Export (0) Print
Expand All

8 Appendix C: Product Behavior

The information in this specification is applicable to the following Microsoft products or supplemental software. References to product versions include released service packs:

  • Windows XP operating system

  • Windows Server 2003 operating system

  • Windows Vista operating system

  • Windows Server 2008 operating system

  • Windows 7 operating system

  • Windows Server 2008 R2 operating system

  • Windows 8 operating system

  • Windows Server 2012 operating system

  • Windows 8.1 operating system

  • Windows Server 2012 R2 operating system

Exceptions, if any, are noted below. If a service pack or Quick Fix Engineering (QFE) number appears with the product version, behavior changed in that service pack or QFE. The new behavior also applies to subsequent service packs of the product unless otherwise specified. If a product edition appears with the product version, behavior is different in that product edition.

Unless otherwise specified, any statement of optional behavior in this specification that is prescribed using the terms SHOULD or SHOULD NOT implies product behavior in accordance with the SHOULD or SHOULD NOT prescription. Unless otherwise specified, the term MAY implies that the product does not follow the prescription.

<1> Section 1.3: Windows implements expert authentication using the Offer Remote Assistance Helpers Group. DCOM will only allow members of this group to execute the Remote Assistance Initiation Protocol methods.

<2> Section 1.7:

  • Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2 implement IRASrv. A novice running one of these versions of Windows can be initiated only through IRASrv.

  • Windows XP and Windows Server 2003 implement IPCHService. A Windows XP or Windows Server 2003 novice can be initiated only through IPCHService.

  • A Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, or Windows Server 2012 R2 expert first attempts to call IRASrv, and if that fails, the expert then attempts to call the IPCHService interface.

  • A Windows XP or Windows Server 2003 expert will only attempt to call IPCHService and will not be able to connect to a novice running Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8 Windows Server 2012, Windows 8.1, or Windows Server 2012 R2.

<3> Section 2.2.1: This form of the Remote Assistance Connection String is obtained from Remote Assistance running on a Windows XP or Windows Server 2003 novice.

<4> Section 2.2.2: This form of the Remote Assistance Connection String is obtained from Remote Assistance running on a Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, or Windows Server 2012 R2 novice computer.

<5> Section 3.1.4.1: This interface and its called interfaces, IPCHCollection and ISAFSession, are only called by Windows XP and Windows Server 2003.

<6> Section 3.1.4.1: Gaps in the opnum numbering sequence apply to Windows as follows.

Opnum

Description

3-4

Only used locally by Windows, never remotely.

<7> Section 3.1.4.1.1: Access denied error is returned only for Windows XP SP1 and the initial release of Windows Server 2003.

<8> Section 3.1.4.1.2: Access denied error is returned only for Windows XP SP1 and the initial release of Windows Server 2003.

<9> Section 3.1.4.1.2.1: Gaps in the opnum numbering sequence apply to Windows as follows.

Opnum

Description

3-4

Only used locally by Windows, never remotely.

<10> Section 3.1.4.1.2.2: Gaps in the opnum numbering sequence apply to Windows as follows.

Opnum

Description

3-4

Only used locally by Windows, never remotely.

<11> Section 3.3.4.1: This interface is used only by Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2.

<12> Section 3.3.4.1: Gaps in the opnum numbering sequence apply to Windows as follows.

Opnum

Description

3-4

Only used locally by Windows, never remotely.

<13> Section 5.1: For DCOM authentication/authorization in Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2, the following are used:

  • Authentication Service - RPC_C_AUTHN_WINNT

  • Authorization Service - RPC_C_AUTHZ_DEFAULT

  • Authentication Level - RPC_C_AUTHN_LEVEL_PKT_PRIVACY

  • Impersonation Level - RPC_C_IMP_LEVEL_IMPERSONATE

For DCOM authentication/authorization in Windows XP and Windows Server 2003, all defaults are used.

<14> Section 6: In Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2, the XML file has the extension MSRCIncident.

<15> Section 6: This version is specific to Windows XP and Windows Server 2003.

<16> Section 6: A password can be used in Windows XP and Windows Server 2003. For security reasons it is advisable to protect the RA invitation file using a password.

In Windows XP and Windows Server 2003, when a password is used, it is encrypted using PROV_RSA_FULL predefined Cryptographic provider with MD5 hashing and CALG_RC4, the RC4 stream encryption algorithm. More details are in the Cryptography Reference [MSDN-CRYPTO].

is the following diagram shows the password encryption flow in Windows XP and Windows Server 2003.

29bc9473-86a7-4649-9c7f-30ad87c02dd1

Figure 2: Windows XP and Windows Server 2003 password encryption flow

The password is translated into a Unicode string before it is hashed. The passStub must be a 14 character Unicode string. Also, the passStub should be prefixed with a four-byte integer that contains the number of bytes in the following data string, as defined in BSTR data type ([MS-DTYP] section 2.2.5), when performing the encryption.

<17> Section 6: This type is specific to Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012.

<18> Section 6: In Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012, the password is mandatory and it is encrypted using the MS_ENH_RSA_AES_PROV predefined Cryptographic provider with CALG_SHA hashing and the CALG_AES_128 encryption algorithm. The cipher mode used can be CRYPT_MODE_CBC and the password used during the encryption process is a Unicode string.

Following is the password encryption flow diagram in the case of Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012:

f5809d36-c2e4-4aa6-953f-64c7198e7911

Figure 3: Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012 password encryption flow

<19> Section 6: This attribute can be present for Windows XP and Windows Server 2003 compatibility.

 
Show:
© 2014 Microsoft