21 S

S/MIME (Secure/Multipurpose Internet Mail Extensions): A set of cryptographic security services, as described in [RFC5751].

SASL: The Simple Authentication and Security Layer, as described in [RFC2222]. This is an authentication (2)mechanism used by the Lightweight Directory Access Protocol (LDAP).

Scale Secure Real-Time Transport Protocol (SSRTP): A Microsoft proprietary extension to the Secure Real-Time Transport Protocol (SRTP), as described in [RFC3711].

schema: (1) The set of attributes and object classes that govern the creation and update of objects.

(2) A container that defines a namespace that describes the scope of EDM types. All EDM types are contained within some namespace.

schema naming context (schema NC): A specific type of naming context (NC) or an instance of that type. A forest has a single schema NC, which is replicated to each domain controller (DC) in the forest. No other NC replicas can contain these objects. Each attribute and class in the forest's schema is represented as a corresponding object in the forest'sschema NC.

scheme: The name of a specification to refer to when assigning identifiers within a particular URIscheme, as defined in [RFC3986] section 3.1.

scope: (1) A range of IP addresses and associated configuration options that are allocated to DHCP clients in a specific subnet.

(2) The term "Scope" that is defined in [WS-Discovery1.1].

(3) An item that represents a hierarchy in a report. There are explicit scopes (such as data region, dataset, group) and implicit scopes (such as report scope). At any level in the hierarchy, there can be only one ancestor scope (except for the top-level report scope and the page scope) but an unlimited number of descendants as well as peer scopes.

search criteria: A criteria used to determine which messages are included in a folder with specific characteristics. It is composed of a restriction, which is the filter to be applied, and a search scope, which are the folders that contain the content to search.

search folder: (1) A collection of related items to be crawled by a search service.

(2) A Folder object that provides a means of querying for items that match certain criteria. The search folder includes the search folder definition message and the search folder container.

search folder container: A Folder object that is created according to the specifications in the definition message. It is in the Finder folder of the message database.

search folder definition message: A folder associated information (FAI) message that persists all the information that defines a search folder. It is in the associated contents table of the Common Views folder in the message database.

search key: A binary-comparable key that identifies related objects for a search.

search template: A template that defines a dialog box which enables users to specify search criteria for Address Book objects.

secondary data source: An XML data file, a database, or a web service that is used to populate controls or provide values in an InfoPath form.

secondary flag storage location: A binary property that is used to encode a second set of flagging properties, which do not affect the flagged state of a Message object.

secret key: A symmetric encryption key shared by two entities, such as between a user and the domain controller (DC), with a long lifetime. A password is a common example of a secret key. When used in a context that implies Kerberos only, a principal's secret key.

Secure Real-Time Transport Protocol (SRTP): A profile of Real-Time Transport Protocol (RTP) that provides encryption, message authentication (2), and replay protection to the RTP data, as described in [RFC3711].

Secure Sockets Layer (SSL): A security protocol that supports confidentiality and integrity of messages in client and server applications that communicate over open networks. SSL uses two keys to encrypt data—a public key known to everyone and a private or secret key known only to the recipient of the message. SSL supports server and, optionally, client authentication (2) using X.509certificates (2). For more information, see [X509]. The SSL protocol is precursor to Transport Layer Security (TLS). The TLS version 1.0 specification is based on SSL version 3.0.

security association (SA): A simplex "connection" that provides security services to the traffic carried by it. See [RFC4301] for more information.

security descriptor: A data structure containing the security information associated with a securable object. A security descriptor identifies an object's owner by its security identifier (SID). If access control is configured for the object, its security descriptor contains a discretionary access control list (DACL) with SIDs for the security principals who are allowed or denied access. Applications use this structure to set and query an object's security status. The security descriptor is used to guard access to an object as well as to control which type of auditing takes place when the object is accessed. The security descriptor format is specified in [MS-DTYP] section 2.4.6; a string representation of security descriptors, called SDDL, is specified in [MS-DTYP] section 2.5.1.

security identifier (SID): An identifier for security principals in Windows that is used to identify an account or a group. Conceptually, the SID is composed of an account authority portion (typically a domain) and a smaller integer representing an identity relative to the account authority, termed the relative identifier (RID). The SID format is specified in [MS-DTYP] section 2.4.2; a string representation of SIDs is specified in [MS-DTYP] section 2.4.2 and [MS-AZOD] section

security principal: (1) A unique entity that is identifiable through cryptographic means by at least one key. It frequently corresponds to a human user, but also can be a service that offers a resource to other security principals. Also referred to as principal.

