What’s New and Changed

New Documentation

The following new documents were published in July 2020 for Windows Server 2019/Windows 10.

Specification

Description

Release Date

[MS-BGPP]: Border Gateway Protocol (BGP) Profile

Specifies Border Gateway Protocol (BGP) Profile that clarifies what portions of [RFC1997] and [RFC4271] are not supported in BGP.

July 2020

[MS-NEGOEX]: SPNEGO Extended Negotiation (NEGOEX) Security Mechanism

Specifies the SPNEGO Extended Negotiation (NEGOEX) Security Mechanism that enhances the capabilities of SPNEGO [RFC4178] by providing a security mechanism which can be negotiated by SPNEGO and provides a method that allows selection of a common authentication protocol based on metadata.

July 2020

Updated Documentation

The network captures for the Overview Documents (ODs) below were updated in May 2020 for Windows Server 2019/Windows 10.

Specification

Description

Release Date

MS-ADOD]: Active Directory Protocols Overview

Provides an overview of the functionality and relationship of the protocols that make up the client-server and server-to-server behavior of Active Directory. The Active Directory protocols provide directory services for the centralized storage of identity and account information, as well as storage for other forms of data such as group policies and printer location information, a foundation for authentication services in a domain environment, domain services, and directory replication services in Windows. The Active Directory protocols are specified in [LDAP], [MS-ADTS], [MS-SRPL], [MS-DRSR], [MS-SNTP], [MS-LSAD], [MS-LSAT], [MS-DSSP], [MS-SAMR], [MS-SAMS], [MS-WSDS], [WFXR], [WSENUM], [MS-WSTIM], [MS-ADDM], [MS-WSPELD], and [MS-ADCAP].

May 2020

[MS-FASOD]: File Access Services Protocols Overview

Provides an overview of the functionality and relationship of the File Access Services (FAS) protocols, which enable network file access and sharing in Windows and allow a client computer to discover, access, and share files that are hosted on, and made available by, another computer. The FAS protocols are specified in [MS-BRWS], [MS-CIFS], [MS-DFSC], [MS-FSA], [MS-FSCC], [MS-RAP], [RFC1094], [RFC1813], [RFC4918], [RFC5661], [MS-SMB], [MS-SMB2], [MS-SMBD], [MS-WDV], [MS-WDVME], and [MS-WDVSE].

May 2020

The documents below were updated in March 2020 for Windows Server 2019/Windows 10.

Specification

Description

Release Date

[MS-CMRP]: Failover Cluster: Management API (ClusAPI) Protocol

Specifies the Failover Cluster: Management API (ClusAPI) Protocol, an RPC-based protocol that is used for remotely managing a cluster.

This document has been updated as follows:

● Updated the maximum length of characters for passwords.

Mar 2020

[MS-DHCPE]: Dynamic Host Configuration Protocol (DHCP) Extensions

Specifies the Dynamic Host Configuration Protocol (DHCP), which describes the Microsoft specific vendor-class options included in the Microsoft implementation of DHCP.

This document has been updated as follows:

●  In DHCPE Option 43 Vendor-Specific Information added "ANDROID_METERED" string. In Option 60 Vendor Class Identifier added 'MSFT 5.0 XBOX" string. These options provide a way to uniquely identify Xbox One consoles for a QoS engine. Enabling this setting will allow automatic classification and prioritization of traffic from Xbox One consoles on home networks that contain popular router models used by gamers.

Mar 2020

[MS-GPWL]: Group Policy: Wireless/Wired Protocol Extension

Specifies the Group Policy: Wireless/Wired Protocol Extension, an extension to the Group Policy: Core Protocol that specifies the behaviors of the Wireless/Wired Group Policy administrative-side and client-side plug-in extensions.

This document has been updated as follows:

●  Updated MsPeapConnectionPropertiesV1 and V2 schemas, created new V3 schema, that each specify config settings for the MS EAP implementation of the PEAP method.  Created new EapTeapConnectionPropertiesV1 schema to specify config settings for MS EAP implementation of the TEAP method.

