What’s New and Changed

New Documentation

There are no new documents.

Updated Documentation

The documents below were updated in March 2018 and June 2018 for Windows Server Operating System/Windows 10 and/or to reflect content updates.

Specification

Description

Release Date

[MC-NMF]: .NET Message Framing Protocol

Specifies the .NET Message Framing Protocol, which defines a mechanism for framing messages. While this is primarily aimed at framing SOAP messages, the protocol can be used to frame other message types as well.

This document has been updated as follows:

●  Updated the reference for [RFC4346] to [RFC5246].

March 2018

[MS-ADA2]: Active Directory Schema Attributes M

Specifies the Active Directory Schema Attributes M, which contains a partial list of the objects that exist in the Active Directory schema (attributes beginning with M).

This document has been updated as follows:

●  Added the msDS-preferredDataLocation attribute, which indicates a preferred data location.

March 2018

[MS-ADSC]: Active Directory Schema Classes

Specifies the Active Directory Schema Classes, which contains a partial list of objects that exist in the Active Directory schema.

This document has been updated as follows:

●  Added the new msDS-preferredDataLocation attribute to the systemMayContain list of the contact, group, and user classes.

March 2018

[MS-ADTS]: Active Directory Technical Specification

Specifies the core functionality of Active Directory. Active Directory extends and provides variations of the Lightweight Directory Access Protocol (LDAP).

This document has been updated as follows:

●  Updated content for the Key Credential Link feature as follows:

 - Added KeySource values KEY_USAGE_FIDO and KEY_USAGE_FEK as possible values for the KeyUsage entry.

 - Added several fields to the CUSTOM_KEY_INFORMATION structure: VolType, SupportsNotification, FekKeyVersion, KeyStrength, Reserved, and EncodedExtendedCKI.

 - Added the EncodedExtendedCKI structure.

 - Updated the status of the KeyUsage entry to define it as a required entry.

●  Changed the name of a product from “Windows Server 2003 operating system with Service Pack 3 (SP3)” to “Windows Server 2003 operating system with Service Pack 2 (SP2)”.

●  Changed the object version to 88 for AD DS.

●  Added new rootDSE attributes msDS-Anchor, msDS-PrefixTable, msDS-SupportedRootDSEAttributes, and msDS-SupportedRootDSEModifications.

●  Added new rootDSE operation stopService.

●  Added new LDAP extensions LDAP_SERVER_SET_CORRELATION_ID_OID and LDAP_SERVER_THREAD_TRACE_OVERRIDE_OID.

●  Added statistics that are returned from the LDAP_SERVER_GET_STATS_OID control: callTimeTotal, cpuTimeTotal, retryCount, and correlationId.

March 2018

[MS-CCROD]: Content Caching and Retrieval Protocols Overview

Provides an overview of the functionality and relationship of the protocols implemented in the Windows Peer Content Caching and Retrieval framework, which includes the protocols specified in [MS-FSCC], [MS-PCCRC], [MS-PCCRD], [MS-PCCRR], [MS-PCHC], [MS-PCCRTP], and [MS-SMB2]. This framework is based on a peer-to-peer discovery and distribution model designed to reduce wide-area-network (WAN) link bandwidth utilization and provide faster content downloads from a local area network (LAN) in a branch office. The Content Caching and Retrieval protocols support scenarios such as accessing content from a file server or a Web server where storing content locally from all locations in a distributed environment is not practical. If the Content Caching and Retrieval of data is unavailable or fails, normal file access would continue without caching using the SMB 2.1/2, HTTP, or HTTPS protocols.

This document has been updated as follows:

●  Updated the glossary term for Secure Sockets Layer (SSL).

June 2018

[MS-CERSOD]: Certificate Services Protocols Overview

Provides an overview of the functionality and relationship of the protocols implementing Certificate Services, which includes the certificate enrollment protocols specified in [MS-WCCE], [MS-ICPR], and [MS-WSTEP], the certificate enrollment policy protocols specified in [MS-XCEP] and [MS-CRTD], and the certificate remote administration protocol specified in [MS-CSRA]. Certificate Services protocols are used for certificate enrollment, certificate policy, and remote administration of certificate services. The Certificate Services protocols (except the server role of [MS-XCEP]) operate in two modes: Standalone and Enterprise.