(2) An identity that can be used to regulate access to resources. A security principal can be a user, a computer, or a group that represents a set of users.

(3) A unique entity identifiable through cryptographic means by at least one key. A security principal often corresponds to a human user but can also be a service offering a resource to other security principals. Sometimes referred to simply as a "principal".

(4) An identity that can be used to regulate access to resources, as specified in [MS-AUTHSOD] section A security principal can be a user, a computer, or a group that represents a set of users.

(5) A unique entity, also referred to as a principal, that can be authenticated by Active Directory. It frequently corresponds to a human user, but also can be a service that offers a resource to other security principals. Other security principals might be a group, which is a set of principals. Groups are supported by Active Directory.

(6) An entity that is associated with a human user or a program that can be authenticated. At a minimum, it has two basic attributes, a name and an identifier, that uniquely identifies it and makes it meaningful to the system, administrators, and users. A security principal is also known as a principal or an account.

security principal identifier: A value that is used to uniquely identify a security principal (2). In Windows-based systems, it is a security identifier (SID). In other types of systems, it can be a user identifier or other type of information that is associated with a security principal (2).

security principal object: An object that corresponds to a security principal. A security principal object contains an identifier, used by the system and applications to name the principal, and a secret that is shared only by the principal. In Active Directory, a security principal object has the objectSid attribute. In Active Directory, the user, computer, and group object classes are examples of security principalobject classes (though not every group object is a security principal object). In AD LDS, any object containing the msDS-BindableObject auxiliary class is a security principal. See also computer object, group object, and user object.

security protocol: A protocol that performs authentication and possibly additional security services on a network.

security provider: (1) A Component Object Model (COM) object that provides methods that return custom information about the security of a site.

(2) A pluggable security module that is specified by the protocol layer above the remote procedure call (RPC) layer, and will cause the RPC layer to use this module to secure messages in a communication session with the server. The security provider is sometimes referred to as an authentication service.

(3) A pluggable security module that is specified by the protocol layer above remote procedure call (RPC), and will cause RPC to use this module to secure messages in a communication session with the server. Sometimes referred to as an authentication service. For more information, see [C706] and [MS-RPCE].

security support provider (SSP): A dynamic-link library (DLL) that implements the Security Support Provider Interface (SSPI) by making one or more security packages available to applications. Each security package provides mappings between an application's SSPI function calls and an actual security model's functions. Security packages support security protocols such as Kerberos authentication and NTLM.

Security Support Provider Interface (SSPI): A Windows-specific API implementation that provides the means for connected applications to call one of several security providers to establish authenticated connections and to exchange data securely over those connections. This is the Windows equivalent of Generic Security Services (GSS)-API, and the two families of APIs are on-the-wire compatible.

security token: (1) An opaque message or data packet produced by a Generic Security Services (GSS)-style authentication package and carried by the application protocol. The application has no visibility into the contents of the token.

(2) A collection of one or more claims. Specifically in the case of mobile devices, a security token represents a previously authenticated user as defined in the Mobile Device Enrollment Protocol [MS-MDE].

security token service (STS): (1) A web service that issues claims (2) and packages them in encrypted security tokens.

(2) A web service that issues security tokens. That is, it makes assertions based on evidence that it trusts; these assertions are for consumption by whoever trusts it. For more information, see [WSFedPRP] sections 1.4 and 2 and [WSTrust] section 2.4. For [MS-ADFSPP], [MS-ADFSWAP], and [MS-MWBF], STS refers to services that support (either directly or via a front end) the protocol defined in each of those specifications.

