string contains an "r" (RCVBUF) descriptor. If | ||
435 | present, it contains: | ||
436 | @ Zero or more entries. The number of entries is determined by the | ||
437 | value of the entry count parameter, indicated by the "e"(ENTCOUNT) | ||
438 | descriptor. Each entry contains: | ||
439 | @ A primary data struct, as described by the data descriptor | ||
440 | string | ||
441 | @ Zero or more instances of the auxiliary data struct, as | ||
442 | described by the auxiliary data descriptor string. The number | ||
443 | |||
444 | |||
445 | Leach, Naik [Page 7] | ||
446 | |||
447 | |||
448 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
449 | |||
450 | |||
451 | of instances is determined by the value of the AUXCOUNT | ||
452 | member of the primary data struct (whose descriptor is "N"). | ||
453 | The auxiliary data is present only if the auxiliary data | ||
454 | descriptor string is non null. | ||
455 | @ Possibly some pad bytes | ||
456 | @ The heap: the data referenced by pointers in the primary and | ||
457 | auxiliary data structs. | ||
458 | |||
459 | 5. NetShareEnum | ||
460 | |||
461 | The NetShareEnum RAP function retrieves information about each shared | ||
462 | resource on a CIFS server. The definition is: | ||
463 | |||
464 | unsigned short NetShareEnum( | ||
465 | unsigned short sLevel; | ||
466 | RCVBUF pbBuffer; | ||
467 | RCVBUFLEN cbBuffer; | ||
468 | ENTCOUNT pcEntriesRead; | ||
469 | unsigned short *pcTotalAvail; | ||
470 | ); | ||
471 | |||
472 | where: | ||
473 | |||
474 | sLevel specifies the level of detail returned and must have the | ||
475 | value of 1. | ||
476 | |||
477 | pbBuffer points to the buffer to receive the returned data. If the | ||
478 | function is successful, the buffer contains a sequence of | ||
479 | SHARE_INFO_1 structures (defined later). | ||
480 | |||
481 | cbBuffer specifies the size, in bytes, of the buffer pointed to by | ||
482 | the pbBuffer parameter. | ||
483 | |||
484 | pcEntriesRead points to a 16 bit variable that receives a count of | ||
485 | the number of shared resources enumerated in the buffer. This | ||
486 | count is valid only if NetShareEnum returns the NERR_Success or | ||
487 | ERROR_MORE_DATA values. | ||
488 | |||
489 | pcTotalAvail points to a 16-bit variable that receives a count of | ||
490 | the total number of shared resources. This count is valid only if | ||
491 | NetShareEnum returns the NERR_Success or ERROR_MORE_DATA values. | ||
492 | |||
493 | Transaction Request Parameters section | ||
494 | |||
495 | The Transaction request parameters section in this instance contains: | ||
496 | |||
497 | @ The 16 bit function number for NetShareEnum which is 0. | ||
498 | @ The parameter descriptor string which is "WrLeh". | ||
499 | @ The data descriptor string for the (returned) data which is "B13BWz" | ||
500 | @ The actual parameters as described by the parameter descriptor | ||
501 | string. | ||
502 | |||
503 | The parameters are: | ||
504 | @ A 16 bit integer with a value of 1 (corresponding to the "W" in the | ||
505 | parameter descriptor string. This represents the level of detail the | ||
506 | server is expected to return | ||
507 | |||
508 | |||
509 | Leach, Naik [Page 8] | ||
510 | |||
511 | |||
512 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
513 | |||
514 | |||
515 | @ A 16 bit integer that contains the size of the receive buffer. | ||
516 | |||
517 | |||
518 | Transaction Request Data section | ||
519 | |||
520 | There is no data or auxiliary data to send as part of the request. | ||
521 | |||
522 | |||
523 | Transaction Response Parameters section | ||
524 | |||
525 | The transaction response parameters section consists of: | ||
526 | @ A 16 bit word indicating the return status. The possible values are: | ||
527 | |||
528 | Code Value Description | ||
529 | NERR_Success 0 No errors encountered | ||
530 | ERROR_ACCESS_DENIED 5 User has insufficient privilege | ||
531 | ERROR_NETWORK_ACCESS_DENIED 65 Network access is denied | ||
532 | ERROR_MORE_DATA 234 Additional data is available | ||
533 | NERR_ServerNotStarted 2114 The server service on the remote | ||
534 | computer is not running | ||
535 | NERR_BadTransactConfig 2141 The server is not configured for | ||
536 | transactions, IPC$ is not shared | ||
537 | |||
538 | @ A 16 bit "converter" word. | ||
539 | @ A 16 bit number representing the number of entries returned. | ||
540 | @ A 16 bit number representing the total number of available entries. | ||
541 | If the supplied buffer is large enough, this will equal the number of | ||
542 | entries returned. | ||
543 | |||
544 | Transaction Response Data section | ||
545 | |||
546 | The return data section consists of a number of SHARE_INFO_1 structures. | ||
547 | The number of such structures present is determined by the third entry | ||
548 | (described above) in the return parameters section. | ||
549 | |||
550 | |||
551 | The SHARE_INFO_1 structure is defined as: | ||
552 | |||
553 | struct SHARE_INFO_1 { | ||
554 | char shi1_netname[13] | ||
555 | char shi1_pad; | ||
556 | unsigned short shi1_type | ||
557 | char *shi1_remark; | ||
558 | } | ||
559 | |||
560 | where: | ||
561 | |||
562 | shi1_netname contains a null terminated ASCII string that | ||
563 | specifies the share name of the resource. | ||
564 | |||
565 | shi1_pad aligns the next data strructure element to a word | ||
566 | boundary. | ||
567 | |||
568 | shi1_type contains an integer that specifies the type of the | ||
569 | shared resource. The possible values are: | ||
570 | |||
571 | |||
572 | |||
573 | Leach, Naik [Page 9] | ||
574 | |||
575 | |||
576 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
577 | |||
578 | |||
579 | |||
580 | |||
581 | Name Value Description | ||
582 | STYPE_DISKTREE 0 Disk Directory Tree | ||
583 | STYPE_PRINTQ 1 Printer Queue | ||
584 | STYPE_DEVICE 2 Communications device | ||
585 | STYPE_IPC 3 Inter process communication (IPC) | ||
586 | |||
587 | shi1_remark points to a null terminated ASCII string that contains | ||
588 | a comment abthe shared resource. The value for shi1_remark is null | ||
589 | for ADMIN$ and IPC$ share names. The shi1_remark pointer is a 32 | ||
590 | bit pointer. The higher 16 bits need to be ignored. The converter | ||
591 | word returned in the parameters section needs to be subtracted | ||
592 | from the lower 16 bits to calculate an offset into the return | ||
593 | buffer where this ASCII string resides. | ||
594 | |||
595 | In case there are multiple SHARE_INFO_1 data structures to return, | ||
596 | the server may put all these fixed length structures in the return | ||
597 | buffer, leave some space and then put all the variable length data | ||
598 | (the actual value of the shi1_remark strings) at the end of the | ||
599 | buffer. | ||
600 | |||
601 | There is no auxiliary data to receive. | ||
602 | |||
603 | |||
604 | 6. NetServerEnum2 | ||
605 | |||
606 | The NetServerEnum2 RAP service lists all computers of the specified | ||
607 | type or types that are visible in the specified domains. It may also | ||
608 | enumerate domains. The definition is: | ||
609 | |||
610 | unsigned short NetServerEnum2 ( | ||
611 | unsigned short sLevel, | ||
612 | RCVBUF pbBuffer, | ||
613 | RCVBUFLEN cbBuffer, | ||
614 | ENTCOUNT pcEntriesRead, | ||
615 | unsigned short *pcTotalAvail, | ||
616 | unsigned long fServerType, | ||
617 | char *pszDomain, | ||
618 | ); | ||
619 | |||
620 | where : | ||
621 | |||
622 | sLevel specifies the level of detail (0 or 1) requested. | ||
623 | |||
624 | pbBuffer points to the buffer to receive the returned data. If the | ||
625 | function is successful, the buffer contains a sequence of | ||
626 | server_info_x structures, where x is 0 or 1, depending on the | ||
627 | level of detail requested. | ||
628 | |||
629 | cbBuffer specifies the size, in bytes, of the buffer pointed to by | ||
630 | the pbBuffer parameter. | ||
631 | |||
632 | pcEntriesRead points to a 16 bit variable that receives a count of | ||
633 | the number of servers enumerated in the buffer. This count is | ||
634 | |||
635 | |||
636 | |||
637 | Leach, Naik [Page 10] | ||
638 | |||
639 | |||
640 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
641 | |||
642 | |||
643 | valid only if NetServerEnum2 returns the NERR_Success or | ||
644 | ERROR_MORE_DATA values. | ||
645 | |||
646 | pcTotal Avail points to a 16 bit variable that receives a count of | ||
647 | the total number of available entries. This count is valid only if | ||
648 | NetServerEnum2 returns the NERR_Success or ERROR_MORE_DATA values. | ||
649 | |||
650 | fServerType specifies the type or types of computers to enumerate. | ||
651 | Computers that match at least one of the specified types are | ||
652 | returned in the buffer. Possible values are defined in the request | ||
653 | parameters section. | ||
654 | |||
655 | pszDomain points to a null-terminated string that contains the | ||
656 | name of the workgroup in which to enumerate computers of the | ||
657 | specified type or types. If the pszDomain parameter is a null | ||
658 | string or a null pointer, servers are enumerated for the current | ||
659 | domain of the computer. | ||
660 | |||
661 | Transaction Request Parameters section | ||
662 | |||
663 | The Transaction request parameters section in this instance contains: | ||
664 | |||
665 | @ The 16 bit function number for NetServerEnum2 which is 104. | ||
666 | @ The parameter descriptor string which is "WrLehDz". | ||
667 | @ The data descriptor string for the (returned) data which is "B16" for | ||
668 | level detail 0 or "B16BBDz" for level detail 1. | ||
669 | @ The actual parameters as described by the parameter descriptor | ||
670 | string. | ||
671 | |||
672 | The parameters are: | ||
673 | @ A 16 bit integer with a value of 0 or 1 (corresponding to the "W" in | ||
674 | the parameter descriptor string. This represents the level of detail | ||
675 | the server is expected to return | ||
676 | @ A 16 bit integer that contains the size of the receive buffer. | ||
