3.2.4.2.5 Connecting to the Share (Tree Connect)

In the LAN Manager 1.0 dialect and above, it is a protocol violation to send a tree connect request without completing an SMB_COM_SESSION_SETUP_ANDX (section 2.2.4.53) exchange. When using share level access control, the client MUST perform anonymous authentication (empty username and password) in the Session Setup.

If a tree connect is already established to the target share in Client.Connection.TreeConnectTable, it SHOULD be reused. If not, the client creates an SMB_COM_TREE_CONNECT_ANDX Request (section 2.2.4.55.1), as specified in section 2.2.4.55. Alternately, the client MAY use the deprecated SMB_COM_TREE_CONNECT Request (section 2.2.4.50.1).

If Client.Connection ShareLevelAccessControl is TRUE and a null session has been established (see section 3.2.4.2.4), the plaintext password or authentication response MUST be passed in the Password field of the SMB_COM_TREE_CONNECT_ANDX.Request or SMB_COM_TREE_CONNECT Request. There is only one Password field in the tree connect message, so only one response value can be sent. The client MUST determine the authentication type that it uses based upon Client.Connection.ServerChallengeResponse and the local configuration (the Client.PlaintextAuthenticationPolicy, Client.LMAuthenticationPolicy, and Client.NTLMAuthenticationPolicy values), as specified in section 3.2.4.2.4.

If Client.Connection.ShareLevelAccessControl is FALSE, then the PasswordLength field in the SMB_COM_TREE_CONNECT_ANDX.Request or SMB_COM_TREE_CONNECT Request MUST be 0x0001, and the Password MUST be a single null padding byte.