[cifs-protocol] 118120419417063 [MS-ADDM] Active Directory Webservices expected lifetime of [MC-NBFSE] StringTable
srenaden at microsoft.com
Tue Dec 4 23:54:46 UTC 2018
Dochelp in Bcc
Casemail in Cc
Hello Garming Sam,
Thank you for your inquiry about Microsoft Open Specifications. We have created the following incidents to investigate your issue. One of the Open specifications team member will contact you shortly and separate e-mail threads will be started to assist you with these questions.
118120419417063 [MS-ADDM] Active Directory Webservices expected lifetime of [MC-NBFSE] StringTable. Question #1
118120419417067 [MS-ADDM] Active Directory Webservices expected lifetime of [MC-NBFSE] StringTable. Question #2
Microsoft Windows Open Specifications
From: Garming Sam <garming at catalyst.net.nz>
Sent: Tuesday, December 4, 2018 6:41 PM
To: Interoperability Documentation Help <dochelp at microsoft.com>
Cc: cifs-protocol at lists.samba.org
Subject: [MS-ADDM] Active Directory Webservices expected lifetime of [MC-NBFSE] StringTable
When running AD Powershell commands, the transport is a SOAP-binary XML format. The protocol defining this [MC-NFBSE] allows compression using a dictionary which is appended to at runtime by sending a StringTable at the beginning of the message.
The base dictionary has static entries at every even index, while the runtime entries are added at every odd index. There seem to be some ambiguities in what the lifetime of these entries are:
1) When you have two endpoints communicating (A, B), are there two dictionaries, one on A and one of B (or is it shared)?
When Endpoint A adds entry at offset 0x1, does this mean that when Endpoint B adds an entry it must be at offset 0x3 of a shared dictionary? The StringTable structure only specifies a sequence of elements to add to 'the dictionary', not its index.
2) How long are entries in the dictionary meant to live? [MC-NBFSE] 2.1 StringTable says "A consumer of this format MUST maintain this mapping until there are no further documents to process."
It's not entirely clear what is meant by 'no further documents to process'. For instance, the StringTable entry could only live as long as a single SOAP request, but then it doesn't offer much in the way of compression and I would've considered each SOAP request a 'document'.
Intuitively, I would expect the dictionary to last the session, but what a session is depends on the underlying protocol. With Active Directory Web Services and [MC-NMF], it should mean [Preamble] -> [EndRecord] / disconnect. Alternatively it could be over the TCP connection, but lasting over multiple application level communications (with different security contexts) seems kind of wrong. In fact, a conversation may exist over multiple ADWS endpoints and presumably connections, but I don't think there is any way to tie these together.
More information about the cifs-protocol