2.2.1.6 Unique Identifiers

  • Article

CIFS unique identifiers are used in to represent open files, authenticated users, SMB sessions, and so on within the protocol. To be a "unique identifier", an identifier MUST be unique with respect to other identifiers of the same type within the same context. The following is a list of unique identifiers used in CIFS and their relevant contexts:

  • FID (File ID): A file handle, representing an open file on the server. A FID returned from an Open or Create operation MUST be unique within an SMB connection.

  • MID (Multiplex ID): The MID is assigned by the client. All messages include a MID along with a PID (process ID, see below) to uniquely identify groups of commands belonging to the same logical thread of operation on the client node. The client MAY use the PID/MID pair to demultiplex command responses and to identify outstanding requests that are pending on the server (see SMB_COM_NT_CANCEL). In earlier SMB Protocol dialects, the MID was defined as a number that uniquely identified a protocol request and response within a process (see [SMB-LM1X], section 1). In CIFS, except where noted, a client MAY have multiple outstanding requests (within the limit set by the MaxMPXCount connection value) with the same PID and MID values. Clients inform servers of the creation of a new thread simply by introducing a new MID into the dialog.

  • PID (Process ID): The PID is assigned by the client. The client SHOULD <19> set this to a value that identifies the process on the client nodeĀ  that initiated the request. The server MUST return both the PID and the MID to the client in any response to a client request. Clients inform servers of the creation of a new process simply by introducing a new PID into the dialog. In CIFS, the PID is a 32-bit value constructed by combining two 16-bit fields (PIDLow and PIDHigh) in the SMB Header (section 2.2.3.1).

  • SessionKey: A Session Key is returned in the SMB_COM_NEGOTIATE response received during establishment of the SMB connection. This Session Key is used to logically bind separate virtual circuits (VCs) together. This Session Key is not used in any authentication or message signing. It is returned to the server in the SMB_COM_SESSION_SETUP_ANDX request messages that are used to create SMB sessions.

  • SessionKey: The term "Session Key" also refers to a cryptographic secret key used to perform challenge/response authentication and is also used in the message signing algorithm. For each SMB session, the Session Key is the LM or NTLM password hash used in the generation of the response from the server-supplied challenge. The Session Key used in the first successful user authentication (non-anonymous, non-guest) becomes the signing Session Key for the SMB connection.

  • CID (Connection ID): If a connectionless transport is in use, the Connection ID (CID) is generated by the server and passed in the SMB Header of every subsequent SMB message to identify the SMB connection to which the message belongs.

  • SID (Search ID): A search ID (also known as a SID) is similar to a FID. It identifies an open directory search, the state of which is maintained on the server. Open SIDs MUST be unique to the SMB connection.

  • TID (Tree ID): A TID represents an open connection to a share, otherwise known as a tree connect. An open TID MUST be unique within an SMB connection.

  • UID (User ID): A UID represents an authenticated SMB session (including those created using anonymous or guest authentication). Some implementations refer to this value as a Virtual User ID (VUID) to distinguish it from the user IDs used by the underlying account management system.