Mar 2020

[MS-KILE]: Kerberos Protocol Extensions

Specifies the Microsoft implementation of the Kerberos Protocol Extensions, as specified in [RFC4120], by specifying any Windows behaviors that differ from the Kerberos Protocol, in addition to Windows extensions for interactive logon and the inclusion of authorization information expressed as group memberships and related information.

This document has been updated as follows:

●  Added KERB-PA-KEY-LIST-REQ [161] request message structure and KERB-PA-KEY-LIST-REP [162] reply message structure. These are used as pre-authentication padata types for the PA-Data request in the TGS-REQ and for the encrypted PA-Data response in the TGS-REP that includes the NTLM hash for the authenticated user.

●  Provided for Windows Server 2016 Domain Controller to ensure that OID-based claim based on that issuance policy claim is present after authentication. Ensures the OIDs are included in the PAC to prevent random authorization failures based on the authenticating domain controller version.

Mar 2020

[MS-LCID]: Windows Language Code Identifier (LCID) Reference

Describes localizable information in Windows. It lists all language code identifiers (LCIDs) available in all versions of Windows.

This document has been updated as follows:

●  Added locale entries for Cebuano, Chakma, English (United Arab Emirates), and Pashto (Pakistan) for this release of Windows.

Mar 2020

[MS-RDPERP]: Remote Desktop Protocol: Remote Programs Virtual Channel Extension

Specifies the Remote Desktop Protocol: Remote Programs Virtual Channel Extension, an RDP feature that presents a remote application (running remotely on a RAIL server) as a local user application (running on the RAIL client machine).

This document has been updated as follows:

●   In Section 2.2.2.1 Common Header (TS_RAIL_PDU_HEADER), added two new values to the orderType field, TS_RAIL_ORDER_TEXTSCALEINFO (0x0019) and TS_RAIL_ORDER_CARETBLINKINFO (0x001a), to support the new Text Scale Information and Caret Blink Information PDUs.

●   In Section 2.2.2.2.3 HandshakeEx PDU (TS_RAIL_ORDER_HANDSHAKE_EX), added two new values to the railHandshakeFlags field, TS_RAIL_ORDER_HANDSHAKE_EX_FLAGS_TEXT_SCALE_SUPPORTED (0x00000008) and TS_RAIL_ORDER_HANDSHAKE_EX_FLAGS_CARET_BLINK_SUPPORTED (0x00000010), to support the new Text Scale Information and Caret Blink Information PDUs.

●   Added the 9 sections listed below pertaining to new accessibility features for RAIL. These allow RDP implementations to respond to changes in client applications' text scale factor and caret blink rate.

2.2.2.15 Accessibility Messages

2.2.2.15.1 Text Scale Information PDU (TS_RAIL_ORDER_TEXTSCALEINFO)

2.2.2.15.2 Caret Blink Information PDU (TS_RAIL_ORDER_CARETBLINKINFO)

3.2.5.2.13 Accessibility Messages

3.2.5.2.13.1 Sending Text Scale Information PDU

3.2.5.2.13.2 Sending Caret Blink Information PDU

3.3.5.2.12 Accessibility Messages

3.3.5.2.12.1 Processing Text Scale Information PDU

3.3.5.2.12.2 Processing Caret Blink Information PDU

Mar 2020

[MS-RDPEUDP]: Remote Desktop Protocol: UDP Transport Extension

Specifies the Remote Desktop Protocol: UDP Transport Extension, which extends the transport mechanisms in the Remote Desktop Protocol (RDP) to enable network connectivity between the user's machine and a remote computer system over the User Datagram Protocol (UDP).

This document has been updated as follows:

●  In Section 2.2.2.9 RDPUDP_SYNDATAEX_PAYLOAD Structure, added a cookieHash field to the structure. This field is a 32-byte array that contains the SHA-256 hash of the data transmitted from the server to the client in the securityCookie field of the Initiate Multitransport Request PDU. This field is only supported when using version 3 of the UDP Transport Extension.

●  In 3.1.5.1.1 SYN Datagrams, added a step to the process for creating a SYN datagram. The new step describes when to add a 32-byte SHA-256 hash of the securityCookie field of the Initiate Multitransport Request PDU to the cookieHash field of the RDPUDP_SYNDATAEX_PAYLOAD structure. This step is required only when using version 3 of the UDP Transport Extension..