677 | @ A 32 bit integer that represents the type of servers the function | ||
678 | should enumerate. The possible values may be any of the following or | ||
679 | a combination of the following: | ||
680 | |||
681 | |||
682 | SV_TYPE_WORKSTATION 0x00000001 All workstations | ||
683 | SV_TYPE_SERVER 0x00000002 All servers | ||
684 | SV_TYPE_SQLSERVER 0x00000004 Any server running with SQL | ||
685 | server | ||
686 | SV_TYPE_DOMAIN_CTRL 0x00000008 Primary domain controller | ||
687 | SV_TYPE_DOMAIN_BAKCTRL 0x00000010 Backup domain controller | ||
688 | SV_TYPE_TIME_SOURCE 0x00000020 Server running the timesource | ||
689 | service | ||
690 | SV_TYPE_AFP 0x00000040 Apple File Protocol servers | ||
691 | SV_TYPE_NOVELL 0x00000080 Novell servers | ||
692 | SV_TYPE_DOMAIN_MEMBER 0x00000100 Domain Member | ||
693 | SV_TYPE_PRINTQ_SERVER 0x00000200 Server sharing print queue | ||
694 | SV_TYPE_DIALIN_SERVER 0x00000400 Server running dialin service. | ||
695 | SV_TYPE_XENIX_SERVER 0x00000800 Xenix server | ||
696 | SV_TYPE_NT 0x00001000 NT server | ||
697 | SV_TYPE_WFW 0x00002000 Server running Windows for | ||
698 | |||
699 | |||
700 | |||
701 | Leach, Naik [Page 11] | ||
702 | |||
703 | |||
704 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
705 | |||
706 | |||
707 | Workgroups | ||
708 | SV_TYPE_SERVER_NT 0x00008000 Windows NT non DC server | ||
709 | SV_TYPE_POTENTIAL_BROWSER 0x00010000 Server that can run the browser | ||
710 | service | ||
711 | SV_TYPE_BACKUP_BROWSER 0x00020000 Backup browser server | ||
712 | SV_TYPE_MASTER_BROWSER 0x00040000 Master browser server | ||
713 | SV_TYPE_DOMAIN_MASTER 0x00080000 Domain Master Browser server | ||
714 | SV_TYPE_LOCAL_LIST_ONLY 0x40000000 Enumerate only entries marked | ||
715 | "local" | ||
716 | SV_TYPE_DOMAIN_ENUM 0x80000000 Enumerate Domains. The pszServer | ||
717 | and pszDomain parameters must be | ||
718 | NULL. | ||
719 | |||
720 | @ A null terminated ASCII string representing the pszDomain parameter | ||
721 | described above | ||
722 | |||
723 | Transaction Request Data section | ||
724 | |||
725 | There is no data or auxiliary data to send as part of the request. | ||
726 | |||
727 | Transaction Response Parameters section | ||
728 | |||
729 | The transaction response parameters section consists of: | ||
730 | @ A 16 bit word indicating the return status. The possible values are: | ||
731 | |||
732 | Code Value Description | ||
733 | NERR_Success 0 No errors encountered | ||
734 | ERROR_MORE_DATA 234 Additional data is available | ||
735 | NERR_ServerNotStarted 2114 The RAP service on the remote | ||
736 | computer is not running | ||
737 | NERR_BadTransactConfig 2141 The server is not configured for | ||
738 | transactions, IPC$ is not shared | ||
739 | |||
740 | @ A 16 bit "converter" word. | ||
741 | @ A 16 bit number representing the number of entries returned. | ||
742 | @ A 16 bit number representing the total number of available entries. | ||
743 | If the supplied buffer is large enough, this will equal the number of | ||
744 | entries returned. | ||
745 | |||
746 | Transaction Response Data section | ||
747 | |||
748 | The return data section consists of a number of SHARE_INFO_1 structures. | ||
749 | The number of such structures present is determined by the third entry | ||
750 | (described above) in the return parameters section. | ||
751 | |||
752 | At level detail 0, the Transaction response data section contains a | ||
753 | number of SERVER_INFO_0 data structure. The number of such structures is | ||
754 | equal to the 16 bit number returned by the server in the third parameter | ||
755 | in the Transaction response parameter section. The SERVER_INFO_0 data | ||
756 | structure is defined as: | ||
757 | |||
758 | |||
759 | struct SERVER_INFO_0 { | ||
760 | char sv0_name[16]; | ||
761 | }; | ||
762 | |||
763 | |||
764 | Leach, Naik [Page 12] | ||
765 | |||
766 | |||
767 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
768 | |||
769 | |||
770 | |||
771 | where: | ||
772 | |||
773 | sv0_name is a null-terminated string that specifies the name of a | ||
774 | computer or domain . | ||
775 | |||
776 | At level detail 1, the Transaction response data section contains a | ||
777 | number of SERVER_INFO_1 data structure. The number of such structures is | ||
778 | equal to the 16 bit number returned by the server in the third parameter | ||
779 | in the Transaction response parameter section. The SERVER_INFO_1 data | ||
780 | structure is defined as: | ||
781 | |||
782 | |||
783 | struct SERVER_INFO_1 { | ||
784 | char sv1_name[16]; | ||
785 | char sv1_version_major; | ||
786 | char sv1_version_minor; | ||
787 | unsigned long sv1_type; | ||
788 | char *sv1_comment_or_master_browser; | ||
789 | }; | ||
790 | |||
791 | sv1_name contains a null-terminated string that specifies the name | ||
792 | of a computer. | ||
793 | |||
794 | sv1_version_major specifies the major release version number of | ||
795 | the networking software the server is running. This is entirely | ||
796 | informational and something the caller of the NetServerEnum2 | ||
797 | function gets to see. | ||
798 | |||
799 | sv1_version_minor specifies the minor release version number of | ||
800 | the networking software the server is running. This is entirely | ||
801 | informational and something the caller of the NetServerEnum2 | ||
802 | function gets to see. | ||
803 | |||
804 | sv1_type specifies the type of software the computer is running. | ||
805 | The member can be one or a combination of the values defined above | ||
806 | in the Transaction request parameters section for fServerType. | ||
807 | |||
808 | sv1_comment_or_master_browser points to a null-terminated string. If | ||
809 | the sv1_type indicates that the entry is for a domain, this | ||
810 | specifies the name of the domain master browser; otherwise, it | ||
811 | specifies a comment describing the server. The comment can be a null | ||
812 | string or the pointer may be a null pointer. | ||
813 | |||
814 | In case there are multiple SERVER_INFO_1 data structures to | ||
815 | return, the server may put all these fixed length structures in | ||
816 | the return buffer, leave some space and then put all the variable | ||
817 | length data (the actual value of the sv1_comment strings) at the | ||
818 | end of the buffer. | ||
819 | |||
820 | There is no auxiliary data to receive. | ||
821 | |||
822 | 7. NetServerGetInfo | ||
823 | |||
824 | |||
825 | |||
826 | |||
827 | |||
828 | Leach, Naik [Page 13] | ||
829 | |||
830 | |||
831 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
832 | |||
833 | |||
834 | The NetServerGetInfo function returns information about the specified | ||
835 | server. The definition is: | ||
836 | |||
837 | unsigned short NetServerGetInfo( | ||
838 | unsigned short sLevel; | ||
839 | RCVBUF pbBuffer; | ||
840 | |||
841 | RCVBUFLEN cbBuffer; | ||
842 | unsigned short *pcbTotalAvail; | ||
843 | ); | ||
844 | |||
845 | where: | ||
846 | |||
847 | sLevel specifies the level of detail returned. (Legal values are | ||
848 | 0 and 1) | ||
849 | |||
850 | pbBuffer points to the buffer to receive the returned data. | ||
851 | |||
852 | cbBuffer specifies the size, in bytes, of the buffer pointed to by | ||
853 | the pbBuffer parameter. | ||
854 | |||
855 | pcbTotalAvail points to a 16 bit variable that receives a count of | ||
856 | the total number of bytes of information available. This count is | ||
857 | valid only if NetServerGetInfo returns the | ||
858 | NERR_Success or ERROR_MORE_DATA values. | ||
859 | |||
860 | The return value is one of the following: | ||
861 | |||
862 | Transaction Request Parameters section | ||
863 | |||
864 | The Transaction request parameters section in this instance contains: | ||
865 | |||
866 | @ The 16 bit function number for NetServerGetInfo which is 13. | ||
867 | @ The parameter descriptor string which is "WrLh" | ||
868 | @ The data descriptor string for the (returned) data which is "B16" for | ||
869 | level detail 0 or "B16BBDz" for level detail 1. | ||
870 | @ The actual parameters as described by the parameter descriptor | ||
871 | string. | ||
872 | |||
873 | The parameters are: | ||
874 | @ A 16 bit integer with a value of 0 or 1 (corresponding to the "W" in | ||
875 | the parameter descriptor string. This represents the level of detail | ||
876 | the server is expected to return | ||
877 | @ A 16 bit integer that contains the size of the receive buffer. | ||
878 | |||
879 | Transaction Request Data section | ||
880 | |||
881 | There is no data or auxiliary data to send as part of the request. | ||
882 | |||
883 | Transaction Response Parameters section | ||
884 | |||
885 | The transaction response parameters section consists of: | ||
886 | @ A 16 bit word indicating the return status. The possible values are: | ||
887 | Code Value Description | ||
888 | NERR_Success 0 No errors encountered | ||
889 | |||
890 | |||
891 | |||
892 | Leach, Naik [Page 14] | ||
893 | |||
894 | |||
895 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
896 | |||
897 | |||
898 | ERROR_MORE_DATA 234 Additional data is available | ||
899 | NERR_ServerNotStarted 2114 The RAP service on the remote | ||
900 | computer is not running | ||
901 | NERR_BadTransactConfig 2141 The server is not configured for | ||
902 | transactions, IPC$ is not shared | ||
903 | |||
904 | @ A 16 bit "converter" word. | ||
905 | @ A 16 bit number representing the total number of available bytes. | ||
906 | This has meaning only if the return status is NERR_Success or | ||
907 | ERROR_MORE_DATA. In case of success, this will indicate the number of | ||
908 | useful bytes available. In case of failure, this indicates the | ||
909 | required size of the receive buffer. | ||
910 | |||
911 | Transaction Response Data section | ||
912 | |||
913 | At level detail 0, the Transaction response data section contains a | ||
914 | SERVER_INFO_0 data structure. The SERVER_INFO_0 data structure is | ||
915 | defined in section 7.4 | ||
916 | |||