(3) To communicate trust, a service requires proof, such as a signature to prove knowledge of a security token or set of security tokens. A service itself can generate tokens or it can rely on a separate STS to issue a security token with its own trust statement. (Note that for some security token formats, this can be just a re-issuance or co-signature.) This forms the basis of trust brokering.

(4) A special type of server defined in WS-Trust [WSTrust1.3].

segment: (1) A subdivision of content. In version 1.0 Content Information, each segment has a size of 32 megabytes, except the last segment which can be smaller if the content size is not a multiple of the standard segment sizes. In version 2.0 Content Information, segments can vary in size.

(2) A set of stations that see each other’s link-layer frames without being changed by any device in the middle, such as a switch.

(3) A unit of content for discovery purposes. A segment is identified on the network by its public identifier, also known as segment ID or HoHoDk. A segment does not belong to any particular content; it can be shared by many content items if all those content items have an identical segment-sized portion at some offset.

send on behalf: A special permission that is granted to a delegate. It allows the delegate to send Message objects representing the delegator.

sendable attendee: An attendee to whom a meeting request or meeting update will be sent. A sendable attendee can be a required attendee or an optional attendee, or a resource.

sender flag: A collection of property values that indicate that a Draft Message object has been marked such that the copy of the Message object that is saved in the sender's mailbox after the message is sent will appear flagged to the sender.

sender reminder: A collection of property values that indicate that a Draft Message object has been marked such that the copy of the Message object that is saved in the sender’s mailbox after the message is sent will have an active reminder.

Sent Items folder: A special folder that is the default location for storing copies of Message objects after they are submitted or sent.

sequence: (1) A unique identifier for a delta that includes the user identifier for the endpoint (3) that created the delta.

(2) The set of message packets sent over a session that represent a message sequence. A message is associated with a sequence number that corresponds to its position within the sequence. Sequence numbers begin with 1 and increment by 1 with each subsequent message.

(3) A one-way, uniquely identifiable batch of messages between an RMS and an RMD.

sequence number: (1) A numeric value that is used to define the order in which a series of events occurs in an execution sequence or transaction.

(2) The revision number of a Meeting object. The sequence number is used to determine the most recent meeting update that was sent by the organizer.

(3) An 8-bit identifier that specifies the location order of a speech frame within a voice burst, and which is used to reorder speech frames upon their receipt. The value of the number starts at 0, increases by one for each speech frame within the voice burst, and may wrap through reuse of older low values that are no longer in the computing system. Sequence number wrapping occurs when the transmitting client reuses a sequence number that was previously used. For example, after using sequence numbers 0x00 through 0xFF, the client transmits a speech frame that reuses the sequence number 0x00. It is the responsibility of the receiver to be aware that the sequence numbers of received speech frames may wrap. In order to allow for guaranteed reordering, the receiver must appropriately handle the situation where more than one received speech frame uses the same sequence number.

(4) In the NTLM protocol, a sequence number can be explicitly provided by the application protocol, or generated by NTLM. If generated by NTLM, the sequence number is the count of each message sent, starting with 0.

(5) A number that uniquely identifies a request and response that is sent on an SMB 2 Protocol connection. For a description of how sequence numbers are allocated, see [MS-SMB2] sections and

Serialization Format: The structure of the serialized message content, which can be either binary or SOAP. Binary serialization format is specified in [MS-NRBF]. SOAP serialization format is specified in [MS-NRTP].

server: (1) A computer on which the remote procedure call (RPC) server is executing.

(2) A replicating machine that sends replicated files to a partner (client). The term "server" refers to the machine acting in response to requests from partners that want to receive replicated files.

(3) A DirectPlay system application that is hosting a DirectPlay game session. In the context of DirectPlay 8, the term is reserved for hosts using client/server mode.

