22.214.171.124.12 Sending License Error PDU - Valid Client
The structure and fields of the License Error (Valid Client) PDU are described in section 126.96.36.199.
The mcsSDin field is initialized as described in [T125] section 11.33. The embedded initiator field MUST be set to the MCS server channel ID held in the Server Channel ID store (section 188.8.131.52) and the embedded channelId field MUST be set to the MCS I/O channel ID held in the I/O Channel ID store (section 184.108.40.206). The embedded userData field contains the remaining fields of the Valid Client PDU.
If Enhanced RDP Security (section 5.4) is in effect, the External Security Protocol (section 5.4.5) MUST be used to encrypt the entire PDU and generate a verification digest. The securityHeader field MUST be present; however, it will contain a Basic Security Header structure (section 220.127.116.11.1.2.1).
If Standard RDP Security mechanisms (section 5.3) are in effect, the PDU data following the securityHeader field can be encrypted and signed (depending on the values of the Encryption Level and Encryption Method selected by the server as part of the negotiation described in section 5.3.2 and the contents of the Client Licensing Encryption Ability store (section 18.104.22.168) using the methods and techniques described in section 5.3.6). The format of the securityHeader field is selected as described in section 22.214.171.124 and the fields populated with appropriate security data. If the data is to be encrypted, the embedded flags field of the securityHeader field MUST contain the SEC_ENCRYPT (0x0008) flag.
The embedded flags field of the securityHeader field (which is always present) MUST contain the SEC_LICENSE_PKT (0x0080) flag (described in section 126.96.36.199.1.2.1) to indicate that the message is a licensing PDU. If the server can handle encrypted licensing packets from the client and Standard RDP Security mechanisms are being used, then the SEC_LICENSE_ENCRYPT_CS (0x0200) flag SHOULD also be included in the flags subfield of the securityHeader field.
The remainder of the PDU MUST be populated according to the structure and type definition in section 188.8.131.52.
After sending the License Error (Valid Client) PDU, the server MUST send the Demand Active PDU (section 184.108.40.206.13.1) to the client.