917 | At level detail 1, the Transaction response data section contains a | ||
918 | SERVER_INFO_1 data structure. The SERVER_INFO_1 data structure is | ||
919 | defined in section 7.4 | ||
920 | |||
921 | There is no auxiliary data to receive. | ||
922 | |||
923 | 8. NetShareGetInfo | ||
924 | |||
925 | The NetShareGetInfo function retrieves information about a particular | ||
926 | shared resource on a CIFS server. The definition is: | ||
927 | |||
928 | unsigned short NetShareGetInfo( | ||
929 | char *pszNetName; | ||
930 | unsigned short sLevel; | ||
931 | RCVBUF pbBuffer; | ||
932 | RCVBUFLEN cbBuffer; | ||
933 | unsigned short *pcbTotalAvail; | ||
934 | ); | ||
935 | |||
936 | where: | ||
937 | |||
938 | pszNetName points to an ASCII null-terminated string specifying | ||
939 | the name of the shared resource for which information should be | ||
940 | retrieved. | ||
941 | |||
942 | sLevel specifies the level of detail returned. (Legal values are | ||
943 | 0, 1 and 2) | ||
944 | |||
945 | pbBuffer points to the buffer to receive the returned data. | ||
946 | |||
947 | cbBuffer specifies the size, in bytes, of the buffer pointed to by | ||
948 | the pbBuffer parameter. | ||
949 | |||
950 | pcbTotalAvail points to a 16 bit variable that receives a count of | ||
951 | the total number of bytes of information available. This count is | ||
952 | |||
953 | |||
954 | |||
955 | |||
956 | Leach, Naik [Page 15] | ||
957 | |||
958 | |||
959 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
960 | |||
961 | |||
962 | valid only if NetShareGetInfo returns the NERR_Success or | ||
963 | ERROR_MORE_DATA values. | ||
964 | |||
965 | Transaction Request Parameters section | ||
966 | |||
967 | The Transaction request parameters section in this instance contains: | ||
968 | |||
969 | @ The 16 bit function number for NetServerGetInfo which is 1. | ||
970 | @ The parameter descriptor string which is "zWrLh" | ||
971 | @ The data descriptor string for the (returned) data which is "B13" for | ||
972 | level detail 0 or "B13BWz" for level detail 1 or "B13BWzWWWzB9B" | ||
973 | for level detail 2. | ||
974 | @ The actual parameters as described by the parameter descriptor | ||
975 | string. | ||
976 | |||
977 | The parameters are: | ||
978 | @ A null terminated ASCII string indicating the share for which | ||
979 | information should be retrieved. | ||
980 | @ A 16 bit integer with a value of 0, 1 or 2 (corresponding to the "W" | ||
981 | in the parameter descriptor string. This represents the level of | ||
982 | detail the server is expected to return | ||
983 | @ A 16 bit integer that contains the size of the receive buffer. | ||
984 | |||
985 | Transaction Request Data section | ||
986 | |||
987 | There is no data or auxiliary data to send as part of the request. | ||
988 | |||
989 | Transaction Response Parameters section | ||
990 | |||
991 | The transaction response parameters section consists of: | ||
992 | @ A 16 bit word indicating the return status. The possible values are: | ||
993 | Code Value Description | ||
994 | NERR_Success 0 No errors encountered | ||
995 | ERROR_MORE_DATA 234 Additional data is available | ||
996 | NERR_ServerNotStarted 2114 The RAP service on the remote | ||
997 | computer is not running | ||
998 | NERR_BadTransactConfig 2141 The server is not configured for | ||
999 | transactions, IPC$ is not shared | ||
1000 | |||
1001 | @ A 16 bit "converter" word. | ||
1002 | @ A 16 bit number representing the total number of available bytes. | ||
1003 | This has meaning only if the return status is NERR_Success or | ||
1004 | ERROR_MORE_DATA. Upon success, this number indicates the number of | ||
1005 | useful bytes available. Upon failure, this indicates how big the | ||
1006 | receive buffer needs to be. | ||
1007 | |||
1008 | Transaction Response Data section | ||
1009 | |||
1010 | At level detail 0, the Transaction response data section contains a | ||
1011 | SHARE_INFO_0 data structure, which is defined as: | ||
1012 | |||
1013 | |||
1014 | struct SHARE_INFO_0 { | ||
1015 | char shi1_netname[13] | ||
1016 | } | ||
1017 | |||
1018 | |||
1019 | |||
1020 | Leach, Naik [Page 16] | ||
1021 | |||
1022 | |||
1023 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
1024 | |||
1025 | |||
1026 | |||
1027 | |||
1028 | where: | ||
1029 | |||
1030 | shi0_netname contains an ASCIIZ string that specifies the share | ||
1031 | name of the resource. | ||
1032 | |||
1033 | At level detail 1, the Transaction response data section contains a | ||
1034 | SHARE_INFO_1 data structure, which is defined as: | ||
1035 | |||
1036 | |||
1037 | struct SHARE_INFO_1 { | ||
1038 | char shi1_netname[13] | ||
1039 | char shi1_pad; | ||
1040 | unsigned short shi1_type | ||
1041 | char *shi1_remark; | ||
1042 | } | ||
1043 | |||
1044 | |||
1045 | where | ||
1046 | |||
1047 | shi1_netname contains an ASCIIZ string that specifies the share | ||
1048 | name of the resource. | ||
1049 | |||
1050 | shi1_pad aligns the next data structure element to a word | ||
1051 | boundary. | ||
1052 | |||
1053 | shi1_type contains an integer that specifies the type of the | ||
1054 | shared resource. The possible values are: | ||
1055 | |||
1056 | Name Value Description | ||
1057 | STYPE_DISKTREE 0 Disk Directory Tree | ||
1058 | STYPE_PRINTQ 1 Printer Queue | ||
1059 | STYPE_DEVICE 2 Communications device | ||
1060 | STYPE_IPC 3 Inter process communication (IPC) | ||
1061 | |||
1062 | |||
1063 | shi1_remark points to a null-terminated string that specifies a | ||
1064 | comment describing the share. The comment can be a null string or | ||
1065 | the pointer may be a null pointer. | ||
1066 | The shi1_remark pointer is a 32 bit pointer. The higher 16 bits | ||
1067 | must be ignored. The converter word returned in the parameters | ||
1068 | section needs to be subtracted from the lower 16 bits to calculate | ||
1069 | an offset into the return buffer where this ASCII string resides. | ||
1070 | |||
1071 | At level detail 2, the Transaction response data section contains a | ||
1072 | SHARE_INFO_2 data structure, which is defined as: | ||
1073 | |||
1074 | |||
1075 | struct SHARE_INFO_2 { | ||
1076 | char shi2_netname[13] | ||
1077 | char shi2_pad; | ||
1078 | unsigned short shi2_type | ||
1079 | char * shi2_remark; | ||
1080 | unsigned short shi2_permissions; | ||
1081 | unsigned short shi2_max_uses; | ||
1082 | unsigned short shi2_current_uses; | ||
1083 | unsigned short shi2_path; | ||
1084 | unsigned short shi2_passwd[9] | ||
1085 | |||
1086 | |||
1087 | |||
1088 | Leach, Naik [Page 17] | ||
1089 | |||
1090 | |||
1091 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
1092 | |||
1093 | |||
1094 | |||
1095 | unsigned short shi2_pad2; | ||
1096 | } | ||
1097 | |||
1098 | where | ||
1099 | |||
1100 | shi2_netname contains a null terminated ASCII string that | ||
1101 | specifies the share name of the resource. | ||
1102 | |||
1103 | shi2_pad aligns the next data strructure element to a word | ||
1104 | boundary. | ||
1105 | |||
1106 | shi2_type contains an integer that specifies the type of the | ||
1107 | shared resource. The possible values are: | ||
1108 | |||
1109 | |||
1110 | Name Value Description | ||
1111 | STYPE_DISKTREE 0 Disk Directory Tree | ||
1112 | STYPE_PRINTQ 1 Printer Queue | ||
1113 | STYPE_DEVICE 2 Communications device | ||
1114 | STYPE_IPC 3 Inter process | ||
1115 | communication (IPC) | ||
1116 | |||
1117 | |||
1118 | shi2_remark is a pointer to a null terminated ASCII string | ||
1119 | specifying a comment for the share | ||
1120 | |||
1121 | shi2_permissions specifies the permissions on the shared resource | ||
1122 | if the CIFS server is operating with share level security. The | ||
1123 | values are this element can take are defined as a series of bit | ||
1124 | masks that may be OR’ed with each other. The bit mask values are: | ||
1125 | |||
1126 | |||
1127 | Name Bit Mask Value Description | ||
1128 | ACCESS_READ 0x01 Permission to read & execute from resource | ||
1129 | ACCESS_WRITE 0x02 Permission to write data to resource | ||
1130 | ACCESS_CREATE 0x04 Permission to create an instance of the | ||
1131 | resource | ||
1132 | ACCESS_EXEC 0x08 Permission to execute from resource | ||
1133 | ACCESS_DELETE 0x10 Permission to delete the resource | ||
1134 | ACCESS_ATRIB 0x20 Permission to modify the resource | ||
1135 | attributes such as date & time of last | ||
1136 | modification, etc | ||
1137 | ACCESS_PERM 0x40 Permission to change permissions on the | ||
1138 | resource | ||
1139 | ACCESS_ALL 0x7F All of the above permissions | ||
1140 | |||
1141 | shi2_max_uses specifies the maximum number of current uses the | ||
1142 | shared resource can accommodate. A Value of -1 indicates there is | ||
1143 | no limit. | ||
1144 | |||
1145 | shi2_current_uses specifies the current number of connections to | ||
1146 | the resource | ||
1147 | |||
1148 | shi2_path point to an ASCIIZ string that contains the local (on | ||
1149 | the remote CIFS server) path name of the shared resource. | ||
1150 | |||
1151 | |||
1152 | |||
1153 | |||
1154 | Leach, Naik [Page 18] | ||
1155 | |||
1156 | |||
1157 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
1158 | |||
1159 | |||
1160 | @ For printer resources, shi2_path specifies the name of the | ||
1161 | printer queue being shared | ||
1162 | @ For disk devices, shi2_path specifies the path being shared | ||
1163 | @ For communication device queues, shi2_path specifies the name of | ||
1164 | the of the communication device | ||
1165 | @ For ADMIN$ or IPC$ resources, shi2_path must be a null pointer | ||
1166 | |||
1167 | shi2_passwd specifies the password for the resource in case the | ||
1168 | CIFS server is running with share level security. For CIFS servers | ||
1169 | running with user level security, this field is set to null and is | ||
1170 | ignored. | ||
1171 | |||
1172 | shi2_pad2 is just a pad byte | ||
1173 | |||
1174 | All of the pointers to an ASCII string in this data structure | ||
1175 | (shi2_remark and shi2_path) need to be treated specially. The | ||