(4) For the Peer Content Caching and Retrieval Framework, a server is a server-role peer; that is, a peer that listens for incoming block-range requests from client-role peers and responds to the requests.

(5) Used as a synonym for domain controller. See [MS-DISO].

(6) Refers to the Group Policy server that is involved in a policy application sequence. See [MS-GPOL].

(7) The entity that responds to the HTTP connection. See [MS-TSWP].

(8) A server capable of issuing OMA-DM commands to a client and responding to OMA-DM commands issued by a client. See [MS-MDM]

(9) Used to identify the system that implements WMI services, provides management services, and accepts DCOM ([MS-DCOM]) calls from WMI clients.

(10) A domain controller. Used as a synonym for domain controller. See [MS-ADOD]

(11) An entity that transfers content to a client through streaming. A server might be able to do streaming on behalf of another server; thus, a server can also be a proxy. See [MS-WMLOG]

(12) Used as described in [RFC2616] section 1.3. See [MS-NTHT]

(13) For the purposes of [MS-RDC], the server is the source location.

(14) Any process that accepts commands for execution from a client by using the PowerShell Remoting Protocol.

Server Message Block (SMB): A protocol that is used to request file and print services from server systems over a network. The SMB protocol extends the CIFS protocol with additional security, file, and disk management support. For more information, see [CIFS] and [MS-SMB].

Server object: An object on a server that is used as input or created as output for remote operations (ROPs).

Server object handle: A 32-bit value that identifies a Server object.

Server object handle table: An array of 32-bit handles that are used to identify input and output Server objects for ROP requests and ROP responses.

server replica: A copy of a user's mailbox that exists on a server.

server-side rule: A rule for which all actions are executed by a server.

service: (1) A process or agent available on the network, offering resources or services for clients. Examples of services include file servers, web servers, and so on.

(2) A process or agent that is available on the network, offering resources or services for clients. Examples of services include file servers, web servers, and so on.

(3) A program that is managed by the Service Control Manager (SCM). The execution of this program is governed by the rules defined by the SCM.

(4) The receiving endpoint of a web services request message, and sender of any resulting web services response message.

(5) A logical functional unit that represents the smallest units of control and that exposes actions and models the state of a physical device with state variables. For more information, see [UPNPARCH1.1] section 3.

(6) An application that provides management services to clients through the WS-Management Protocol and other web services.

(7) A SIP method defined by Session Initiation Protocol Extensions used by the client to request a service from the server.

service binding information: The URIs that are needed to bind to a service.

service connection point: An object that is made available by a directory service and that clients can use to discover Autodiscover servers.

Service Control Manager (SCM): An RPC server that enables configuration and control of service programs.

session: (1) A unidirectional communication channel for a stream of messages that are addressed to one or more destinations. A destination is specified by a resource URL, an identity URL, and a device URL. More than one session can be multiplexed over a single connection.

(2) A representation of application data in system memory. It is used to maintain state for application data that is being manipulated or monitored on a protocol server by a user.

(3) A collection of multimedia senders and receivers and the data streams that flow between them. A multimedia conference is an example of a multimedia session.

(4) In Kerberos, an active communication channel established through Kerberos that also has an associated cryptographic key, message counters, and other state.

(5) In Server Message Block (SMB), a persistent-state association between an SMB client and SMB server. A session is tied to the lifetime of the underlying NetBIOS or TCP connection.

(6) In the Challenge-Handshake Authentication Protocol (CHAP), a session is a lasting connection between a peer and an authenticator.

(7) In the Workstation service, an authenticated connection between two computers.

(8) An active communication channel established through NTLM, that also has an associated cryptographic key, message counters, and other state.

(9) In OleTx, a transport-level connection between a Transaction Manager and another Distributed Transaction participant over which multiplexed logical connections and messages flow. A session remains active so long as there are logical connections using it.

(10) The state maintained by the server when it is streamingcontent to a client. If a server-side playlist is used, the same session is used for all content in the playlist.

