Export (0) Print
Expand All

7 Appendix B: Product Behavior

The information in this specification is applicable to the following Microsoft products or supplemental software. References to product versions include released service packs:

  • Windows NT operating system

  • Windows 2000 operating system

  • Windows XP operating system

  • Windows Server 2003 operating system

  • Windows Server 2003 R2 operating system

  • Windows Vista operating system

  • Windows Server 2008 operating system

  • Windows 7 operating system

  • Windows Server 2008 R2 operating system

  • Windows 8 operating system

  • Windows Server 2012 operating system

  • Windows 8.1 operating system

  • Windows Server 2012 R2 operating system

Exceptions, if any, are noted below. If a service pack or Quick Fix Engineering (QFE) number appears with the product version, behavior changed in that service pack or QFE. The new behavior also applies to subsequent service packs of the product unless otherwise specified. If a product edition appears with the product version, behavior is different in that product edition.

Unless otherwise specified, any statement of optional behavior in this specification that is prescribed using the terms SHOULD or SHOULD NOT implies product behavior in accordance with the SHOULD or SHOULD NOT prescription. Unless otherwise specified, the term MAY implies that the product does not follow the prescription.

<1> Section 2.1: The Windows RPC server and RPC client support TCP/IP on Windows XP, Windows Server 2003, Windows Server 2003 R2, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2.

<2> Section 2.1: The endpoint "\PIPE\lsarpc" by default allows anonymous access on Windows NT 3.1, Windows NT 3.5, Windows NT 3.51, Windows 2000, Windows XP, Windows Server 2003, Windows Server 2003 R2, and Windows Vista. Anonymous access to this pipe is removed by default on Windows Vista SP1, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2. Pipe access check happens before any other access check, and hence overrides any other access.

<3> Section 2.1: If the client uses an unsupported RPC protocol sequence, the RPC server implementations in Windows 2000, Windows XP, Windows Server 2003, and Windows Server 2003 R2 return RPC_S_PROTSEQ_NOT_SUPPORTED (as specified in [MS-ERREF]). Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2 throw an RPC exception with status code ERROR_ACCESS_DENIED.

<4> Section 2.2: The following table contains a timeline of when a particular data type was introduced.

Data type name

Windows version

LSAPR_HANDLE

Windows NT 3.1

STRING

Windows NT 3.1

LSAPR_ACL

Windows NT 3.1

SECURITY_DESCRIPTOR_CONTROL

Windows NT 3.1

LSAPR_SECURITY_DESCRIPTOR

Windows NT 3.1

SECURITY_IMPERSONATION_LEVEL

Windows NT 3.1

SECURITY_CONTEXT_TRACKING_MODE

Windows NT 3.1

SECURITY_QUALITY_OF_SERVICE

Windows NT 3.1

LSAPR_OBJECT_ATTRIBUTES

Windows NT 3.1

ACCESS_MASK

Windows NT 3.1

LSAPR_TRUST_INFORMATION

Windows NT 3.1

LSAPR_REFERENCED_DOMAIN_LIST

Windows NT 3.1

SID_NAME_USE

Windows NT 3.1

LSA_TRANSLATED_SID

Windows NT 3.1

LSAPR_TRANSLATED_SIDS

Windows NT 3.1

LSAP_LOOKUP_LEVEL

Windows NT 3.1

LSAPR_SID_INFORMATION

Windows NT 3.1

LSAPR_SID_ENUM_BUFFER

Windows NT 3.1

LSAPR_TRANSLATED_NAME

Windows NT 3.1

LSAPR_TRANSLATED_NAMES

Windows NT 3.1

LSAPR_TRANSLATED_NAME_EX

Windows 2000

LSAPR_TRANSLATED_NAMES_EX

Windows 2000

LSAPR_TRANSLATED_SID_EX

Windows 2000

LSAPR_TRANSLATED_SIDS_EX

Windows 2000

LSAPR_TRANSLATED_SID_EX2

Windows XP

LSAPR_TRANSLATED_SIDS_EX2

Windows XP

<5> Section 2.2.13: The following table contains a timeline of when a particular enumeration value was introduced.