1176 | pointer is a 32 bit pointer. The higher 16 bits need to be | ||
1177 | ignored. The converter word returned in the parameters section | ||
1178 | needs to be subtracted from the lower 16 bits to calculate an | ||
1179 | offset into the return buffer where this ASCII string resides. | ||
1180 | |||
1181 | |||
1182 | There is no auxiliary data in the response. | ||
1183 | |||
1184 | 9. NetwkstaUserLogon | ||
1185 | |||
1186 | This is a function executed on a remote CIFS server to log on a user. | ||
1187 | The purpose is to perform checks such as whether the specified user is | ||
1188 | permitted to logon from the specified computer, whether the specified | ||
1189 | user is permitted to log on at the given moment, etc. as well as perform | ||
1190 | housekeeping and statistics updates. | ||
1191 | |||
1192 | There is a password field in the parameters for this function. However, | ||
1193 | this field is always set to null before the function is sent on the | ||
1194 | wire, in order to preserve security. The remote CIFS server ignores this | ||
1195 | meaningless password that is sent. The remote CIFS server ensures | ||
1196 | security by checking that the user name and computer name that are in | ||
1197 | the request parameters are the same used to establish the session and | ||
1198 | connection to the IPC$ share on the remote CIFS server. | ||
1199 | |||
1200 | The definition is: | ||
1201 | |||
1202 | unsigned short NetWkstaUserLogon( | ||
1203 | char *reserved1; | ||
1204 | char *reserved2; | ||
1205 | unsigned short sLevel; | ||
1206 | BYTE bReqBuffer[54]; | ||
1207 | unsigned short cbReqBuffer; | ||
1208 | RCVBUF pbBuffer; | ||
1209 | RCVBUFLEN cbBuffer; | ||
1210 | unsigned short *pcbTotalAvail; | ||
1211 | ); | ||
1212 | |||
1213 | where: | ||
1214 | |||
1215 | |||
1216 | |||
1217 | |||
1218 | Leach, Naik [Page 19] | ||
1219 | |||
1220 | |||
1221 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
1222 | |||
1223 | |||
1224 | reserved1 and reserved2 are reserved fields and must be null. | ||
1225 | |||
1226 | sLevel specifies the level of detail returned. The only legal | ||
1227 | value is 1. | ||
1228 | |||
1229 | pbReqBuffer points to the request buffer. This buffer contains | ||
1230 | parameters that need to be sent to the server. The actual value | ||
1231 | and structure is defined in the Transaction Request Parameters | ||
1232 | section. | ||
1233 | |||
1234 | cbReqBuffer specifies the size, in bytes, of the buffer pointed to | ||
1235 | by the pbReqBuffer parameter. The value must be decimal 54. | ||
1236 | |||
1237 | pbBuffer points to the buffer to receive the returned data. | ||
1238 | |||
1239 | cbBuffer specifies the size, in bytes, of the buffer pointed to by | ||
1240 | the pbBuffer parameter. | ||
1241 | |||
1242 | pcbTotalAvail is a pointer to an unsigned short which gets filled | ||
1243 | with the total number of data bytes available if the function | ||
1244 | succeeds. | ||
1245 | |||
1246 | Transaction Request Parameters section | ||
1247 | |||
1248 | The Transaction request parameters section in this instance contains: | ||
1249 | |||
1250 | @ The 16 bit function number for NetWkstaUserLogon which is 132. | ||
1251 | @ The parameter descriptor string which is "OOWb54WrLh" | ||
1252 | @ The data descriptor string for the (returned) data which is | ||
1253 | "WB21BWDWWDDDDDDDzzzD" | ||
1254 | @ The actual parameters as described by the parameter descriptor | ||
1255 | string. | ||
1256 | |||
1257 | The parameters are: | ||
1258 | @ A 16 bit integer with a value of 1 (corresponding to the "W" in the | ||
1259 | parameter descriptor string. This represents the level of detail the | ||
1260 | server is expected to return) | ||
1261 | @ a byte array of length 54 bytes. These 54 bytes are defined as | ||
1262 | |||
1263 | char wlreq1_name[21]; // User Name | ||
1264 | char wlreq1_pad1; //Pad next field to a word boundary | ||
1265 | char wlreq1_password[15]; //Password, set to null, ignored by | ||
1266 | server | ||
1267 | char wlreq1_pad2; //Pad next field to word boundary | ||
1268 | char wlreq1_workstation[16]; //ASCII name of computer | ||
1269 | @ A 16 bit integer with a value of 54 | ||
1270 | @ A 16 bit integer that contains the size of the receive buffer | ||
1271 | |||
1272 | |||
1273 | Transaction Request Data section | ||
1274 | |||
1275 | There is no data or auxiliary data to send as part of the request. | ||
1276 | |||
1277 | Transaction Response Parameters section | ||
1278 | |||
1279 | |||
1280 | |||
1281 | |||
1282 | Leach, Naik [Page 20] | ||
1283 | |||
1284 | |||
1285 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
1286 | |||
1287 | |||
1288 | The transaction response parameters section consists of: | ||
1289 | @ A 16 bit word indicating the return status. The possible values are: | ||
1290 | |||
1291 | Code Valu Description | ||
1292 | e | ||
1293 | NERR_Success 0 No errors encountered | ||
1294 | ERROR_ACCESS_DENIED 5 User has insufficient privilege | ||
1295 | NERR_LogonScriptError 2212 An error occurred while loading or | ||
1296 | running the logon script | ||
1297 | NERR_StandaloneLogon 2214 The logon was not validated by any | ||
1298 | server | ||
1299 | NERR_NonValidatedLogon 2217 The logon server is running an | ||
1300 | older software version and cannot | ||
1301 | validate the logon | ||
1302 | NERR_InvalidWorkstation 2240 The user is not allowed to logon | ||
1303 | from this computer | ||
1304 | NERR_InvalidLogonHours 2241 The user is not allowed to logon at | ||
1305 | this time | ||
1306 | NERR_PasswordExpired 2242 The user password has expired | ||
1307 | |||
1308 | @ A 16 bit "converter" word. | ||
1309 | @ A 16 bit number representing the total number of available bytes. | ||
1310 | This has meaning only if the return status is NERR_Success or | ||
1311 | ERROR_MORE_DATA. Upon success, this number indicates the number of | ||
1312 | useful bytes available. Upon failure, this indicates how big the | ||
1313 | receive buffer needs to be. | ||
1314 | |||
1315 | Transaction Response Data section | ||
1316 | |||
1317 | The Transaction response data section contains a data structure | ||
1318 | user_logon_info_1 which is defined as: | ||
1319 | |||
1320 | |||
1321 | struct user_logon_info_1 { | ||
1322 | unsigned short usrlog1_code; | ||
1323 | char usrlog1_eff_name[21]; | ||
1324 | char usrlog1_pad_1; | ||
1325 | unsigned short usrlog1_priv; | ||
1326 | unsigned long usrlog1_auth_flags; | ||
1327 | unsigned short usrlog1_num_logons; | ||
1328 | unsigned short usrlog1_bad_pw_count; | ||
1329 | unsigned long usrlog1_last_logon; | ||
1330 | unsigned long usrlog1_last_logoff; | ||
1331 | unsigned long usrlog1_logoff_time; | ||
1332 | unsigned long usrlog1_kickoff_time; | ||
1333 | long usrlog1_password_age; | ||
1334 | unsigned long usrlog1_pw_can_change; | ||
1335 | unsigned long usrlog1_pw_must_change; | ||
1336 | char *usrlog1_computer; | ||
1337 | char *usrlog1_domain; | ||
1338 | char *usrlog1_script_path; | ||
1339 | unsigned long usrlog1_reserved1; | ||
1340 | }; | ||
1341 | |||
1342 | where: | ||
1343 | |||
1344 | |||
1345 | Leach, Naik [Page 21] | ||
1346 | |||
1347 | |||
1348 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
1349 | |||
1350 | |||
1351 | |||
1352 | usrlog1_code specifies the result and can have the following values: | ||
1353 | |||
1354 | Code Valu Description | ||
1355 | e | ||
1356 | NERR_Success 0 No errors encountered | ||
1357 | ERROR_ACCESS_DENIED 5 User has insufficient privilege | ||
1358 | NERR_LogonScriptError 2212 An error occurred while loading or | ||
1359 | running the logon script | ||
1360 | NERR_StandaloneLogon 2214 The logon was not validated by any | ||
1361 | server | ||
1362 | NERR_NonValidatedLogon 2217 The logon server is running an | ||
1363 | older software version and cannot | ||
1364 | validate the logon | ||
1365 | NERR_InvalidWorkstation 2240 The user is not allowed to logon | ||
1366 | from this computer | ||
1367 | NERR_InvalidLogonHours 2241 The user is not allowed to logon at | ||
1368 | this time | ||
1369 | NERR_PasswordExpired 2242 Administrator privilege | ||
1370 | |||
1371 | |||
1372 | usrlog1_eff_name specifies the account to which the user was logged on | ||
1373 | |||
1374 | usrlog1_pad1 aligns the next data structure element to a word boundary | ||
1375 | |||
1376 | usrlog1_priv specifies the user’s privilege level. The possible values | ||
1377 | are: | ||
1378 | |||
1379 | Name Value Description | ||
1380 | USER_PRIV_GUEST 0 Guest privilege | ||
1381 | USER_PRIV_USER 1 User privilege | ||
1382 | USER_PRV_ADMIN 2 Administrator privilege | ||
1383 | |||
1384 | usrlog1_auth_flags specifies the account operator privileges. The | ||
1385 | possible values are: | ||
1386 | |||
1387 | Name Value Description | ||
1388 | AF_OP_PRINT 0 Print operator | ||
1389 | AF_OP_COMM 1 Communications operator | ||
1390 | AF_OP_SERVER 2 Server operator | ||
1391 | AF_OP_ACCOUNTS 3 Accounts operator | ||
1392 | |||
1393 | usrlog1_num_logons specifies the number of times this user has logged | ||
1394 | on. A value of -1 means the number of logons is unknown. | ||
1395 | |||
1396 | usrlog1_bad_pw_count specifies the number of incorrect passwords | ||
1397 | entered since the last successful logon. | ||
1398 | |||
1399 | usrlog1_last_logon specifies the time when the user last logged on. | ||
1400 | This value is stored as the number of seconds elapsed since | ||
1401 | 00:00:00, January 1, 1970. | ||
1402 | |||
1403 | usrlog1_last_logoff specifies the time when the user last logged off. | ||
1404 | This value is stored as the number of seconds elapsed since | ||
1405 | |||
1406 | |||
1407 | Leach, Naik [Page 22] | ||
1408 | |||
1409 | |||
1410 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
1411 | |||
1412 | |||
1413 | 00:00:00, January 1, 1970. A value of 0 means the last logoff | ||
1414 | time is unknown. | ||
1415 | |||
1416 | usrlog1_logoff_time specifies the time when the user should logoff. | ||
1417 | This value is stored as the number of seconds elapsed since | ||