(11) An authenticated context that is established between an SMB 2 Protocol client and an SMB 2 Protocol server over an SMB 2 Protocol connection for a specific security principal. There could be multiple active sessions over a single SMB 2 Protocol connection. The SessionId field in the SMB2 packet header distinguishes the various sessions.

(12) An authenticated communication channel between the client and server correlating a group of messages into a conversation.

(13) A collection of state information on a directory server. An implementation of the SOAP session extensions (SSE) is free to choose the state information to store in a session.

(14) In LU 6.2, a session is a connection between LUs that can be used by a succession of conversations. A given pair of LU 6.2s may be connected by multiple sessions. For a more complete definition, see [LU62Peer].

(15) A context for managing communication over LLTD among stations.

(16) The operational environment in which an application and its commands execute.

(17) A context for managing communication over qWave-WD among devices. This is equivalent to a TCP connection.

(18) A multimedia session is a set of multimedia senders and receivers and the data streams flowing from senders to receivers. A multimedia conference is an example of a multimedia session.

(19) A set of multimedia senders and receivers and the data streams flowing from senders to receivers. A multimedia conference is an example of a multimedia session.

Session Context: A server-side partitioning for client isolation. All client actions against a server are scoped to a specific Session Context. All messaging objects and data that is opened by a client are isolated to a Session Context.

session context handle: A remote procedure call (RPC) context handle that is used by a client when issuing RPCs against a server on EMSMDB interface methods. It represents a handle to a unique session context on the server.

Session Initiation Protocol (SIP): An application-layer control (signaling) protocol for creating, modifying, and terminating sessions with one or more participants. SIP is defined in [RFC3261].

session key: (1) A symmetric key that is derived from a master key and is used to encrypt or authenticate a specific media stream by using the Secure Real-Time Transport Protocol (SRTP) and Scale Secure Real-Time Transport Protocol (SSRTP).

(2) A relatively short-lived symmetric key (a cryptographic key negotiated by the client and the server based on a shared secret). A session key's lifespan is bounded by the session to which it is associated. A session key should be strong enough to withstand cryptanalysis for the lifespan of the session.

SHA-1 hash: A hashing algorithm as specified in [FIPS180-2] that was developed by the National Institute of Standards and Technology (NIST) and the National Security Agency (NSA).

share: (1) A resource offered by a Common Internet File System (CIFS) server for access by CIFS clients over the network. A share typically represents a directory tree and its included files (referred to commonly as a "disk share" or "file share") or a printer (a "print share"). If the information about the share is saved in persistent store (for example, Windows registry) and reloaded when a file server is restarted, then the share is referred to as a "sticky share". Some share names are reserved for specific functions and are referred to as special shares: IPC$, reserved for interprocess communication, ADMIN$, reserved for remote administration, and A$, B$, C$ (and other local disk names followed by a dollar sign), assigned to local disk devices.

(2) To make content on a host desktop available to participants. Participants with a sufficient control level may interact remotely with the host desktop by sending input commands.

(3) A local resource that is offered by an SMB 2 Protocol server for access by SMB 2 Protocol clients over the network. The SMB 2 Protocol defines three types of shares: file (or disk) shares, which represent a directory tree and its included files; pipe shares, which expose access to named pipes; and print shares, which provide access to print resources on the server. A pipe share as defined by the SMB 2 Protocol must always have the name "IPC$". A pipe share must only allow named pipe operations and DFS referral requests to itself.

shared folder: A folder for which a sharing relationship has been created to share items in the folder between two servers.

shared space: A set of tools that is synchronized between different endpoints (3), as described in [MS-GRVDYNM].

sharing invitation: A type of Sharing Message object that informs a user that the user was granted access to another user's folder and provides the information necessary to locate that folder.

Sharing Message object: A Message object that is used to inform a recipient that they were granted access to another user’s folder, request access to a recipient’s folder, or respond to a request for access to a folder.

sharing provider: A software agent that is responsible for properly generating and processing a predefined Sharing Message object format.

sharing request: A type of Sharing Message object that is used to request access to a user’s folder.

sharing response: A type of Sharing Message object that is used to respond to a sharing request.

