How Windows Communication Works

If you are working in a support or engineering role with Microsoft platform products like the various Windows versions one of the biggest struggles you can have is understanding what to expect in code and on the network when Windows computers communicate to each other and other platforms.  Documentation at that level of depth is scarce and what is available can be a tough read.

But not so much anymore.  As part of the Microsoft Communications Protocol Program (MCPP) documentation for the various protocols are now available.   The documentation is searchable online or you can download all of the Windows Communications Protocols in PDF format all at once by clicking here

It’s important to understand that these are not just reference level documents.  They have the information you need to understand how our products work in detail.  If you need to make one New Year’s Resolution it should be to read these documents in 2010.

Here are some of the more useful documents included in that download that I recommend you review:

MS-GLOS glossary of terms which has excellent short, concise definitions of technical terms used in the various Windows Communications Protocols.

MS-AUTHSO Windows Authentication Services Overview.  This document details how all of the various specifications fit together.  Good for a putting a framework in place for your other knowledge.

MS-KILE Kerberos Protocol Extensions.  This document is covers how Windows Kerberos works with Active Directory.  Service integration, PKI, encryption, transport mechanisms, group membership, interactive logon information and delegation are all items which are included in this PDF.  This is a must read document if you need to understand Kerberos in a Windows environment.

MS-SFU Kerberos Services for User.  Crucial for understanding how Kerberos is expected to work generally and how the Microsoft Kerberos implementation preserves identity and maintains security.

MS-PKCA Public Key Cryptography for Initial Authentication (PKINIT) in Kerberos Protocol Specification.  This document details how Public Key Cryptography (PKI) is used in Kerberos for initial ticket exchange.  If you use or plan to use smartcard logon or other PKINIT capable certificate for user logon this document is useful to understand what the general requirements are and how PKINIT will appear in a Kerberos AS exchange on the network.

MS-PAC Privilege Attribute Certificate Data Structure.  This is all about the user or principal token on the wire.  This PDF includes information about how the PAC is laid out and what it contains.  This is more useful if you are in a situation where you are debugging an application or access, but it is good reference information for general knowledge as well.

MS-SPNG SPNEGO authentication negotiation.  Useful in understanding what you are seeing for authentication negotiation in network captures.

MS-NLMP NT LAN Manager (NTLM) Authentication Protocol Specification.  This is covers NTLM with definitions, protocol examples, messages and more.

MS-CIFS Common Internet File System Protocol.  The PDF contains details of how the file transfer communication works.  Particularly useful if you need to understand how file and print services work over the network from client to server.

MS-SMB Server Message Block (SMB) Protocol Specification.  SMB is an extension of CIFS, and this document defines what those those extensions are and how they work.  This is the stuff you see when you filter a network capture for SMB.

MS-DFSC Distributed File System (DFS). Have you ever needed to try to figure out what went wrong or why something unexpected happened with a DFS referral?  This is the document for you since it covers how DFS communication works and contains protocol examples.  This does not cover DFS replication (DFSR).

MS-DFSNM Distributed File System Namespace Management Protocol Spec.  This specification document contains information on how DFS management works on the wire using Remote Procedure Call (RPC) network traffic.

MS-FSSO File Access Services System Overview.  Has one of your users ever complained that they can’t get access to a file on a share and normal troubleshooting for permissions didn’t reveal the answer? Read this document and reviewing a network capture of the activity should be much easier.

MS-GPSO Group Policy System Overview.  This document goes over how group policy is obtained by client from server in detail.  If you are an administrator that administers Group Policy you should read this.  It contains a level of detail previously unseen outside of Microsoft training.

The download contains many more PDF files that may prove useful to you depending on your daily routine.   If you are someone that wants to take your knowledge of Windows to the next level-way beyond what certifications require-this is the stuff for you.   Consider it Microsoft’s holiday gift to you.  Enjoy!