1418 | 00:00:00, Jan 1, 1970. A value of -1 means the user never has to | ||
1419 | logoff. | ||
1420 | |||
1421 | usrlog1_kickoff_time specifies the time when the user will be logged | ||
1422 | off by the system. This value is stored as the number of seconds | ||
1423 | elapsed since 00:00:00, Jan 1, 1970. A value of -1 means the | ||
1424 | system will never logoff the user. | ||
1425 | |||
1426 | usrlog1_password_age specifies the time in seconds since the user | ||
1427 | last changed his/her password. | ||
1428 | |||
1429 | usrlog1_password_can_change specifies the time when the user can | ||
1430 | change the password. This value is stored as the number of | ||
1431 | seconds elapsed since 00:00:00, Jan 1, 1970. A value of -1 means | ||
1432 | the user can never change the password. | ||
1433 | |||
1434 | usrlog1_password_must_change specifies the time when the user must | ||
1435 | change the password. This value is stored as the number of | ||
1436 | seconds elapsed since 00:00:00, Jan 1, 1970. | ||
1437 | |||
1438 | usrlog1_computer specifies the computer where the user is logged on. | ||
1439 | |||
1440 | usrlog1_script_path specifies the relative path to the user logon | ||
1441 | script. | ||
1442 | |||
1443 | usrlog1_reserved is reserved with an undefined value. | ||
1444 | |||
1445 | The following table defines the valid fields in the user_logon_info_1 | ||
1446 | structure based upon the return values:: | ||
1447 | |||
1448 | function return code usrlog1_code element Valid elements of | ||
1449 | logoff_info_1 | ||
1450 | NERR_Success NERR_Success All | ||
1451 | NERR_Success NERR_StandaloneLogon None except usrlog1_code | ||
1452 | ERROR_ACCESS_DENIED NERR_PasswordExpired None except usrlog1_code | ||
1453 | ERROR_ACCESS_DENIED NERR_InvalidWorkstation None except usrlog1_code | ||
1454 | ERROR_ACCESS_DENIED NERR_InvalidLogonhours None except usrlog1_code | ||
1455 | ERROR_ACCESS_DENIED NERR_LogonScriptError None except usrlog1_code | ||
1456 | ERROR_ACCESS_DENIED ERROR_ACCESS_DENIED None except usrlog1_code | ||
1457 | All other errors None; the code is None | ||
1458 | meaningless | ||
1459 | |||
1460 | All of the pointers in this data structure need to be treated | ||
1461 | specially. The pointer is a 32 bit pointer. The higher 16 bits need | ||
1462 | to be ignored. The converter word returned in the parameters section | ||
1463 | needs to be subtracted from the lower 16 bits to calculate an offset | ||
1464 | into the return buffer where this ASCII string resides. | ||
1465 | |||
1466 | There is no auxiliary data in the response. | ||
1467 | |||
1468 | |||
1469 | Leach, Naik [Page 23] | ||
1470 | |||
1471 | |||
1472 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
1473 | |||
1474 | |||
1475 | 10. NetwkstaUserLogoff | ||
1476 | |||
1477 | This is a function executed on a remote CIFS server to log on a user. | ||
1478 | The purpose is to perform some checks and accomplish housekeeping and | ||
1479 | statistics updates. | ||
1480 | |||
1481 | The definition is: | ||
1482 | |||
1483 | unsigned short NetWkstaUserLogoff( | ||
1484 | char *reserved1; | ||
1485 | char *reserved2; | ||
1486 | unsigned short sLevel; | ||
1487 | BYTE bReqBuffer[54]; | ||
1488 | unsigned short cbReqBuffer; | ||
1489 | REQBUF pbBuffer; | ||
1490 | REQBUFLEN cbBuffer; | ||
1491 | unsigned short *pcbTotalAvail; | ||
1492 | ); | ||
1493 | |||
1494 | where: | ||
1495 | |||
1496 | reserved1 and reserved2 are reserved fields and must be null. | ||
1497 | |||
1498 | sLevel specifies the level of detail returned. The only legal | ||
1499 | value is 1. | ||
1500 | |||
1501 | pbReqBuffer points to the request buffer. This buffer contains | ||
1502 | parameters that need to be sent to the server. The actual value | ||
1503 | and structure is defined in the Transaction Request Parameters | ||
1504 | section. | ||
1505 | |||
1506 | cbReqBuffer specifies the size, in bytes, of the buffer pointed to | ||
1507 | by the pbReqBuffer parameter. The value must be decimal 54. | ||
1508 | |||
1509 | pbBuffer points to the buffer to receive the returned data. | ||
1510 | |||
1511 | cbBuffer specifies the size, in bytes, of the buffer pointed to by | ||
1512 | the pbBuffer parameter. | ||
1513 | |||
1514 | pcbTotalAvail is a pointer to an unsigned short which gets filled | ||
1515 | with the total number of data bytes available if the function | ||
1516 | succeeds. | ||
1517 | |||
1518 | Transaction Request Parameters section | ||
1519 | |||
1520 | The Transaction request parameters section in this instance contains: | ||
1521 | |||
1522 | @ The 16 bit function number for NetWkstaUserLogoff which is 133. | ||
1523 | @ The parameter descriptor string which is "zzWb38WrLh" | ||
1524 | @ The data descriptor string for the (returned) data which is "WDW" | ||
1525 | @ The actual parameters as described by the parameter descriptor | ||
1526 | string. | ||
1527 | |||
1528 | The parameters are: | ||
1529 | @ A null pointer | ||
1530 | |||
1531 | |||
1532 | |||
1533 | Leach, Naik [Page 24] | ||
1534 | |||
1535 | |||
1536 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
1537 | |||
1538 | |||
1539 | @ Another null pointer | ||
1540 | @ A 16 bit integer with a value of 1 (corresponding to the "W" in the | ||
1541 | parameter descriptor string. This represents the level of detail the | ||
1542 | server is expected to return) | ||
1543 | @ An array of length 38 bytes. These 38 bytes are defined as | ||
1544 | |||
1545 | char wlreq1_name[21]; // User Name | ||
1546 | char wlreq1_pad1; //Pad next field to a word | ||
1547 | boundary | ||
1548 | char wlreq1_workstation[16]; //ASCII name of computer | ||
1549 | @ A 16 bit integer with a value of decimal 38. | ||
1550 | @ A 16 bit integer that contains the size of the receive buffer | ||
1551 | |||
1552 | Transaction Request Data section | ||
1553 | |||
1554 | There is no data or auxiliary data to send as part of the request. | ||
1555 | |||
1556 | Transaction Response Parameters section | ||
1557 | |||
1558 | The transaction response parameters section consists of: | ||
1559 | @ A 16 bit word indicating the return status. The possible values are: | ||
1560 | |||
1561 | Code Value Description | ||
1562 | NERR_Success 0 No errors encountered | ||
1563 | NERR_StandaloneLogon 2214 The logon was not validated by any | ||
1564 | server | ||
1565 | NERR_NonValidatedLogon 2217 The logon server is running an older | ||
1566 | software version and cannot validate the | ||
1567 | logoff | ||
1568 | |||
1569 | @ A 16 bit "converter" word. | ||
1570 | @ A 16 bit number representing the total number of available bytes. | ||
1571 | This has meaning only if the return status is NERR_Success or | ||
1572 | ERROR_MORE_DATA. Upon success, this number indicates the number of | ||
1573 | useful bytes available. Upon failure, this indicates how big the | ||
1574 | receive buffer needs to be. | ||
1575 | |||
1576 | Transaction Response Data section | ||
1577 | |||
1578 | The Transaction response data section contains a data structure | ||
1579 | user_logoff_info_1 which is defined as: | ||
1580 | |||
1581 | |||
1582 | struct user_logoff_info_1 { | ||
1583 | unsigned short usrlogf1_code; | ||
1584 | unsigned long usrlogf1_duration; | ||
1585 | unsigned short usrlogf1_num_logons; | ||
1586 | }; | ||
1587 | |||
1588 | where: | ||
1589 | |||
1590 | usrlogf1_code specifies the result and can have the following values: | ||
1591 | |||
1592 | Code Value Description | ||
1593 | NERR_Success 0 No errors encountered | ||
1594 | ERROR_ACCESS_DENIED 5 User has insufficient privilege | ||
1595 | |||
1596 | |||
1597 | Leach, Naik [Page 25] | ||
1598 | |||
1599 | |||
1600 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
1601 | |||
1602 | |||
1603 | NERR_InvalidWorkstation 2240 The user is not allowed to logon from | ||
1604 | this computer | ||
1605 | |||
1606 | usrlogf1_duration specifies the time in number of seconds for which | ||
1607 | the user was logged | ||
1608 | |||
1609 | usrlogf1_num_logons specifies the number of times this user has logged | ||
1610 | on. A value of -1 indicates the number is unknown. | ||
1611 | |||
1612 | The following table defines the valid fields in the logoff_info_1 | ||
1613 | structure based upon the return values:: | ||
1614 | |||
1615 | function usrlogf11_code Valid elements of logoff_info_1 | ||
1616 | return code element | ||
1617 | NERR_Success NERR_Success All | ||
1618 | NERR_Success NERR_StandaloneLogon None except usrlogf1_code | ||
1619 | All other None; the code is None | ||
1620 | errors meaningless | ||
1621 | |||
1622 | There is no auxiliary data in the response. | ||
1623 | |||
1624 | |||
1625 | 11. NetUserGetInfo | ||
1626 | |||
1627 | This is a function executed on a remote CIFS server to obtain detailed | ||
1628 | information about a particular user. | ||
1629 | |||
1630 | The definition is: | ||
1631 | |||
1632 | unsigned short NetUserGetInfo( | ||
1633 | char *pszUser; | ||
1634 | unsigned short sLevel; | ||
1635 | RCVBUF pBuffer; | ||
1636 | RCVBUFLEN cbBuffer; | ||
1637 | unsigned short *pcbTotalAvail; | ||
1638 | ); | ||
1639 | |||
1640 | where: | ||
1641 | |||
1642 | pszUser points to a null terminated ASCII string signifying the | ||
1643 | name of the user for which information should be retrieved. | ||
1644 | |||
1645 | sLevel specifies the level of detail returned. The only legal | ||
1646 | value is 11. | ||
1647 | |||
1648 | pbBuffer points to the buffer to receive the returned data. | ||
1649 | |||
1650 | cbBuffer specifies the size, in bytes, of the buffer pointed to by | ||
1651 | the pbBuffer parameter. | ||
1652 | |||
1653 | pcbTotalAvail is a pointer to an unsigned short which gets filled | ||
1654 | with the total number of data bytes available if the function | ||
1655 | succeeds. | ||
1656 | |||
1657 | Transaction Request Parameters section | ||
1658 | |||
1659 | |||
1660 | Leach, Naik [Page 26] | ||
1661 | |||
1662 | |||
1663 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
1664 | |||
1665 | |||