Short Message Service (SMS): A communications protocol that is designed for sending text messages between mobile phones.

Side: An area on a physical medium that can store data. Although most physical media have only a single side, some may have two sides. For instance, a magneto-optic (MO) disk has two sides: an "A" side and a "B" side. When an MO disk is placed in a drive with the "A" side up, the "A" side is accessible and the "B" side is not. To access the "B" side, the disk must be inserted with the "B" side up. The data stored on different sides of the same physical medium are independent of one another.

signal time: The time at which a reminder has been specified to notify the user or an agent acting on behalf of the user. For example, the signal time for a meeting that starts at 11:00 A.M. can be 10:45 A.M., thus allowing the user 15 minutes to prepare for or travel to the meeting upon receiving the notification.

signature: (1) A synonym for hash.

(2) A value computed with a cryptographic algorithm and bound to data in such a way that intended recipients of the data can use the signature to verify that the data has not been altered and/or has originated from the signer of the message, providing message integrity and authentication. The signature can be computed and verified either with symmetric key algorithms, where the same key is used for signing and verifying, or with asymmetric key algorithms, where different keys are used for signing and verifying (a private and public key pair are used). For more information, see [WSFedPRP].

(3) The lowest node ID in the graph.

(4) A structure containing a hash and block chunk size. The hash field is 16 bytes, and the chunk size field is a 2-byte unsigned integer.

significant change: A change that is made by an organizer to a Meeting object and requires a Meeting Update object to be sent.

Simple Mail Transfer Protocol (SMTP): A member of the TCP/IP suite of protocols that is used to transport Internet messages, as described in [RFC5321].

Simple Symmetric Transport Protocol (SSTP): A protocol that enables two applications to engage in bi-directional, asynchronous communication. SSTP supports multiple application endpoints (5) over a single network connection between client nodes.

single-instance object: An Appointment object, Meeting object, or Task object that occurs only once.

single-valued claim: See claim.

SIP element: An entity that understands the Session Initiation Protocol (SIP).

SIP method: The primary function that an SIP request is meant to call on a server. This method is carried in the request message itself. Example methods are INVITE and BYE.

SIP protocol client: A network client that sends Session Initiation Protocol (SIP) requests and receives SIP responses. An SIP client does not necessarily interact directly with a human user. User agent clients (UACs) and proxies are SIP clients.

SIP request: A Session Initiation Protocol (SIP) message that is sent from a user agent client (UAC) to a user agent server (UAS) to call a specific operation.

site collection: A set of websites (1) that are in the same content database, have the same owner, and share administration settings. A site collection can be identified by a GUID or the URL of the top-level site for the site collection. Each site collection contains a top-level site, can contain one or more subsites, and can have a shared navigational structure.

site mailbox: A repository comprised of a mailbox and a web-based collaboration environment that is presented to users as a mailbox in an email client. A site mailbox uses team membership to determine which users have access to the repository.

site template: An XML-based definition of site settings, including formatting, lists, views, and elements such as text, graphics, page layout, and styles. Site templates are stored in .stp files in the content database.

skip block: The block in a binary large object (BLOB) that acts as padding, reserving space that can be used by future versions to insert data. The block consists of a ULONG that describes how many additional ULONGs to skip ahead.

Slot: A storage location within a library. For example, a tape library has one slot for each tape that the library can hold. A stand-alone drivelibrary has no slots. Most libraries have at least four slots. Sometimes slots are organized into collections of slots called magazines. Magazines are usually removable.

SMS object: A Message object that represents a Short Message Service (SMS) message in a message store.

snooze: A process that delays an overdue reminder by a specified time interval. At the end of the time interval, the reminder becomes overdue again.

SOAP: A lightweight protocol for exchanging structured information in a decentralized, distributed environment. SOAP uses XML technologies to define an extensible messaging framework, which provides a message construct that can be exchanged over a variety of underlying protocols. The framework has been designed to be independent of any particular programming model and other implementation-specific semantics. SOAP 1.2 supersedes SOAP 1.1. See [SOAP1.2-1/2003].