Mar 2020

[MS-RRP]: Windows Remote Registry Protocol

Specifies the Windows Remote Registry Protocol, a remote procedure call (RPC)-based client/server protocol that is used to remotely manage a hierarchical data store such as the Windows registry.

This document has been updated as follows:

●  In Product Behavior Note 6, which describes registry paths that are ignored by the protocol for certain SKUs of Windows, added the registry path HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Virtualization\HvSocket, ignored on Windows 10 v2004; and we clarified that the registry path HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Cssontainers is ignored on Windows 10 v1903.

Mar 2020

[MS-SMB2]: Server Message Block (SMB) Protocol Versions 2 and 3

Specifies the Server Message Block (SMB) Protocol Versions 2 and 3, which support the sharing of file and print resources between machines and extend the concepts from the Server Message Block Protocol.

This document has been updated as follows:

●  Added a new compression algorithm.

Mar 2020

In addition, the documents listed below were updated in March 2020 to fix content issues:

Specification   

 Content Updates

[MS-ADTS]: Active Directory Technical Specification

 List of Changes

[MS-CIFS]: Common Internet File System (CIFS) Protocol

 List of Changes

[MS-EMFPLUS]: Enhanced Metafile Format Plus Extensions

 List of Changes

[MS-FSA]: File System Algorithms

 List of Changes

[MS-FSCC]: File System Control Codes

 List of Changes

[MS-KILE]: Kerberos Protocol Extensions

 List of Changes

[MS-RDPBCGR]: Remote Desktop Protocol: Basic Connectivity and Graphics Remoting

 List of Changes

[MS-RDPELE]: Remote Desktop Protocol: Licensing Extension

 List of Changes

[MS-SFU]: Kerberos Protocol Extensions Service for User and Constrained Delegation Protocol

 List of Changes

[MS-SMB2]: Server Message Block (SMB) Protocol Versions 2 and 3

 List of Changes

[MS-WSP]: Windows Search Protocol

 List of Changes

[MS-WSUSAR]: Windows Server Update Services: Administrative API Remoting Protocol

 List of Changes

[MS-WUSP]: Windows Update Services: Client-Server Protocol

 List of Changes

[MS-XCA]: Xpress Compression Algorithm

 List of Changes

The document below was updated in June 2020 for Microsoft SQL Server 2019.

Specification

Description

Release Date

[MS-TDS]: Tabular Data Stream Protocol

Specifies the Tabular Data Stream Protocol, which is an application layer request/response protocol that facilitates interaction with a database server and provides for authentication and channel encryption negotiation; specification of requests in SQL (including Bulk Insert); invocation of a stored procedure, also known as a Remote Procedure Call (RPC); returning of data; and Transaction Manager Requests.

This document has been updated as follows:

●  Included support for enhanced confidentiality and security through enclave technologies that enable cryptographic operations and other operations in Transact-SQL queries on encrypted columns inside the local database system.

●  Added information about the new data classification feature, which supports information protection by providing a framework in which data classification metadata are used to help secure sensitive data as it propagates outside database boundaries to applications, services, reports, and so forth. Updates include the ability to add sensitivity-rank information.

●  Defined support for the client and server to be able to send and receive UTF-8 encoded data.

●  Specified the client-certificate authentication feature that provides an authentication alternative when SQL Server is running on a Linux operating system and users are working in extensibility scenarios in which a loopback connection from an external script is requested.

The document has been further revised as follows:

●  Added information about the new AZURESQLDNSCACHING feature extension to support SQL Client DNS resiliency.

●  Updated the definition of the DATACLASSIFICATION_VERSION field for the DATACLASSIFICATION feature.

●  Added the definition for ULONGLEN, which is used to define PL_CHUNK.

●  Revised the ABNF definition of the TVP_COLMETADATA structure to removed the DbName parameter.

●  Added the ABNF definitions of ActivityId for the Trace Activity header and ACTIVITYID for the PRELOGIN stream-specific rules.

●  Updated the collation rule definition to specify UTF-8 collations for ColFlags.

June 2020

In addition, the following documents were updated in October 2019 to add SQL Server 2019 as an applicable product:

[MC-SMP], [MC-SQLR]