2.2.4.53.2 Response

  • Article 

 SMB_Parameters
   {
   UCHAR  WordCount;
   Words
     {
     UCHAR  AndXCommand;
     UCHAR  AndXReserved;
     USHORT AndXOffset;
     USHORT Action;
     }
   }
 SMB_Data
   {
   USHORT ByteCount;
   Bytes
     {
     UCHAR      Pad[];
     SMB_STRING NativeOS[];
     SMB_STRING NativeLanMan[];
     SMB_STRING PrimaryDomain[];
     }
   }

SMB_Header:

UID (2 bytes): The UID returned in the response to a successful SMB_COM_SESSION_SETUP_ANDX request represents an authenticated session.


0


1


2


3


4


5


6


7


8


9

1
0


1


2


3


4


5


6


7


8


9

2
0


1


2


3


4


5


6


7


8


9

3
0


1

SMB_Parameters

...

SMB_Data (variable)

...

SMB_Parameters (7 bytes):


0


1


2


3


4


5


6


7


8


9

1
0


1


2


3


4


5


6


7


8


9

2
0


1


2


3


4


5


6


7


8


9

3
0


1

WordCount

Words

...

WordCount (1 byte): The value of this field MUST be 0x03.

Words (6 bytes):


0


1


2


3


4


5


6


7


8


9

1
0


1


2


3


4


5


6


7


8


9

2
0


1


2


3


4


5


6


7


8


9

3
0


1

AndXCommand

AndXReserved

AndXOffset

Action

AndXCommand (1 byte): The command code for the next SMB command in the packet. This value MUST be set to 0xFF if there are no additional SMB command responses in the server response packet.

AndXReserved (1 byte): A reserved field. This MUST be set to 0x00 when this response is sent, and the client MUST ignore this field.

AndXOffset (2 bytes): This field MUST be set to the offset in bytes from the start of the SMB Header (section 2.2.3.1) to the start of the WordCount field in the next SMB command response in this packet. This field is valid only if the AndXCommand field is not set to 0xFF. If AndXCommand is 0xFF, this field MUST be ignored by the client.

Action (2 bytes): A 16-bit field. The two lowest-order bits have been defined:

Name and Bitmask

Meaning

SMB_SETUP_GUEST

0x0001

If clear (0), the user successfully authenticated and is logged in.

if set (1), authentication failed but the server has granted guest access. The user is logged in as Guest.

SMB_SETUP_USE_LANMAN_KEY

0x0002

If clear, the NTLM user session key will be used for message signing (if enabled).

If set, the LM session key will be used for message signing.

SMB_Data (variable):


0


1


2


3


4


5


6


7


8


9

1
0


1


2


3


4


5


6


7


8


9

2
0


1


2


3


4


5


6


7


8


9

3
0


1

ByteCount

Bytes (variable)

...

ByteCount (2 bytes): The sum of the lengths, in bytes, of the Pad, NativeOS, NativeLanMan, and PrimaryDomain fields.

Bytes (variable):


0


1


2


3


4


5


6


7


8


9

1
0


1


2


3


4


5


6


7


8


9

2
0


1


2


3


4


5


6


7


8


9

3
0


1

Pad (variable)

...

NativeOS (variable)

...

NativeLanMan (variable)

...

PrimaryDomain (variable)

...

Pad (variable): Padding bytes. If Unicode support has been enabled, this field MUST contain zero or one null padding byte as needed to ensure that the NativeOS field, which follows, is aligned on a 16-bit boundary.

NativeOS (variable): A string that represents the native operating system of the server. If SMB_FLAGS2_UNICODE is set in the Flags2 field of the SMB header of the response, the string MUST be a null-terminated array of 16-bit Unicode characters. Otherwise, the string MUST be a null-terminated array of OEM characters. If the string consists of Unicode characters, this field MUST be aligned to start on a 2-byte boundary from the start of the SMB header.<102>

NativeLanMan (variable): A string that represents the native LAN Manager type of the server. If SMB_FLAGS2_UNICODE is set in the Flags2 field of the SMB header of the response, the string MUST be a null-terminated array of 16-bit Unicode characters. Otherwise, the string MUST be a null-terminated array of OEM characters. If the string consists of Unicode characters, this field MUST be aligned to start on a 2-byte boundary from the start of the SMB header.<103>

PrimaryDomain (variable): A string representing the primary domain or workgroup name of the server. If SMB_FLAGS2_UNICODE is set in the Flags2 field of the SMB header of the response, the string MUST be a null-terminated array of 16-bit Unicode characters. Otherwise, the string MUST be a null-terminated array of OEM characters. If the string consists of Unicode characters, this field MUST be aligned to start on a 2-byte boundary from the start of the SMB header.<104><105>

Error Codes

SMB error class

SMB error code

NT status code

POSIX equivalent

Description

ERRDOS (0x01)

ERRnoaccess

(0x0005)

STATUS_LOGON_FAILURE

(0xC000006D)

EPERM

Authentication failure.

ERRSRV (0x02)

ERRerror

(0x0001)

STATUS_INVALID_SMB

(0x00010002)

A corrupt or invalid SMB request was received.

ERRSRV (0x02)

ERRnomem

(0x0008)

STATUS_INSUFF_SERVER_RESOURCES

(0xC0000205)

ENOMEM

The server is out of resources.

ERRSRV (0x02)

ERRtoomanyuids

(0x005A)

STATUS_TOO_MANY_SESSIONS

(0xC00000CE)

The maximum number of active UIDs per SMB connection has been reached.