Enumeration value

Enumeration name

Windows version

1

SidTypeUser

Windows NT 3.1

2

SidTypeGroup

Windows NT 3.1

3

SidTypeDomain

Windows NT 3.1

4

SidTypeAlias

Windows NT 3.1

5

SidTypeWellKnownGroup

Windows NT 3.1

6

SidTypeDeletedAccount

Windows NT 3.1

7

SidTypeInvalid

Windows NT 3.1

8

SidTypeUnknown

Windows NT 3.1

9

SidTypeComputer

Windows 2000

10

SidTypeLabel

Windows Vista

<6> Section 2.2.15: The Windows RPC server and RPC client limit the Entries field of this structure to 1,000 (using the range primitive defined in [MS-RPCE]) in Windows XP SP2, Windows Server 2003, Windows Server 2003 R2, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2. Windows NT 3.1, Windows NT 3.5, Windows NT 3.51, Windows NT 4.0, Windows 2000, and Windows XP do not have this restriction.

<7> Section 2.2.16: The following table contains a timeline of when particular enumeration values were introduced.

Enumeration value

Enumeration name

Windows version

1

LsapLookupWksta

Windows NT 3.1

2

LsapLookupPDC

Windows NT 3.1

3

LsapLookupTDL

Windows NT 3.1

4

LsapLookupGC

Windows 2000

5

LsapLookupXForestReferral

Windows XP

6

LsapLookupXForestResolve

Windows XP

7

LsapLookupRODCReferralToFullDC

Windows Vista

<8> Section 2.2.18: The Windows implementation of the RPC server and RPC client limits the Entries field of this structure to 0x5000 (using the range primitive defined in [MS-RPCE]) in Windows XP SP2, Windows Server 2003, Windows Server 2003 R2, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2. Windows NT 3.1, Windows NT 3.5, Windows NT 3.51, Windows NT 4.0, Windows 2000, and Windows XP do not enforce this restriction.

<9> Section 2.2.20: The Windows RPC server and RPC client limit the Entries field of this structure to 0x5000 (using the range primitive defined in [MS-RPCE]) in Windows XP SP2, Windows Server 2003, Windows Server 2003 R2, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2. Windows NT 3.1, Windows NT 3.5, Windows NT 3.51, Windows NT 4.0, Windows 2000, and Windows XP do not enforce this restriction.

<10> Section 2.2.21: The following table contains a timeline of when each flag value was introduced.

Flag value

Windows version

0x00000001

Windows 2000

0x00000002

Windows Server 2003

0x00000004

Windows Vista

<11> Section 2.2.22: The Windows RPC server and RPC client limit the Entries field of this structure to 0x5000 (using the range primitive defined in [MS-RPCE]) in Windows XP SP2, Windows Server 2003, Windows Server 2003 R2, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2. Windows NT 3.1, Windows NT 3.5, Windows NT 3.51, Windows NT 4.0, Windows 2000, and Windows XP do not enforce this restriction.

<12> Section 2.2.23: The following table contains a timeline of when each flag value was introduced.

Flag value

Windows version

0x00000001

Windows 2000

0x00000002

Windows Server 2003

0x00000004

Windows Vista

<13> Section 2.2.24: The Windows RPC server and RPC client limit the Entries field of this structure to 1,000 (using the range primitive defined in [MS-RPCE]) in Windows XP SP2, Windows Server 2003, Windows Server 2003 R2, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2. Windows NT 3.1, Windows NT 3.5, Windows NT 3.51, Windows NT 4.0, Windows 2000, and Windows XP do not enforce this restriction.

<14> Section 2.2.25: The following table contains a timeline of when each flag value was introduced.