This document has been updated as follows:

●  Added new information on certificate transparency.

●  Added new Example 2 'Enrollment from a Standalone CA (Basic Enrollment) with Certificate Transparency Enabled'.

●  Added new message sequence diagram 'Basic enrollment with Certificate Transparency enabled'.

June 2018

[MS-CFB]: Compound File Binary File Format

Specifies the Compound File Binary File Format, a general-purpose file format that provides a file-system-like structure within a file for the storage of arbitrary, application-specific streams of data.

This document has been updated as follows:

●  Clarified information about stream allocation in Section 2.6.3, Other Directory Entries.

●  Clarified and corrected various field descriptions in Section 2.6.1, Compound File Directory Entry.

March 2018

[MS-CMRP]: Failover Cluster: Management API (ClusAPI) Protocol

Specifies the Failover Cluster: Management API (ClusAPI) Protocol, an RPC-based protocol that is used for remotely managing a cluster.

This document has been updated as follows:

●  Updated the lists of values and associated product versions for the dwClusterHighestVersion and dwClusterLowestVersion members of the CLUSTER_OPERATIONAL_VERSION_INFO structure.

March 2018

[MS-CSRA]: Certificate Services Remote Administration Protocol

Specifies the Certificate Services Remote Administration Protocol, which consists of a set of Distributed Component Object Model (DCOM) interfaces that enable administrative tools to configure the state and policy of a certification authority (CA) on a server.

This document has been updated as follows:

●  Updated Section 3.1.1.10, Configuration Data, to define new ADM elements:  Config_CertificateTransparency_Enabled, Config_CertificateTransparency_Disable_SCTList_Validation, Config_CertificateTransparency_Max_SCTList_Size, and  Config_CertificateTransparency_Info_Extension_Oid, to support the Certificate Transparency feature.

●  Added a product behavior note in Section 3.1.1.10, Configuration Data, to indicate that Certificate Transparency is supported on Windows Server v1803 and later.

March 2018

[MS-CSSP]: Credential Security Support Provider (CredSSP) Protocol

Specifies the Credential Security Support Provider (CredSSP) Protocol, which enables an application to securely delegate a user’s credentials from a client to a target server.

This document has been updated as follows:

●  Included revised message syntax and processing for version 5 and 6 of the protocol.

March 2018

[MS-DPWSRP]: Devices Profile for Web Services (DPWS): Shared Resource Publishing Data Structure

Specifies the Shell Publishing data structure. This data structure is used by the HomeGroup Protocol to advertise shared files and folders in a HomeGroup peer-to-peer network environment.

This document has been updated as follows:

●  This protocol has been disabled.

March 2018

[MS-DRSR]: Directory Replication Service (DRS) Remote Protocol

Specifies the Directory Replication Service (DRS) Remote Protocol, an RPC protocol for replication and management of data in Active Directory.

This document has been updated as follows:

●  Included the next version of the following structures to enable a correlation ID, which the DC can use during troubleshooting:

- DRS_MSG_GETCHGREQ_V11

- DRS_MSG_REPADD_V3

- DRS_MSG_REPSYNC_V2

- DRS_MSG_UPDREFS_V2

●  Added values and structures in support of the correlation ID functionality, including:

- Added CID (DRS_EXT_RPC_CORRELATIONID_1, 0x00000400) to the dwFlagsExt bit flags

- Added the VAR_SIZE_BUFFER_WITH_VERSION structure

March 2018

[MS-EVEN6]: EventLog Remoting Protocol Version 6.0

Specifies the EventLog Remoting Protocol Version 6.0 protocol, which exposes RPC methods for reading events in both live and backup event logs on remote computers. This protocol was originally made available for Windows Vista.

This document has been updated as follows:

●  Added new Container attribute to the Event type, and added new Target attribute to the Query type. Additionally, updated the description for the Channel attribute for the Bookmark type to clarify behavior as it relates to containers.

March 2018

[MS-FASP]: Firewall and Advanced Security Protocol

Specifies the Firewall and Advanced Security Protocol. The protocol manages firewall and advanced security components on remote computers.

This document has been updated as follows:

●  Added Trust Tuples in Section 2.2.96, FW_TRUST_TUPLE_KEYWORD, to support traffic that uses Wi-Fi Direct in the Connected Devices Platform, and to simplify IDL definitions and coding.