1666 | The Transaction request parameters section in this instance contains: | ||
1667 | |||
1668 | @ The 16 bit function number for NetUserGetInfo which is 56. | ||
1669 | @ The parameter descriptor string which is "zWrLh" | ||
1670 | @ The data descriptor string for the (returned) data which is | ||
1671 | "B21BzzzWDDzzDDWWzWzDWb21W" | ||
1672 | @ The actual parameters as described by the parameter descriptor | ||
1673 | string. | ||
1674 | |||
1675 | The parameters are: | ||
1676 | @ A null terminated ASCII string indicating the user for which | ||
1677 | information should be retrieved. | ||
1678 | @ A 16 bit integer with a value of decimal 11 (corresponding to the "W" | ||
1679 | in the parameter descriptor string. This represents the level of | ||
1680 | detail the server is expected to return) | ||
1681 | @ A 16 bit integer that contains the size of the receive buffer | ||
1682 | |||
1683 | |||
1684 | Transaction Request Data section | ||
1685 | |||
1686 | There is no data or auxiliary data to send as part of the request. | ||
1687 | |||
1688 | Transaction Response Parameters section | ||
1689 | |||
1690 | The transaction response parameters section consists of: | ||
1691 | @ A 16 bit word indicating the return status. The possible values are: | ||
1692 | |||
1693 | Code Valu Description | ||
1694 | e | ||
1695 | NERR_Success 0 No errors encountered | ||
1696 | ERROR_ACCESS_DENIED 5 User has insufficient privilege | ||
1697 | ERROR_MORE_DATA 234 additional data is available | ||
1698 | NERR_BufTooSmall 2123 The supplied buffer is too small | ||
1699 | NERR_UserNotFound 2221 The user name was not found | ||
1700 | @ A 16 bit "converter" word. | ||
1701 | @ A 16 bit number representing the total number of available bytes. | ||
1702 | This has meaning only if the return status is NERR_Success or | ||
1703 | ERROR_MORE_DATA. Upon success, this number indicates the number of | ||
1704 | useful bytes available. Upon failure, this indicates how big the | ||
1705 | receive buffer needs to be. | ||
1706 | |||
1707 | Transaction Response Data section | ||
1708 | |||
1709 | The Transaction response data section contains a data structure | ||
1710 | user_logon_info_1 which is defined as: | ||
1711 | |||
1712 | |||
1713 | struct user_info_11 { | ||
1714 | char usri11_name[21]; | ||
1715 | char usri11_pad; | ||
1716 | char *usri11_comment; | ||
1717 | char *usri11_usr_comment; | ||
1718 | char *usri11_full_name; | ||
1719 | unsigned short usri11_priv; | ||
1720 | unsigned long usri11_auth_flags; | ||
1721 | |||
1722 | |||
1723 | |||
1724 | Leach, Naik [Page 27] | ||
1725 | |||
1726 | |||
1727 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
1728 | |||
1729 | |||
1730 | |||
1731 | long usri11_password_age; | ||
1732 | char *usri11_homedir; | ||
1733 | char *usri11_parms; | ||
1734 | long usri11_last_logon; | ||
1735 | long usri11_last_logoff; | ||
1736 | unsigned short usri11_bad_pw_count; | ||
1737 | unsigned short usri11_num_logons; | ||
1738 | char *usri11_logon_server; | ||
1739 | unsigned short usri11_country_code; | ||
1740 | char *usri11_workstations; | ||
1741 | unsigned long usri11_max_storage; | ||
1742 | unsigned short usri11_units_per_week; | ||
1743 | unsigned char *usri11_logon_hours; | ||
1744 | unsigned short usri11_code_page; | ||
1745 | }; | ||
1746 | |||
1747 | where: | ||
1748 | |||
1749 | usri11_name specifies the user name for which information is retireved | ||
1750 | |||
1751 | usri11_pad aligns the next data structure element to a word boundary | ||
1752 | |||
1753 | usri11_comment is a null terminated ASCII comment | ||
1754 | |||
1755 | usri11_user_comment is a null terminated ASCII comment about the user | ||
1756 | |||
1757 | usri11_full_name is a null terminated ASCII specifying the full name | ||
1758 | of the user | ||
1759 | |||
1760 | usri11_priv specifies the level of the privilege assigned to the user. | ||
1761 | The possible values are: | ||
1762 | |||
1763 | Name Value Description | ||
1764 | USER_PRIV_GUEST 0 Guest privilege | ||
1765 | USER_PRIV_USER 1 User privilege | ||
1766 | USER_PRV_ADMIN 2 Administrator privilege | ||
1767 | |||
1768 | usri11_auth_flags specifies the account operator privileges. The | ||
1769 | possible values are: | ||
1770 | |||
1771 | Name Value Description | ||
1772 | AF_OP_PRINT 0 Print operator | ||
1773 | AF_OP_COMM 1 Communications operator | ||
1774 | AF_OP_SERVER 2 Server operator | ||
1775 | AF_OP_ACCOUNTS 3 Accounts operator | ||
1776 | |||
1777 | |||
1778 | usri11_password_age specifies how many seconds have elapsed since the | ||
1779 | password was last changed. | ||
1780 | |||
1781 | usri11_home_dir points to a null terminated ASCII string that contains | ||
1782 | the path name of the user's home directory. | ||
1783 | |||
1784 | |||
1785 | |||
1786 | |||
1787 | Leach, Naik [Page 28] | ||
1788 | |||
1789 | |||
1790 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
1791 | |||
1792 | |||
1793 | usri11_parms points to a null terminated ASCII string that is set | ||
1794 | aside for use by applications. | ||
1795 | |||
1796 | usri11_last_logon specifies the time when the user last logged on. | ||
1797 | This value is stored as the number of seconds elapsed since | ||
1798 | 00:00:00, January 1, 1970. | ||
1799 | |||
1800 | usri11_last_logoff specifies the time when the user last logged off. | ||
1801 | This value is stored as the number of seconds elapsed since | ||
1802 | 00:00:00, January 1, 1970. A value of 0 means the last logoff | ||
1803 | time is unknown. | ||
1804 | |||
1805 | usri11_bad_pw_count specifies the number of incorrect passwords | ||
1806 | entered since the last successful logon. | ||
1807 | |||
1808 | usri11_log1_num_logons specifies the number of times this user has | ||
1809 | logged on. A value of -1 means the number of logons is unknown. | ||
1810 | |||
1811 | usri11_logon_server points to a null terminated ASCII string that | ||
1812 | contains the name of the server to which logon requests are sent. | ||
1813 | A null string indicates logon requests should be sent to the | ||
1814 | domain controller. | ||
1815 | |||
1816 | usri11_country_code specifies the country code for the user's language | ||
1817 | of choice. | ||
1818 | |||
1819 | usri11_workstations points to a null terminated ASCII string that | ||
1820 | contains the names of workstations the user may log on from. | ||
1821 | There may be up to 8 workstations, with the names separated by | ||
1822 | commas. A null strings indicates there are no restrictions. | ||
1823 | |||
1824 | usri11_max_storage specifies the maximum amount of disk space the user | ||
1825 | can occupy. A value of 0xffffffff indicates there are no | ||
1826 | restrictions. | ||
1827 | |||
1828 | usri11_units_per_week specifies the equal number of time units into | ||
1829 | which a week is divided. This value must be equal to 168. | ||
1830 | |||
1831 | usri11_logon_hours points to a 21 byte (168 bits) string that | ||
1832 | specifies the time during which the user can log on. Each bit | ||
1833 | represents one unique hour in a week. The first bit (bit 0, word | ||
1834 | 0) is Sunday, 0:00 to 0:59, the second bit (bit 1, word 0) is | ||
1835 | Sunday, 1:00 to 1:59 and so on. A null pointer indicates there | ||
1836 | are no restrictions. | ||
1837 | |||
1838 | usri11_code_page specifies the code page for the user's language of | ||
1839 | choice | ||
1840 | |||
1841 | All of the pointers in this data structure need to be treated | ||
1842 | specially. The pointer is a 32 bit pointer. The higher 16 bits need | ||
1843 | to be ignored. The converter word returned in the parameters section | ||
1844 | needs to be subtracted from the lower 16 bits to calculate an offset | ||
1845 | into the return buffer where this ASCII string resides. | ||
1846 | |||
1847 | |||
1848 | |||
1849 | Leach, Naik [Page 29] | ||
1850 | |||
1851 | |||
1852 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
1853 | |||
1854 | |||
1855 | There is no auxiliary data in the response. | ||
1856 | |||
1857 | 12. NetWkstaGetInfo | ||
1858 | |||
1859 | This is a function executed on a remote CIFS server to obtain detailed | ||
1860 | information about a workstation. | ||
1861 | |||
1862 | The definition is: | ||
1863 | |||
1864 | unsigned short NetWkstaGetInfo( | ||
1865 | unsigned short sLevel; | ||
1866 | RCVBUF pBuffer; | ||
1867 | RCVBUFLEN cbBuffer; | ||
1868 | unsigned short *pcbTotalAvail; | ||
1869 | ); | ||
1870 | |||
1871 | where: | ||
1872 | |||
1873 | sLevel specifies the level of detail returned. The only legal | ||
1874 | value is 10. | ||
1875 | |||
1876 | pbBuffer points to the buffer to receive the returned data. | ||
1877 | |||
1878 | cbBuffer specifies the size, in bytes, of the buffer pointed to by | ||
1879 | the pbBuffer parameter. | ||
1880 | |||
1881 | pcbTotalAvail is a pointer to an unsigned short which gets filled | ||
1882 | with the total number of data bytes available if the function | ||
1883 | succeeds. | ||
1884 | |||
1885 | Transaction Request Parameters section | ||
1886 | |||
1887 | The Transaction request parameters section in this instance contains: | ||
1888 | |||
1889 | @ The 16 bit function number for NetWkstaGetInfo which is 63. | ||
1890 | @ The parameter descriptor string which is "WrLh" | ||
1891 | @ The data descriptor string for the (returned) data which is | ||
1892 | "zzzBBzz". | ||
1893 | @ The actual parameters as described by the parameter descriptor | ||
1894 | string. | ||
1895 | |||
1896 | The parameters are: | ||
1897 | @ A 16 bit integer with a value of decimal 10 (corresponding to the "W" | ||
1898 | in the parameter descriptor string. This represents the level of | ||
1899 | detail the server is expected to return) | ||
1900 | @ A 16 bit integer that contains the size of the receive buffer | ||
1901 | |||
1902 | |||
1903 | Transaction Request Data section | ||
1904 | |||
1905 | There is no data or auxiliary data to send as part of the request. | ||
1906 | |||
1907 | Transaction Response Parameters section | ||
1908 | |||
