NTDOM: Connecting to a printer - name invalid ?
Luke Kenneth Casson Leighton
lkcl at switchboard.net
Wed Feb 4 18:26:22 GMT 1998
here are some notes i made earlier today about the \PIPE\spoolss service.
it looks like a major task (two weeks' work):
dce/rpc printer support.
looks comprehensive and excessive. notes on packet trace:
it starts off with a \spoolss pipe on 12345678-1234-abcd-ef00-0123456789ab.
the bind response is to 045d888a-eb1c-c911-9fe808002b104860, version 0x02.
rpcs then follow:
- unidentified (as yet) opcode 0x45 with server, username, machine. etc.
response contains a 20 byte HND. presumably this call is an open.
- RpcGetPrinterData (0x26) UiSingleJobStatusString. hm.
type, data, needed. what's this all about?
- RpcRemoteFindFirstPrinterChangeNotificationEx (0x41)
more printer spooling pipe opening. again.
- RpcSetAllocFailCount (0x43) - contains printer handle + fail count
response alloc count, free count, failcounthit.
- RpcReplyOpenPrinter (0x3a) - contains machine, key for remote printer
(alloccount from above)
response undecoded.
- RpcFindClosePrinterChangeNotification (0x38). contains printer handle.
presumably the findfirstprtchg response contained the handle.
- RpcReplyClosePrinter (0x3c) - contains handle.
response: ok. BUT there is a file close from the client at the
same time. response might be delayed until the server responds
to the SMBclose. oops.
- RpcClosePrinter (0x1d) - close printer handle.
response: ok.
close \spoolss.
and this is with no printers!
More information about the samba-ntdom
mailing list