●  Updated Section 6, Full IDL.

●  Added new policy version 0x021C under Protocol Versions and updated a behavior note in Section 1.7, Versioning and Capability Negotiation, to specify the Windows versions that support this policy version.

March 2018

[MS-FSA]: File System Algorithms

Specifies File System Algorithms in terms of an abstract model for how an object store can be implemented to support the Server Message Block (SMB) Version 1.0 Protocol [MS-SMB] and the Server Message Block (SMB) Version 2.0 Protocol [MS-SMB2].

This document has been updated as follows:

●  Added new algorithms for constructing a normalized relative path name for a link.

●  Added the processing rules for constructing an FSCTL_DUPLICATE_EXTENTS_TO_FILE_EX FSCTL.

March 2018

[MS-FSCC]: File System Control Codes

Specifies the File System Control Codes that define the network format of native Windows structures that may be used within other protocols.

This document has been updated as follows:

●  Added three new sections for FSCTL_DUPLICATE_EXTENTS_TO_FILE_EX Request, FSCTL_DUPLICATE_EXTENTS_TO_FILE_EX Reply, and FileNormalizedNameInformation.

March 2018

[MS-GPFAS]: Group Policy: Firewall and Advanced Security Data Structure

Specifies The Group Policy: Firewall and Advanced Security data structure extension, which provides a mechanism for an administrator to control the Firewall and Advanced Security behavior of the client through group policy by using the Group Policy: Registry Extension Encoding protocol [MS-GPREG].

This document has been updated as follows:

●  Added 'TTK2_22=', 'TTK2_27=', and 'TTK2_28=' tokens and their definitions in Section 2.2.2.19, Firewall Rule and the Firewall Rule Grammar Rule, to enable the respective TRUST_TUPLE_KEYWORD_VAL2_22, TRUST_TUPLE_KEYWORD_VAL2_27, and TRUST_TUPLE_KEYWORD_VAL2_28 grammar rules to be allowed.

●  Added new tokens to the grammar list ("WFDKmDriver", "UpnP", and "WFDCDPSvc") in Section 2.2.2.20, Trust Tuple Keyword Rules, to identify new trust tuple keyword enum values. Also, associated the new tokens and some existing ones with new TRUST_TUPLE_KEYWORD_VAL grammar rules. Finally, updated a behavior note to show the applicability of the new tokens.

March 2018

[MS-HGRP]: HomeGroup Protocol

Specifies the HomeGroup Protocol, which is used to create a trust relationship that facilitates the advertising and publishing of content between machines via a peer-to-peer (P2P) infrastructure.

This document has been updated as follows:

●  This protocol has been disabled.

March 2018

[MS-HGSA]: Host Guardian Service: Attestation Protocol

Specifies the Host Guardian Services Attestation (HGSA) protocol, one of two services that comprise the Host Guardian Service.  Host Guardian Service is a server role that provides security assurance for Shielded Virtual Machines (VMs) by ensuring that Shielded VMs can be run only on known and trusted fabric hosts that have a legitimate configuration. The other component service, the Key Protection Service, is specified in the [MS-KPS] protocol document.

This document has been updated as follows:

●  Added support for a version 2.0 of the protocol, which supports a more flexible Attestation request as well as multiple types of Attestation content types.

March 2018

[MS-IKEE]: Internet Key Exchange Protocol Extensions

Specifies the Internet Key Exchange (IKE) Protocol Extensions, which describe the extensions specified in [RFC2409].

This document has been updated as follows:

●  Added support for IKEv2 fragmentation to improve security, interoperability, and alignment with industry standards.

March 2018

[MS-KPS]: Key Protection Service Protocol

Specifies the Key Protection Service protocol, one of two services that comprise the Host Guardian Service. Host Guardian Service is a server role that provides security assurance for Shielded Virtual Machines (VMs) by ensuring that Shielded VMs can be run only on known and trusted fabric hosts that have a legitimate configuration. The other component service, the Attestation Service, is specified in the [MS-HGSA] protocol document.

This document has been updated as follows:

●  Added support for version 2.0 of the protocol, which supports multiple key policies via an extended payload structure.

