184.108.40.206.12 Sending License Error PDU - Valid Client
The structure and fields of the License Error (Valid Client) PDU are described in section 220.127.116.11.
The mcsSDin field is initialized as described in [T125] section 11.33. The embedded initiator field MUST be set to the MCS server channel ID held in the Server Channel ID store (section 18.104.22.168) and the embedded channelId field MUST be set to the MCS I/O channel ID held in the I/O Channel ID store (section 22.214.171.124). The embedded userData field contains the remaining fields of the Valid Client PDU.
If Enhanced RDP Security (see section 5.4) is in effect, the External Security Protocol (see section 5.4.5) MUST be used to encrypt the entire PDU and generate a verification digest. The securityHeader field MUST be present; however, it will contain a Basic Security Header structure (see section 126.96.36.199.1.2.1).
If Standard RDP Security mechanisms (see section 5.3) are in effect, the PDU data following the securityHeader field may be encrypted and signed (depending on the values of the Encryption Level and Encryption Method selected by the server as part of the negotiation described in section 5.3.2 and the contents of the Client Licensing Encryption Ability store (section 188.8.131.52) using the methods and techniques described in section 5.3.6). The format of the securityHeader field is selected as described in section 184.108.40.206 and the fields populated with appropriate security data. If the data is to be encrypted, the embedded flags field of the securityHeader field MUST contain the SEC_ENCRYPT (0x0008) flag.
The embedded flags field of the securityHeader field (which is always present) MUST contain the SEC_LICENSE_PKT (0x0080) flag (described in section 220.127.116.11.1.2.1) to indicate that the message is a licensing PDU. If the server can handle encrypted licensing packets from the client and Standard RDP Security mechanisms are being used, then the SEC_LICENSE_ENCRYPT_CS (0x0200) flag SHOULD also be included in the flags subfield of the securityHeader field.
The remainder of the PDU MUST be populated according to the structure and type definition in section 18.104.22.168.
After sending the License Error (Valid Client) PDU, the server MUST send the Demand Active PDU (see section 22.214.171.124.13.1) to the client.