SOAP 1.1: (1) Version 1.1 of the SOAP (Simple Object Access Protocol) standard. For the complete definition of SOAP 1.1, see [SOAP1.1].

(2) Simple Object Access Protocol (SOAP) 1.1 [SOAP1.1].

SOAP 1.2: Version 1.2 of the SOAP standard. Some examples of changes introduced in SOAP 1.2 include an updated envelope structure, as well as updates to the structure and semantics for SOAP faults. The binding framework was also updated to allow binding to non-HTTP transports. Starting with version 1.2, SOAP is no longer an acronym. See also SOAP. For the complete specification of SOAP 1.2, see [SOAP1.2-1/2007] and [SOAP1.2-2/2007].

SOAP action: The HTTP request header field used to indicate the intent of the SOAP request, using a URI value. See [SOAP1.1] section 6.1.1 for more information.

SOAP body: A container for the payload data being delivered by a SOAP message to its recipient. See [SOAP1.2-1/2007] section 5.3 for more information.

SOAP envelope: A container for SOAP message information and the root element of a SOAP document. See [SOAP1.2-1/2007] section 5.1 for more information.

SOAP fault: A container for error and status information within a SOAP message. See [SOAP1.2-1/2007] section 5.4 for more information.

SOAP header: A mechanism for implementing extensions to a SOAP message in a decentralized manner without prior agreement between the communicating parties. See [SOAP1.2-1/2007] section 5.2 for more information.

SOAP message: An XML document consisting of a mandatory SOAP envelope, an optional SOAP header, and a mandatory SOAP body. See [SOAP1.2-1/2007] section 5 for more information.

SOAP session extensions (SSE): Extensions to DSML that make it possible to maintain state information across multiple request/response operations.

soft delete: A process that removes an item from the system, but not permanently. If an item is soft deleted, a server retains a back-up copy of the item and a client can access, restore, or permanently delete the item. See also hard delete.

sort order: (1) A set of rules in a search query that defines the order of relevant results. Each rule consists of a managed property, such as modified date or size, and a direction for order, such as ascending or descending. Multiple rules are applied sequentially.

(2) A specific arrangement of cells that is based on cell content. The order can be ascending or descending.

(3) The order in which the rows in a Table object are requested to appear. This can involve sorting on multiple properties and sorting of categories (5).

(4) The set of rules in a search query that define the ordering of rows in the search result. Each rule consists of a property (for example, name or size) and a direction for the ordering (ascending or descending). Multiple rules are applied sequentially.

spam: An unsolicited email message.

spam filter: A filter that checks certain conditions in a message to determine a spam confidence level.

special folder: One of a default set of Folder objects that can be used by an implementation to store and retrieve user data objects.

speech frame: Encoded voice streams are broken into pieces; each piece is called a speech frame. For the DirectPlay Voice Protocol, the size of each speech frame depends on the codec selected. This list of codecs and their frame sizes is specified in section 1.3.7.

spooler queue: A series of outgoing messages that are ready for delivery to recipients (1).

stamp: Information that describes an originating update by a domain controller (DC). The stamp is not the new data value; the stamp is information about the update that created the new data value. A stamp is often called metadata, because it is additional information that "talks about" the conventional data values. A stamp contains the following pieces of information: the unique identifier of the DC that made the originating update; a sequence number characterizing the order of this change relative to other changes made at the originating DC; a version number identifying the number of times the data value has been modified; and the time when the change occurred.

standard rule: A rule that is created, modified, or deleted by using the RopModifyRules remote operation.

station: Any device that implements LLTD.

storage: (1) An element of a compound file that is a unit of containment for one or more storages and streams, analogous to directories in a file system, as described in [MS-CFB].

(2) A set of elements with an associated CLSID used to identify the application or component that created the storage.