March 2018

[MS-LSAD]: Local Security Authority (Domain Policy) Remote Protocol

Specifies the Local Security Authority (Domain Policy) Remote Protocol. This protocol provides an RPC interface used for providing remote management for policy settings related to account objects, secret objects, trusted domain objects (TDOs), and other security-related policy settings.

This document has been updated as follows:

●  Added functionality to query or set the policy of a machine account, including:

- Added the LSAPR_POLICY_MACHINE_ACCT_INFO structure and validations.

- Added the Machine Account Information abstract data to represent the LSAPR_POLICY_MACHINE_ACCT_INFO structure.

- Added a new InformationClass value, PolicyMachineAccountInformation.

- Added the PolicyMachineAccountInfo member to LSAPR_POLICY_INFORMATION.

March 2018

[MS-MDE2]: Mobile Device Enrollment Protocol Version 2

Specifies version 2 of the Mobile Device Enrollment Protocol (MDE), which enables enrolling a device with the DMS through an Enrollment Service (ES). The protocol includes the discovery of the Management Enrollment Service (MES) and enrollment with the ES.

This document has been updated as follows:

●  Added support for additional functionality via the new Context Item ‘PlugandForget’.

March 2018

[MS-MICE]: Miracast over Infrastructure Connection Establishment Protocol

The Miracast over Infrastructure Connection Establishment Protocol specifies a connection negotiation sequence used to connect, indicate readiness to connect, and disconnect from a Miracast over Infrastructure endpoint. This protocol also specifies the Miracast over Infrastructure Information Element (IE), which helps identify Miracast receivers (sinks) that can support a Miracast session over an infrastructure link (as opposed to a Wi-Fi Direct link).

This document has been updated as follows:

●  Added an optional, peer-to-peer attribute that conveys the IP address of the Miracast Sink in the vendor extension attribute. Using this IP address attribute can alleviate the dependency on name resolution which may be cumbersome in some enterprise environments. This attribute allows a Miracast Source to skip name resolution of the Miracast Sink, which supports a faster establishment of a session.

March 2018

[MS-NCNBI]: Network Controller Northbound Interface

Specifies the Network Controller Protocol, which is used by tenants and network administrators to control data center networking. Common tasks that would use these APIs include designing and monitoring a virtual network in a data center.

This document has been updated as follows:

●  Updated many resource and parameter names to correct capitalizations and remove spaces.

●  Updated names of elements logicalSubnets to subnets and networks to logicalNetworks, loadBanlancerMux to loadBalancerMuxes, and others.

●  Updated code in Section 3.1.5.7.1.1.1, Request Body.

March 2018

[MS-OIDCE]: OpenID Connect 1.0 Protocol Extensions

Specifies the OpenID Connect 1.0 Protocol Extensions. These extensions define additional claims to carry information about the end user, including the user principal name, a locally unique identifier, a time for password expiration, and a URL for password change. These extensions also define additional provider metadata that enable the discovery of the issuer of access tokens and give additional information about provider capabilities.

This document has been updated as follows:

●  Added information about support for OpenID Connect Front-Channel Logout.

March 2018

[MS-PRSOD]: Print Services Protocols Overview

Provides an overview of the functionality and relationship of the protocols in the Print Services system. The Print Services system consists of a distributed system of print servers that manage printers and make them available to print clients. One or more servers may be used, each server independently managing one or more printers. Clients use the component protocols to submit print jobs, manage jobs, receive job notifications, obtain printer drivers, and administer print queues. The Print Services system includes the protocols specified in [MS-CIFS], [MS-EMFSPOOL], [MS-FSCC], [MS-GPDPC], [MS-PAN], [MS-PAR], [MS-RAP], [MS-RPRN], [MS-SMB], [MS-SMB2], and [MS-WPRN].

This document has been updated as follows:

●  Added references for IPSec and NetBEUI.

June 2018

[MS-RDPBCGR]: Remote Desktop Protocol: Basic Connectivity and Graphics Remoting

Specifies the Remote Desktop Protocol: Basic Connectivity and Graphics Remoting, designed to facilitate user interaction with a remote computer system by transferring graphics display information from the remote computer to the user and transporting input from the user to the remote computer, where it may be injected locally.

This document has been updated as follows:

●  Added RDP 10.5 to RDP version enumerations in numerous sections throughout the document.

