3.3.4.2 Server Application Queries a User Session Key

The application MUST provide:

•  The security context of the user whose session is being sought.

• Either a valid ClientName or a valid Open.

The server MUST locate an SMB connection that uses either the application-supplied ServerName to look in the Server.ConnectionTable[ClientName] or the application-supplied Open.Connection. If a valid Connection is found, then the server MUST scan for an SMB session in the Server.Connection.SessionTable that matches the security context of the user. If no entry is found, then the application request MUST be failed with STATUS_INVALID_PARAMETER. If a Session is found but Server.Session.SessionKeyState is Unavailable, the request MUST be failed with STATUS_ACCESS_DENIED and ServerStatistics.sts0_permerrors MUST be increased by 1. If Server.Session.SessionKeyState is Available, then the first 16-bytes of Server.Session.SessionKey MUST be returned to the calling application.