1909 | The transaction response parameters section consists of: | ||
1910 | |||
1911 | |||
1912 | |||
1913 | Leach, Naik [Page 30] | ||
1914 | |||
1915 | |||
1916 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
1917 | |||
1918 | |||
1919 | @ A 16 bit word indicating the return status. The possible values are: | ||
1920 | |||
1921 | Code Valu Description | ||
1922 | e | ||
1923 | NERR_Success 0 No errors encountered | ||
1924 | ERROR_ACCESS_DENIED 5 User has insufficient privilege | ||
1925 | ERROR_MORE_DATA 234 additional data is available | ||
1926 | NERR_BufTooSmall 2123 The supplied buffer is too small | ||
1927 | NERR_UserNotFound 2221 The user name was not found | ||
1928 | @ A 16 bit "converter" word. | ||
1929 | @ A 16 bit number representing the total number of available bytes. | ||
1930 | This has meaning only if the return status is NERR_Success or | ||
1931 | ERROR_MORE_DATA. Upon success, this number indicates the number of | ||
1932 | useful bytes available. Upon failure, this indicates how big the | ||
1933 | receive buffer needs to be. | ||
1934 | |||
1935 | Transaction Response Data section | ||
1936 | |||
1937 | The Transaction response data section contains a data structure | ||
1938 | user_logon_info_1 which is defined as: | ||
1939 | |||
1940 | |||
1941 | struct user_info_11 { | ||
1942 | char *wki10_computername; | ||
1943 | char *wki10_username; | ||
1944 | char *wki10_langroup; | ||
1945 | unsigned char wki10_ver_major; | ||
1946 | unsigned char wki10_ver_minor; | ||
1947 | char *wki10_logon_domain; | ||
1948 | char *wki10_oth_domains; | ||
1949 | }; | ||
1950 | |||
1951 | where: | ||
1952 | |||
1953 | wki10_computername is a pointer to a NULL terminated ASCII string that | ||
1954 | specifies the name of the workstation. | ||
1955 | |||
1956 | wki10_username is a pointer to a NULL terminated ASCII string that | ||
1957 | specifies the user who is logged on at the workstation. | ||
1958 | |||
1959 | wki10_langroup is a pointer to a NULL terminated ASCII string that | ||
1960 | specifies the domain to which the workstation belongs. | ||
1961 | |||
1962 | wki10_ver_major specifies the major version number of the networking | ||
1963 | software the workstation is running. | ||
1964 | |||
1965 | wki10_ver_minor specifies the minor version number of the networking | ||
1966 | software the workstation is running. | ||
1967 | |||
1968 | wki10_logon domain is a pointer to a NULL terminated ASCII string that | ||
1969 | specifies the domain for which a user is logged on. | ||
1970 | |||
1971 | wki10_oth domain is a pointer to a NULL terminated ASCII string that | ||
1972 | specifies all domains in which the computer is enlisted. | ||
1973 | |||
1974 | |||
1975 | |||
1976 | Leach, Naik [Page 31] | ||
1977 | |||
1978 | |||
1979 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
1980 | |||
1981 | |||
1982 | All of the pointers in this data structure need to be treated | ||
1983 | specially. The pointer is a 32 bit pointer. The higher 16 bits need | ||
1984 | to be ignored. The converter word returned in the parameters section | ||
1985 | needs to be subtracted from the lower 16 bits to calculate an offset | ||
1986 | into the return buffer where this ASCII string resides. | ||
1987 | |||
1988 | There is no auxiliary data in the response. | ||
1989 | |||
1990 | |||
1991 | 13. SamOemChangePassword | ||
1992 | |||
1993 | This is a function executed on a remote CIFS server to change a user’s | ||
1994 | password. | ||
1995 | |||
1996 | The definition is: | ||
1997 | |||
1998 | unsigned short SamOemChangePassword( | ||
1999 | uchar *UserName; | ||
2000 | uchar *OldPassword; | ||
2001 | uchar *NewPassword; | ||
2002 | ); | ||
2003 | |||
2004 | where: | ||
2005 | |||
2006 | UserName is a pointer to a NULL terminated ASCII string | ||
2007 | representing the name of the user for which the password should be | ||
2008 | changed. | ||
2009 | |||
2010 | OldPassword is a pointer to a NULL terminated ASCII string | ||
2011 | representing the current password of the user | ||
2012 | |||
2013 | NewPassword is a pointer to a NULL terminated ASCII string | ||
2014 | representing the new password of the | ||
2015 | |||
2016 | Transaction Request Parameters section | ||
2017 | |||
2018 | The Transaction request parameters section in this instance contains: | ||
2019 | |||
2020 | @ The 16 bit function number for SamOEMChangePassword which is 214. | ||
2021 | @ The parameter descriptor string which is "zsT" | ||
2022 | @ The actual parameters as described by the parameter descriptor | ||
2023 | string. | ||
2024 | |||
2025 | The parameters are: | ||
2026 | @ A null terminated ASCII string that represents the name of the user | ||
2027 | for whom the password is being changed. | ||
2028 | @ A word with a value of 532 representing the size of the data buffer. | ||
2029 | |||
2030 | |||
2031 | Transaction Request Data section | ||
2032 | |||
2033 | The data buffer to be sent consists of 532 bytes of data. The first 516 | ||
2034 | bytes represent the new password in an encrypted form. The last 16 bytes | ||
2035 | represent the old password in an encrypted form. | ||
2036 | |||
2037 | |||
2038 | |||
2039 | |||
2040 | Leach, Naik [Page 32] | ||
2041 | |||
2042 | |||
2043 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
2044 | |||
2045 | |||
2046 | The new password is represented by the structure | ||
2047 | |||
2048 | |||
2049 | struct { | ||
2050 | char NewPasswordBuffer[512]; | ||
2051 | long LengthofNewPasswordInBytes; | ||
2052 | } | ||
2053 | |||
2054 | The new password is stored in plain text form at the end of the buffer | ||
2055 | and the length of the new password is stored in the second member of the | ||
2056 | structure. The whole structure is encrypted using RC4. The RC4 key used | ||
2057 | is the One Way Transformation (described below) of the old password. | ||
2058 | |||
2059 | The RC4 encryption of the One Way Transformation of the old password | ||
2060 | constitutes the last 16 bytes of the data buffer. The RC4 key used is | ||
2061 | the One Way Transformation of the new password | ||
2062 | |||
2063 | There is no auxiliary data to send as part of the request. | ||
2064 | |||
2065 | |||
2066 | One Way Transformation | ||
2067 | |||
2068 | This section describes the algorithm used by CIFS to apply a one way | ||
2069 | transformation on data. | ||
2070 | |||
2071 | Let | ||
2072 | E(K, D) | ||
2073 | denote the DES block mode encryption function [5] , which accepts a | ||
2074 | seven byte key (K) and an eight byte data block (D) and produces an | ||
2075 | eight byte encrypted data block as its value. | ||
2076 | |||
2077 | concat(A, B) | ||
2078 | is the result of concatenating A and B | ||
2079 | |||
2080 | Ex(K,D) | ||
2081 | denote the extension of DES to longer keys and data blocks. If the | ||
2082 | data to be encrypted is longer than eight bytes, the encryption | ||
2083 | function is applied to each block of eight bytes in sequence and the | ||
2084 | results are concatenated together. If the key is longer than seven | ||
2085 | bytes, each 8 byte block of data is first completely encrypted using | ||
2086 | the first seven bytes of the key, then the second seven bytes, etc., | ||
2087 | appending the results each time. For example, to encrypt the 16 byte | ||
2088 | quantity D0D1 with the 14 byte key K0K1, | ||
2089 | |||
2090 | Ex(K0K1,D0D1) = concat(E(K0,D0),E(K0,D1),E(K1,D0),E(K1,D1)) | ||
2091 | |||
2092 | head(S, B) | ||
2093 | denote the first B bytes of the byte string S. | ||
2094 | |||
2095 | swab(S) | ||
2096 | denote the byte string obtained by reversing the order of the bits in | ||
2097 | each byte of S, i.e., if S is byte string of length one, with the | ||
2098 | value 0x37 then swab(S) is 0xEC. | ||
2099 | |||
2100 | |||
2101 | |||
2102 | |||
2103 | Leach, Naik [Page 33] | ||
2104 | |||
2105 | |||
2106 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
2107 | |||
2108 | |||
2109 | |||
2110 | |||
2111 | The One Way Transformation function is defined as: | ||
2112 | |||
2113 | |||
2114 | OWF = Ex(swab(P14), N8) | ||
2115 | |||
2116 | Where | ||
2117 | @ P14 is the data to encrypted. If P14 is the user’s password, it is a | ||
2118 | clear, upper-cased text string, padded with blanks | ||
2119 | @ N8 is an 8 byte string whose value is available from Microsoft upon | ||
2120 | request | ||
2121 | |||
2122 | |||
2123 | |||
2124 | Transaction Response Parameters section | ||
2125 | |||
2126 | The transaction response parameters section consists of: | ||
2127 | @ A 16 bit word indicating the return status. The possible values are: | ||
2128 | |||
2129 | Code Valu Description | ||
2130 | e | ||
2131 | NERR_Success 0 No errors encountered | ||
2132 | ERROR_ACCESS_DENIED 5 User has insufficient privilege | ||
2133 | ERROR-INVALID-PASSWORD 86 The specified password is invalid | ||
2134 | NERR_PasswordCantChange 2243 The password cannot be changed | ||
2135 | NERR_PasswordTooShort 2246 The password is too short | ||
2136 | |||
2137 | Transaction Response Data section | ||
2138 | |||
2139 | There is no Transaction Response Data to receive | ||
2140 | |||
2141 | There is no auxiliary data in the response. | ||
2142 | |||
2143 | |||
2144 | |||
2145 | 14. Author's Addresses | ||
2146 | |||
2147 | Paul Leach | ||
2148 | Dilip Naik | ||
2149 | Microsoft | ||
2150 | 1 Microsoft Way | ||
2151 | Redmond, WA 98052 | ||
2152 | paulle@microsoft.com | ||
2153 | v-dilipn@microsoft.com | ||
2154 | |||
2155 | |||
2156 | 15. Appendix A | ||
2157 | |||
2158 | Transaction SMBs | ||
2159 | |||
2160 | These SMBs are used both to retrieve bulk data from the server (e.g.: | ||
2161 | enumerate shares, etc.) and to change the server's state (EG: add a new | ||
2162 | share, change file permissions, etc.) Transaction requests are also | ||
2163 | unusual because they can have a multiple part request and/or a multiple | ||
2164 | |||
2165 | |||
2166 | Leach, Naik [Page 34] | ||
2167 | |||
2168 | |||
2169 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
2170 | |||
2171 | |||