●  Added additional information about behavior and exceptions in Windows implementations of MS-RDPBCGR through the Product Behavior Appendix.

March 2018

[MS-RDPECLIP]: Remote Desktop Protocol: Clipboard Virtual Channel Extension

Specifies the Remote Desktop Protocol: Clipboard Virtual Channel Extension, which enables users to seamlessly transfer data via the system clipboard between applications that are running on different computers.

This document has been updated as follows:

●  Added support for transferring files larger than 4,294,967,296 bytes using a new flag, CB_HUGE_FILE_SUPPORT_ENABLED, in the general clipboard capability set in Section Section 2.2.2.1.1.1, CLIPRDR_GENERAL_CAPABILITY. Also, Section 2.2.5.3, File Contents Request PDU (CLIPRDR_FILECONTENTS_REQUEST), was expanded to support these large file transfers. In Section 6, Appendix A: Product Behavior, a new product behavior note describing which Windows product versions support file transfers of this size was added.

March 2018

[MS-RDPEGFX]: Remote Desktop Protocol: Graphics Pipeline Extension

Specifies the Remote Desktop Protocol: Graphics Pipeline Extension, a graphics protocol that is used to encode graphics display data generated in a remote terminal server session so that the data can be sent from the server and received, decoded, and rendered by a compatible client. The net effect is that a desktop or an application running on a remote terminal server appears as if it is running locally.

This document has been updated as follows:

●  Added a new capability set, RDPGFX_CAPVERSION_105, representing RDP 10.5. A corresponding new section, 2.2.3.8, RDPGFX_CAPSET_VERSION105, describes this capability set.

●  Added RDP 10.5 and RDPGFX_CAPVERSION_105 to RDP version and capability set enumerations in sections throughout the document.

●  Updated two other capability sets, adding the RDPGFX_CAPS_FLAG_AVC_THINCLIENT flag to Sections 2.2.3.6, RDPGFX_CAPSET_VERSION103, and 2.2.3.7, RDPGFX_CAPSET_VERSION104.

Added two flags, RDPGFX_CMDID_MAPSURFACETOSCALEDOUTPUT and RDPGFX_CMDID_MAPSURFACETOSCALEDWINDOW, to Section 2.2.1.5, RDPGFX_HEADER.

These features are documented in several new Sections: 2.2.2.22, RDPGFX_MAP_SURFACE_TO_SCALED_OUTPUT_PDU; 2.2.2.23, RDPGFX_MAP_SURFACE_TO_SCALED_WINDOW_PDU; 3.2.5.22, Sending an RDPGFX_MAP_SURFACE_TO_SCALED_OUTPUT_PDU message; 3.2.5.23, Sending an RDPGFX_MAP_SURFACE_TO_SCALED_WINDOW_PDU message; 3.3.5.22, Processing an RDPGFX_MAP_SURFACE_TO_SCALED_OUTPUT_PDU message; and 3.3.5.23, Processing an RDPGFX_MAP_SURFACE_TO_SCALED_WINDOW_PDU message.

March 2018

[MS-RDPERP]: Remote Desktop Protocol: Remote Programs Virtual Channel Extension

Specifies the Remote Desktop Protocol: Remote Programs Virtual Channel Extension, an RDP feature that presents a remote application (running remotely on a RAIL server) as a local user application (running on the RAIL client machine).

This document has been updated as follows:

●  Added two flags, TS_RAIL_ORDER_SNAP_ARRANGE and TS_RAIL_ORDER_GET_APPID_RESP_EX to Section 2.2.2.1, Common Header (TS_RAIL_PDU_HEADER). The new Window Snap feature is documented in new Sections 2.2.2.7.5, Client Window Snap PDU (TS_RAIL_ORDER_SNAP_ARRANGE); 3.2.5.2.7.5, Sending Window Snap PDU; and 3.3.5.2.6.5, Processing Window Snap PDU. The Server Get Application ID Extended Response PDU is documented in new Sections 2.2.2.8.2, Server Get Application ID Extended Response PDU (TS_RAIL_ORDER_GET_APPID_RESP_EX); and 3.2.5.2.8.3, Processing Server Get Application ID Extended Response PDU.

●  Added a new flag, TS_RAIL_ORDER_HANDSHAKE_EX_FLAGS_SNAP_ARRANGE_SUPPORTED, to Section 2.2.2.2.3, HandshakeEx PDU (TS_RAIL_ORDER_HANDSHAKE_EX).

