Something for the real hardcore Windows geeks out there...
Active Directory Blog : How Windows Communication Works
Could be very useful for troubleshooting.
Would someone be kind enough to post the link to the actual .pdf which I think may be somewhere other than blog.technet? Not urgent just thought it might be a useful resource.
Last edited by leco; 5th January 2010 at 11:09 AM.
Here is the direct download to the zip file for those that are blocked http://download.microsoft.com/downlo..._Protocols.zip
Here are some of the more useful documents included in that download that I recommend you review:
MS-GLOS glossary of terms which has excellent short, concise definitions of technical terms used in the various Windows Communications Protocols.
MS-AUTHSO Windows Authentication Services Overview. This document details how all of the various specifications fit together. Good for a putting a framework in place for your other knowledge.
MS-KILE Kerberos Protocol Extensions. This document is covers how Windows Kerberos works with Active Directory. Service integration, PKI, encryption, transport mechanisms, group membership, interactive logon information and delegation are all items which are included in this PDF. This is a must read document if you need to understand Kerberos in a Windows environment.
MS-SFU Kerberos Services for User. Crucial for understanding how Kerberos is expected to work generally and how the Microsoft Kerberos implementation preserves identity and maintains security.
MS-PKCA Public Key Cryptography for Initial Authentication (PKINIT) in Kerberos Protocol Specification. This document details how Public Key Cryptography (PKI) is used in Kerberos for initial ticket exchange. If you use or plan to use smartcard logon or other PKINIT capable certificate for user logon this document is useful to understand what the general requirements are and how PKINIT will appear in a Kerberos AS exchange on the network.
MS-PAC Privilege Attribute Certificate Data Structure. This is all about the user or principal token on the wire. This PDF includes information about how the PAC is laid out and what it contains. This is more useful if you are in a situation where you are debugging an application or access, but it is good reference information for general knowledge as well.
MS-SPNG SPNEGO authentication negotiation. Useful in understanding what you are seeing for authentication negotiation in network captures.
MS-NLMP NT LAN Manager (NTLM) Authentication Protocol Specification. This is covers NTLM with definitions, protocol examples, messages and more.
MS-CIFS Common Internet File System Protocol. The PDF contains details of how the file transfer communication works. Particularly useful if you need to understand how file and print services work over the network from client to server.
MS-SMB Server Message Block (SMB) Protocol Specification. SMB is an extension of CIFS, and this document defines what those those extensions are and how they work. This is the stuff you see when you filter a network capture for SMB.
MS-DFSC Distributed File System (DFS). Have you ever needed to try to figure out what went wrong or why something unexpected happened with a DFS referral? This is the document for you since it covers how DFS communication works and contains protocol examples. This does not cover DFS replication (DFSR).
MS-DFSNM Distributed File System Namespace Management Protocol Spec. This specification document contains information on how DFS management works on the wire using Remote Procedure Call (RPC) network traffic.
MS-FSSO File Access Services System Overview. Has one of your users ever complained that they can’t get access to a file on a share and normal troubleshooting for permissions didn’t reveal the answer? Read this document and reviewing a network capture of the activity should be much easier.
MS-GPSO Group Policy System Overview. This document goes over how group policy is obtained by client from server in detail. If you are an administrator that administers Group Policy you should read this. It contains a level of detail previously unseen outside of Microsoft training.
The download contains many more PDF files that may prove useful to you depending on your daily routine. If you are someone that wants to take your knowledge of Windows to the next level-way beyond what certifications require-this is the stuff for you. Consider it Microsoft’s holiday gift to you. Enjoy!
leco (5th January 2010)
Brilliant, thanks, downloading now.
There are currently 1 users browsing this thread. (0 members and 1 guests)