Flag value

Windows version

0x00000001

Windows 2000

0x00000002

Windows Server 2003

0x00000004

Windows Vista

<15> Section 2.2.26: The Windows RPC server and RPC client limit the Entries field of this structure to 1,000 (using the range primitive defined in [MS-RPCE]) in Windows XP SP2, Windows Server 2003, Windows Server 2003 R2, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2. Windows NT 3.1, Windows NT 3.5, Windows NT 3.51, Windows NT 4.0, Windows 2000, and Windows XP do not enforce this restriction.

<16> Section 3.1.1.1: Windows NT 3.1, Windows NT 3.5, Windows NT 3.51, and Windows NT 4.0, when creating these views, leave the Domain DNS Name, Default User Principal Names, User Principal Name, and Security Principal SID History columns empty; therefore, they cannot be used for matching.

<17> Section 3.1.1.1.1: The Enterprise Domain Controllers, Self, Authenticated Users, Restricted, and Terminal Server User entries were added in Windows 2000.

The Local Service, Network Service, and Remote Interactive Logon entries were added in Windows XP.

The This Organization and Other Organization entries were added in Windows Server 2003.

<18> Section 3.1.1.1.1: The entries in the table that follows this citation in section 3.1.1.1.1 were added in Windows Server 2003.

<19> Section 3.1.1.1.1: The entries in the table that follows this citation in section 3.1.1.1.1 were added in Windows Vista.

<20> Section 3.1.4: The Windows implementation of this protocol asks the RPC engine to do the following:

  • Perform a strict Network Data Representation (NDR) data consistency check at target level 5.0 (as specified in [MS-RPCE] section 3) in Windows 2000, Windows XP, Windows Server 2003, Windows Server 2003 R2, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2.

  • Include support for both NDR and NDR64 transfer syntaxes, as well as the negotiation mechanism for determining what transfer syntax will be used (as specified in [MS-RPCE] section 3) in Windows XP, Windows Server 2003, Windows Server 2003 R2, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2.

  • Via the strict_context_handle attribute, reject the use of context handles created by a method of a different RPC interface than this one (as specified in [MS-RPCE] section 3).

<21> Section 3.1.4: The following table contains a timeline of when each method was introduced.

Opnum

Friendly name

Product

0

LsarClose

Windows NT 3.1

6

LsarOpenPolicy

Windows NT 3.1

14

LsarLookupNames

Windows NT 3.1

15

LsarLookupSids

Windows NT 3.1

44

LsarOpenPolicy2

Windows NT 3.51

45

LsarGetUserName

Windows NT 4.0

57

LsarLookupSids2

Windows 2000

58

LsarLookupNames2

Windows 2000

68

LsarLookupNames3

Windows XP

76

LsarLookupSids3

Windows XP

77

LsarLookupNames4

Windows XP

<22> Section 3.1.4: Some gaps in the opnum numbering sequence correspond to opnums that are documented in [MS-LSAD]. All other gaps in the opnum numbering sequence apply to Windows as follows.

Opnum

Description

1

Used only locally by Windows, never remotely.

5

Not used by Windows.

9

Not used by Windows.

21

Not used by Windows.

22

Not used by Windows.

52

Not used by Windows.

56

Used only locally by Windows, never remotely.

60

Used only locally by Windows, never remotely.

61

Used only locally by Windows, never remotely.

62

Used only locally by Windows, never remotely.

63

Used only locally by Windows, never remotely.

64

Used only locally by Windows, never remotely.

65

Used only locally by Windows, never remotely.

66

Used only locally by Windows, never remotely.

67

Used only locally by Windows, never remotely.

69

Used only locally by Windows, never remotely.

70

Used only locally by Windows, never remotely.

71

Used only locally by Windows, never remotely.

72

Used only locally by Windows, never remotely.

75

Used only locally by Windows, never remotely.