2172 | part response. For this reason, transactions are handled as a set of | ||
2173 | sequenced commands to the server. Each part of a request is sent as a | ||
2174 | sequenced command using the same Mid value and an increasing Seq value. | ||
2175 | The server responds to each request piece except the last one with a | ||
2176 | response indicating that the server is ready for the next piece. The | ||
2177 | last piece is responded to with the first piece of the result data. The | ||
2178 | client then sends a transaction secondary SMB with ParameterDisplacement | ||
2179 | set to the number of parameter bytes received so far and | ||
2180 | DataDisplacement set to the number of data bytes received so far and | ||
2181 | ParameterCount, ParameterOffset, DataCount, and DataOffset set to zero | ||
2182 | (0). The server responds with the next piece of the transaction result. | ||
2183 | The process is repeated until all of the response information has been | ||
2184 | received. When the transaction has been completed, the redirector must | ||
2185 | send another sequenced command (an echo SMB will do fine) to the server | ||
2186 | to allow the server to know that the final piece was received and that | ||
2187 | resources allocated to the transaction command may be released. | ||
2188 | The flow is as follows, where (S) is the SequenceNumber, (N) is the | ||
2189 | number of request packets to be sent from the client to the server, and | ||
2190 | (M) is the number of response packets to be sent by the server to the | ||
2191 | client: | ||
2192 | |||
2193 | |||
2194 | Client <-> Server | ||
2195 | ======================= === =========================== | ||
2196 | |||
2197 | SMB(S) Transact -> | ||
2198 | <- OK (S) send more data | ||
2199 | [ repeat N-1 times: | ||
2200 | SMB(S+1) Transact -> | ||
2201 | secondary | ||
2202 | <- OK (S+1) send more data | ||
2203 | SMB(S+N-1) | ||
2204 | ] | ||
2205 | <- OK (S+N-1) transaction | ||
2206 | response (1) | ||
2207 | [ repeat M-1 times: | ||
2208 | SMB(S+N) Transact -> | ||
2209 | secondary | ||
2210 | <- OK (S+N) transaction | ||
2211 | response (2) | ||
2212 | SMB(S+N+M-2) Transact -> | ||
2213 | secondary | ||
2214 | <- OK (S+N+M-2] transaction | ||
2215 | response (M) | ||
2216 | ] | ||
2217 | SMB(S+N+M-1) Echo -> | ||
2218 | <- OK (S+N+M-1) echoed | ||
2219 | |||
2220 | |||
2221 | In order to allow the server to detect clients which have been powered | ||
2222 | off, have crashed, etc., the client must send commands to the server | ||
2223 | periodically if it has resources open on the server. If nothing has | ||
2224 | been received from a client for awhile, the server will assume that the | ||
2225 | client is no longer running and disconnect the client. This includes | ||
2226 | closing any files that the client had open at the time and releasing any | ||
2227 | resources being used on behalf of the client. Clients should at least | ||
2228 | |||
2229 | |||
2230 | |||
2231 | Leach, Naik [Page 35] | ||
2232 | |||
2233 | |||
2234 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
2235 | |||
2236 | |||
2237 | send an echo SMB to the server every four (4) minutes if there is | ||
2238 | nothing else to send. The server will disconnect clients after a | ||
2239 | configurable amount of time which cannot be less than five (5) minutes. | ||
2240 | (Note: the NT server has a default timevalue of 15 minutes.) | ||
2241 | |||
2242 | 15.1.1 TRANSACTIONS | ||
2243 | |||
2244 | SMB_COM_TRANSACTION performs a symbolically named transaction. This | ||
2245 | transaction is known only by a name (no file handle used). | ||
2246 | SMB_COM_TRANSACTION2 likewise performs a transaction, but a word | ||
2247 | parameter is used to identify the transaction instead of a name. | ||
2248 | SMB_COM_NT_TRANSACTION is used for commands that potentially need to | ||
2249 | transfer a large amount of data (greater than 64K bytes). | ||
2250 | |||
2251 | 15.1.1.1 SMB_COM_TRANSACTION AND SMB_COM_TRANSACTION2 FORMATS | ||
2252 | |||
2253 | Primary Client Request Description | ||
2254 | =============================== ================================== | ||
2255 | |||
2256 | Command SMB_COM_TRANSACTION or | ||
2257 | SMB_COM_TRANSACTION2 | ||
2258 | |||
2259 | UCHAR WordCount; Count of parameter words; value | ||
2260 | = (14 + SetupCount) | ||
2261 | USHORT TotalParameterCount; Total parameter bytes being sent | ||
2262 | USHORT TotalDataCount; Total data bytes being sent | ||
2263 | USHORT MaxParameterCount; Max parameter bytes to return | ||
2264 | USHORT MaxDataCount; Max data bytes to return | ||
2265 | UCHAR MaxSetupCount; Max setup words to return | ||
2266 | UCHAR Reserved; | ||
2267 | USHORT Flags; Additional information: | ||
2268 | bit 0 - also disconnect TID in | ||
2269 | TID | ||
2270 | bit 1 - one-way transaction (no | ||
2271 | resp) | ||
2272 | ULONG Timeout; | ||
2273 | USHORT Reserved2; | ||
2274 | USHORT ParameterCount; Parameter bytes sent this buffer | ||
2275 | USHORT ParameterOffset; Offset (from header start) to | ||
2276 | Parameters | ||
2277 | USHORT DataCount; Data bytes sent this buffer | ||
2278 | USHORT DataOffset; Offset (from header start) to data | ||
2279 | UCHAR SetupCount; Count of setup words | ||
2280 | UCHAR Reserved3; Reserved (pad above to word) | ||
2281 | USHORT Setup[SetupCount]; Setup words (# = SetupWordCount) | ||
2282 | USHORT ByteCount; Count of data bytes | ||
2283 | STRING Name[]; Name of transaction (NULL if | ||
2284 | SMB_COM_TRANSACTION2) | ||
2285 | UCHAR Pad[]; Pad to SHORT or LONG | ||
2286 | UCHAR Parameters[ParameterCount]; Parameter bytes (# = | ||
2287 | ParameterCount) | ||
2288 | UCHAR Pad1[]; Pad to SHORT or LONG | ||
2289 | UCHAR Data[ DataCount ]; Data bytes (# = DataCount) | ||
2290 | |||
2291 | |||
2292 | Interim Server Response Description | ||
2293 | |||
2294 | |||
2295 | |||
2296 | Leach, Naik [Page 36] | ||
2297 | |||
2298 | |||
2299 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
2300 | |||
2301 | |||
2302 | |||
2303 | =============================== ================================= | ||
2304 | |||
2305 | UCHAR WordCount; Count of parameter words = 0 | ||
2306 | USHORT ByteCount; Count of data bytes = 0 | ||
2307 | |||
2308 | |||
2309 | Secondary Client Request Description | ||
2310 | =============================== ================================== | ||
2311 | |||
2312 | Command SMB_COM_TRANSACTION_SECONDARY | ||
2313 | |||
2314 | UCHAR WordCount; Count of parameter words = 8 | ||
2315 | USHORT TotalParameterCount; Total parameter bytes being sent | ||
2316 | USHORT TotalDataCount; Total data bytes being sent | ||
2317 | USHORT ParameterCount; Parameter bytes sent this buffer | ||
2318 | USHORT ParameterOffset; Offset (from header start) to | ||
2319 | Parameters | ||
2320 | USHORT ParameterDisplacement; Displacement of these Parameter | ||
2321 | bytes | ||
2322 | USHORT DataCount; Data bytes sent this buffer | ||
2323 | USHORT DataOffset; Offset (from header start) to data | ||
2324 | USHORT DataDisplacement; Displacement of these data bytes | ||
2325 | USHORT Fid; FID for handle based requests, | ||
2326 | else 0xFFFF. This field is | ||
2327 | present only if this is an | ||
2328 | SMB_COM_TRANSACTION2 request. | ||
2329 | USHORT ByteCount; Count of data bytes | ||
2330 | UCHAR Pad[]; Pad to SHORT or LONG | ||
2331 | UCHAR Parameters[ParameterCount]; Parameter bytes (# = | ||
2332 | ParameterCount) | ||
2333 | UCHAR Pad1[]; Pad to SHORT or LONG | ||
2334 | UCHAR Data[DataCount]; Data bytes (# = DataCount) | ||
2335 | |||
2336 | |||
2337 | Server Response Description | ||
2338 | =============================== ================================== | ||
2339 | |||
2340 | UCHAR WordCount; Count of data bytes; value = 10 + | ||
2341 | SETUPCOUNT | ||
2342 | USHORT TotalParameterCount; Total parameter bytes being sent | ||
2343 | USHORT TotalDataCount; Total data bytes being sent | ||
2344 | USHORT Reserved; | ||
2345 | USHORT ParameterCount; Parameter bytes sent this buffer | ||
2346 | USHORT ParameterOffset; Offset (from header start) to | ||
2347 | Parameters | ||
2348 | USHORT ParameterDisplacement; Displacement of these Parameter | ||
2349 | bytes | ||
2350 | USHORT DataCount; Data bytes sent this buffer | ||
2351 | USHORT DataOffset; Offset (from header start) to data | ||
2352 | USHORT DataDisplacement; Displacement of these data bytes | ||
2353 | UCHAR SetupCount; Count of setup words | ||
2354 | UCHAR Reserved2; Reserved (pad above to word) | ||
2355 | USHORT Setup[SetupWordCount]; Setup words (# = SetupWordCount) | ||
2356 | USHORT ByteCount; Count of data bytes | ||
2357 | UCHAR Pad[]; Pad to SHORT or LONG | ||
2358 | UCHAR Parameters[ParameterCount]; Parameter bytes (# = | ||
2359 | ParameterCount) | ||
2360 | UCHAR Pad1[]; Pad to SHORT or LONG | ||
2361 | |||
2362 | |||
2363 | |||
2364 | Leach, Naik [Page 37] | ||
2365 | |||
2366 | |||
2367 | INTERNET-DRAFT CIFS Remote Admin Protocol January 10, 1997 | ||
2368 | |||
2369 | |||
2370 | UCHAR Data[DataCount]; Data bytes (# = DataCount) | ||
2371 | |||
2372 | |||
2373 | |||
2374 | |||
2375 | 16. Appendix B | ||
2376 | |||
2377 | |||
2378 | 16.1 Marshaling and unmarshaling using descriptor strings | ||
2379 | |||
2380 | TBD. This will be a note to explain how the descriptor strings can be | ||
2381 | used to drive a marshaling engine that can automatically marshal and | ||
2382 | unmarshal RAP messages and call local APIs whose calling sequences | ||
2383 | closely match the format of the RAP services. | ||
2384 | |||
2385 | |||
2386 | |||
2387 | |||
2388 | |||
2389 | |||
2390 | |||
2391 | |||
2392 | |||
2393 | |||
2394 | |||
2395 | |||
2396 | |||
2397 | |||
2398 | |||
2399 | |||
2400 | |||
2401 | |||
2402 | |||
2403 | |||
2404 | |||
2405 | |||
2406 | |||
2407 | |||
2408 | |||
2409 | |||
2410 | |||
2411 | |||
2412 | |||
2413 | |||
2414 | |||
2415 | |||
2416 | |||
2417 | |||
2418 | |||
2419 | |||
2420 | |||
2421 | |||
2422 | |||
2423 | |||
2424 | |||
2425 | |||
2426 | |||
2427 | Leach, Naik [Page 38] \ No newline at end of file | ||