The following terms are defined in [MS-GLOS]:
discretionary access control list (DACL)
Distributed File System (DFS)
Distributed File System (DFS) link
file system control (FSCTL)
fully qualified domain name (FQDN)(1)
globally unique identifier (GUID)
network byte order
NT file system (NTFS)
security identifier (SID)
system access control list (SACL)
Transmission Control Protocol (TCP)
The following terms are specific to this document:
authenticated context: The runtime state that is associated with the successful authentication of a security principal between the client and the server, such as the security principal itself, the cryptographic key that was generated during authentication, and the rights and privileges of this security principal.
Branch Cache: Branch Cache is intended to reduce bandwidth consumption on branch-office wide area network (WAN) links. Branch Cache clients retrieve content from distributed caches within a branch instead of remote servers. Distributed caches in the branch can either be on peer clients within the branch or be on dedicated caching servers. Branch Cache details are discussed in [MS-PCCRR].
channel: A logical entity that associates a transport connection to a session.
compounded requests and responses: A method of combining multiple SMB 2 Protocol requests or responses into a single transmission request for submission to the underlying transport.
content: A file that is accessed by an application. Examples of content include web pages and documents stored on either web servers or SMB file servers.
content information: An opaque blob of data containing a set of hashes for a specific file that can be used by the application to retrieve the contents of the file using the branch cache. The details of content information are discussed in [MS-PCCRC].
content information file: A file that stores Content Information along with a HASH_HEADER (see section 188.8.131.52.1).
create context: A variable-length attribute that is sent with an SMB2 CREATE Request (section 2.2.13) or SMB2 CREATE Response (section 2.2.14) that either gives extra information about how the create will be processed, or returns extra information about how the create was processed. See sections 184.108.40.206 and 220.127.116.11.
credit: A value that is granted to an SMB 2 Protocol client by an SMB 2 Protocol server that limits the number of outstanding requests that a client can send to a server.
durable open: An open to a file that allows the client to attempt to preserve and reestablish the open after a network disconnect. It cannot be permissible to a directory, named pipe, or printer.
I/O control (IOCTL): A command that is issued to a target file system or target device in order to query or alter the behavior of the target; or to query or alter the data and attributes that are associated with the target or the objects that are exposed by the target.
lease: A mechanism that is designed to allow clients to dynamically alter their buffering strategy in a consistent manner in order to increase performance and reduce network use. The network performance for remote file operations may be increased if a client can locally buffer file data, which reduces or eliminates the need to send and receive network packets. For example, a client may not have to write information into a file on a remote server if the client confirms that no other client is accessing the data. Likewise, the client may buffer read-ahead data from the remote file if the client confirms that no other client is writing data to the remote file.
There are three types of leases:
A read-caching lease allows a client to cache reads and can be granted to multiple clients.
A write-caching lease allows a client to cache writes and byte range locks and can only be granted to a single client.
A handle-caching lease allows a client to cache open handles and can be granted to multiple clients.
A lease can be a combination of one or more of the lease types listed above. When a client opens a file, it requests that the server grant it a lease on the file. The response from the server indicates the lease that is granted to the client. The client uses the granted lease to adjust its buffering policy.
A lease can span multiple opens as well as multiple connections from the same client.
Lease Break: An unsolicited request that is sent by an SMB 2 Protocol server to an SMB 2 Protocol client to inform the client to change the lease state for a file.
Local object store: A system that provides the ability to create, query, modify, or apply policy to a local resource on behalf of a remote client. The object store is backed by a file system, a named pipe, or a print job that is accessed as a file.
Open: A runtime object that corresponds to a currently established access to a specific file or named pipe from a specific client to a specific server, using a specific user security context. Both clients and servers maintain opens that represent active accesses.
Oplock: An opportunistic lock, or oplock, is a mechanism that is designed to allow clients to dynamically alter their buffering strategy in a consistent manner in order to increase performance and reduce network use. The network performance for remote file operations may be increased if a client can locally buffer file data, which reduces or eliminates the need to send and receive network packets. For example, a client may not have to write information into a file on a remote server if the client confirms that no other process is accessing the data. Likewise, the client may buffer read-ahead data from the remote file if the client confirms that no other process is writing data to the remote file.
There are three types of oplocks:
An exclusive oplock allows a client to open a file for exclusive access and allows the client to perform arbitrary buffering.
A batch oplock allows a client to keep a file open on the server even though the local accessor on the client machine has closed the file.
A Level II oplock indicates that there are multiple readers of a file and no writers.
When a client opens a file, it requests that the server grant it a particular type of oplock on the file. The response from the server indicates the type of oplock that is granted to the client. The client uses the granted oplock type to adjust its buffering policy.
Oplock Break: An unsolicited request that is sent by an SMB 2 Protocol server to an SMB 2 Protocol client to inform the client to change the oplock level for a file.
Sequence Number: A number that uniquely identifies a request and response that is sent on an SMB 2 Protocol connection. For a description of how sequence numbers are allocated, see sections 18.104.22.168.6 and 22.214.171.124.
Session: An authenticated context that is established between an SMB 2 Protocol client and an SMB 2 Protocol server over an SMB 2 Protocol connection for a specific security principal. There could be multiple active sessions over a single SMB 2 Protocol connection. The SessionId field in the SMB2 packet header (section 2.2.1) distinguishes the various sessions.
Share: A local resource that is offered by an SMB 2 Protocol server for access by SMB 2 Protocol clients over the network. The SMB 2 Protocol defines three types of shares: file (or disk) shares, which represent a directory tree and its included files; pipe shares, which expose access to named pipes; and print shares, which provide access to print resources on the server. A pipe share as defined by the SMB 2 Protocol must always have the name "IPC$". A pipe share must only allow named pipe operations and DFS referral requests to itself.
Tree Connect: A connection by a specific session on an SMB 2 Protocol client to a specific share on an SMB 2 Protocol server over an SMB 2 Protocol connection. There could be multiple tree connects over a single SMB 2 Protocol connection. The TreeId field in the SMB2 packet header (section 2.2.1) distinguishes the various tree connects.
WorldSid: A SID with the specific value of S-1-1-0.
MAY, SHOULD, MUST, SHOULD NOT, MUST NOT: These terms (in all caps) are used as described in [RFC2119]. All statements of optional behavior use either MAY, SHOULD, or SHOULD NOT.