<23> Section 3.1.4.5: The Windows RPC server and RPC client limit the Count field of this structure to 1,000 (using the range primitive defined in [MS-RPCE]) in Windows XP SP2, Windows Server 2003, Windows Server 2003 R2, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2. Windows NT 3.1, Windows NT 3.5, Windows NT 3.51, Windows NT 4.0, Windows 2000, and Windows XP do not enforce this restriction.

<24> Section 3.1.4.5: For Windows, usage of 0x00000001 for ClientRevision implies a client that is running an operating system released before Windows 2000 (Windows NT 3.1, Windows NT 3.5, Windows NT 3.51, and Windows NT 4.0). Usage of 0x00000002 implies that the client is running an operating system version of Windows 2000 or a later release (Windows 2000, Windows XP, Windows Server 2003, Windows Server 2003 R2, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, or Windows Server 2012 R2).

<25> Section 3.1.4.5: Windows 2000 Server, Windows Server 2003, and Windows Server 2003 R2 do not match names in user principal name form if ALL of the following are true:

  • LookupLevel is either LsapLookupWksta or LsapLookupPDC.

  • The server is a domain controller.

  • ClientRevision is 0x00000001.

  • The server is in a mixed domain environment.

<26> Section 3.1.4.5: On a domain-joined, non-DC machine, when 0x80000000 is passed for the LookupOptions argument with a mix of isolated and composite names that cannot be matched in the views that are to be searched, Windows XP, Windows Server 2003, Windows Server 2003 R2, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2 return STATUS_SOME_NOT_MAPPED.

<27> Section 3.1.4.6: All versions of Windows that implement this method (LsarLookupNames3) also implement LsarLookupNames4 (both in terms of client and server); hence, this method does not need to be implemented to interoperate with Windows clients or servers. The choice of which method to call depends on whether the client has a local security authority (LSA) policy handle or an RPC binding handle. Complete compatibility with Windows supports both calls.

<28> Section 3.1.4.6: The Windows implementation of the RPC server and RPC client limits the Count field of this structure to 1,000 (using the range primitive defined in [MS-RPCE]) in Windows XP SP2, Windows Server 2003, Windows Server 2003 R2, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2. Windows NT 3.1, Windows NT 3.5, Windows NT 3.51, Windows NT 4.0, Windows 2000, and Windows XP do not enforce this restriction.

<29> Section 3.1.4.7: A Windows RPC server can optionally be configured to deny this call, and the error returned in this case is STATUS_NOT_SUPPORTED.

<30> Section 3.1.4.7: The Windows RPC server and RPC client limit the Count field of this structure to 1,000 (using the range primitive defined in [MS-RPCE]) in Windows XP SP2, Windows Server 2003, Windows Server 2003 R2, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2. Windows NT 3.1, Windows NT 3.5, Windows NT 3.51, Windows NT 4.0, Windows 2000, and Windows XP do not enforce this restriction.

<31> Section 3.1.4.8: The Windows RPC server and RPC client limit the Count field of this structure to 1,000 (using the range primitive defined in [MS-RPCE]) in Windows XP SP2, Windows Server 2003, Windows Server 2003 R2, Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2. Windows NT 3.1, Windows NT 3.5, Windows NT 3.51, Windows NT 4.0, Windows 2000, and Windows XP do not enforce this restriction.

<32> Section 3.1.4.10: The Windows RPC client sets LookupOptions to 0.

<33> Section 3.2: Windows clients negotiate the highest revision supported by the server by first calling the highest revision supported for that client. If the RPC exception that indicates that the function is out of range is returned from the server (exception number 0x6d1), the client proceeds to call the next lower revision. This process is repeated until the oldest possible revision supported by the client is invoked or until the server responds to the request.

<34> Section 5.1: The Windows RPC server for this protocol is customizable to allow anonymous callers to make requests for compatibility with Windows NT 3.1, Windows NT 3.5, Windows NT 3.51, and Windows NT 4.0 machines.

 
Show:
© 2014 Microsoft