March 2018

[MS-RRP]: Windows Remote Registry Protocol

Specifies the Windows Remote Registry Protocol, a remote procedure call (RPC)-based client/server protocol that is used to remotely manage a hierarchical data store such as the Windows registry.

This document has been updated as follows:

●  Modified the product behavior note that lists the registry namespaces that are ignored by Windows to include the registry path that is ignored in the current version of Windows server (in addition to the registry paths that are already listed).

March 2018

[MS-SMB2]: Server Message Block (SMB) Protocol Versions 2 and 3

Specifies the Server Message Block (SMB) Protocol Versions 2 and 3, which support the sharing of file and print resources between machines and extend the concepts from the Server Message Block Protocol.

This document has been updated as follows:

●  Added new sections for processing and sending the FSCTL_DUPLICATE_EXTENTS_TO_FILE_EX Request and FSCTL_DUPLICATE_EXTENTS_TO_FILE_EX Reply FSCTLs.

March 2018

[MS-SSTR]: Smooth Streaming Protocol

Specifies the Smooth Streaming Protocol, which provides a means of delivering media from servers to clients in a way that can be cached by standard HTTP Cache Proxies in the communication chain. Allowing standard HTTP Cache Proxies to respond to requests on behalf of the server increases the number of clients that can be served by a single server.

This document has been updated as follows:

●  Updated the CodecPrivateData field ABNF representation with the PPSField in Section 2.2.2.5, TrackElement. Also, updated that PPSField contains the Picture Parameter Set (PPS).

●  Added two fields, DataOffset and DataOffsetPrresent, for TrunBoxFlags.

●  Removed Windows Server 2016 and Windows Server operating system as supported versions.

●  Added a product behavior note for the mapping of applicable Windows Server releases and IIS Media Services versions.

March 2018

[MS-TDS]: Tabular Data Stream Protocol

Specifies the Tabular Data Stream Protocol, which is an application layer request/response protocol that facilitates interaction with a database server and provides for authentication and channel encryption negotiation; specification of requests in SQL (including Bulk Insert); invocation of a stored procedure, also known as a Remote Procedure Call (RPC); returning of data; and Transaction Manager Requests.

This document has been updated as follows:

●  Defined support for a new feature in which failover-partner login with read-only connection to an Azure SQL Database with Geo-Dr (geo-replication and disaster recovery) is transparently used when the connection to the principal database fails for any reason.

●  Included information about support in the .NET Framework 4.7.2 for enhanced confidentiality and security through enclave technologies that enable cryptographic operations and other operations in Transact-SQL queries on encrypted columns inside the local database system.

March 2018

[MS-WCCE]: Windows Client Certificate Enrollment Protocol

Specifies the Windows Client Certificate Enrollment Protocol, which consists of a set of DCOM interfaces that enable clients to request various services from a certification authority (CA). These services enable X.509 (as specified in [X509]) digital certificate enrollment, issuance, revocation, and property retrieval.

This document has been updated as follows:

●  Updated topics throughout to include the Certificate Transparency feature.

March 2018

[MS-WDSOSD]: Windows Deployment Services Operation System Deployment Protocol

Specifies the Windows Deployment Services Operation System Deployment Protocol. This protocol defines services exposed by the WDS Server that are used by the clients to deploy an operating system on a machine.

This document has been updated as follows:

●  Added new values for the processor architecture in the client machine; new value for ARM64 and updated the support for IA64.

March 2018

[MS-WFDPE]: Wi-Fi Display Protocol Extension

Specifies an extension for the Wi-Fi Display Technical Specification v1.1. Enables latency control, extended diagnostic information, and dynamic format changes on Wi-Fi Display Devices. When implemented, these extensions provide an improved and more consistent Wi-Fi Display experience for a variety of wireless display scenarios, including word processing, web browsing, gaming, and video projection.

This document has been updated as follows:

●  Included an extension for multiple screen management.

●  Included an extension for audio management.

Information from these fields can be used to reduce resolution and bitrate which saves system resources and network bandwidth.

March 2018

Updated Network Captures

Network captures for all the Windows Overview Documents were updated to reflect Windows Server Operating System/Windows 10.

Show: