220.127.116.11 Provision Command
The Provision command enables client devices to send the server information about the device, to request from the server the security policy settings set by the server administrator, and to report on the status of a remote wipe directive.
The provisioning process has two phases: an initial phase consisting of a Provision command request sent by the client followed by an initial server response, then an acknowledgment phase consisting of a Provision command request sent by the client with an acknowledgment of the initial server response, followed by another server response.
Clients SHOULD<1> begin the provisioning process in the following scenarios:
When contacting the server for the first time.
When the server returns a status code<2> from any command indicating that the client needs to re-provision.
When the server returns a status code from any command requesting a remote wipe.
The format of the Provision command request and response differs based on the context in which it is used. The contexts for the Provision command are:
The initial request, as specified in section 18.104.22.168.1.
Acknowledging security policy settings, as specified in section 22.214.171.124.2.1.
Acknowledging a remote wipe directive, as specified in section 126.96.36.199.2.2.
The current security policy settings on the client are represented by the current policy key, which is sent to the server in the X-MS-PolicyKey header ([MS-ASHTTP] section 188.8.131.52.2.6) if the client is using a plain text query value, as specified in [MS-ASHTTP] section 184.108.40.206.1.2, or the Policy key field of the base64 encoded query value ([MS-ASHTTP] section 220.127.116.11.1.1) if the client is using a base64 encoded query value. The policy key is sent to the server for all protocol command requests except for the Autodiscover command ([MS-ASCMD] section 18.104.22.168), the Ping command ([MS-ASCMD] section 22.214.171.124), and the HTTP OPTIONS command ([MS-ASHTTP] section 2.2.3).