(3) A storage object, as defined in [MS-CFB].

Store object: An object that is used to store mailboxes and public folder content.

stream: (1) An element of a compound file, as described in [MS-CFB]. A stream contains a sequence of bytes that can be read from or written to by an application, and they can exist only in storages.

(2) A flow of data from one host to another host, or the data that flows between two hosts.

(3) A sequence of bytes written to a file on the NTFS file system. Every file stored on a volume that uses the NTFS file system contains at least one stream, which is normally used to store the primary contents of the file. Additional streams within the file may be used to store file attributes, application parameters, or other information specific to that file. Every file has a default data stream, which is unnamed by default. That data stream, and any other data stream associated with a file, may optionally be named.

(4) A sequence of bytes that typically encodes application data.

(5) A sequence of ASF media objects ([ASF] section 5.2) that can be selected individually. For example, if a movie has an English and a Spanish soundtrack, each may be encoded in the ASF file as a separate stream. The video data would also be a separate stream.

(6) A sequence of messages whose delivery is guaranteed exactly once and in order.

(7) A set of tracks interchangeable at the client when playing media.

(8) An individual audio or video data-flow in a presentation. The media data in an individual stream always uses the same media dataformat.

(9) A flow of data from one host to another host. May also be used to reference the flowing data.

(10) A stream object, as defined in [MS-CFB].

Stream object: A Server object that is used to read and write large string and binary properties.

streaming: (1) The act of transferring content from a sender to a receiver.

(2) The act of processing a part of an XML Infoset without requiring that the entire XML Infoset be available.

string named property: A named property that has a Unicode string as a name identifier, which is stored in the Name field of a PropertyName structure. A string named property can have any property type; "string" refers only to its name identifier.

structural object class: An object class that is not an 88 object class and can be instantiated to create a new object.

structured document: A document that is internally composed of multiple streams (1) that specify data for individual pieces of the document, such as style information, images, or embedded objects. The streams allow pieces of the document to be addressed and manipulated individually.

SubAuthority: A variable-length array of unsigned, 32-bit integer values that is part of a security identifier (SID). Each of these values is called a SubAuthority. All SubAuthority values excluding the last one collectively identify a domain. The last value, termed as the relative identifier (RID), identifies a particular group or account relative to the domain. For more information, see [SIDD].

subobject: For a folder, the messages and subfolders that are contained in that folder. For a message, the recipients (2) and attachments to that message. For an attachment, the Embedded Message object for that attachment.

SUBSCRIBE: A Session Initiation Protocol (SIP) method that is used to request asynchronous notification of an event or a set of events at a later time.

subscriber: (1) A Session Initiation Protocol (SIP) client that is making a SUBSCRIBE request.

(2) An application that needs to receive events that are published by another application.

(3) An application that needs to receive historical data published by another application.

subscription: (1) The result of a SUBSCRIBE request from a Session Initiation Protocol (SIP) element.

(2) The end result of an act of a SIP element sending a SUBSCRIBE request.

(3) A registration performed by a subscriber to specify a requirement to receive events, future messages, or historical data.

(4) A request for a copy of a publication to be delivered to a subscriber. For more information, see [MSDN-RepPub].

switch: (1) A data link-layer device that propagates frames between segments and allows communication among stations on different segments. Stations that are connected through a switch see only those frames destined for their segments. Compare this term with hub and router.

(2) A logical device type that provides options to run a terminal window or a custom script for a dial-up connection. This device type is not used for dialing a connection.

symmetric key: A secret key used with a cryptographic symmetric algorithm. The key needs to be known to all communicating parties. For an introduction to this concept, see [CRYPTO] section 1.5.

synchronization context: See synchronization download context or synchronization upload context.

synchronization download context: A Server object that represents a context for an ICS download.

synchronization scope: A set of complex criterion that defines a superset of all the messaging objects that are within a specific mailbox and are considered for a single synchronization operation.

Synchronization Source (SSRC): A 32-bit identifier that uniquely identifies a media stream (2) in a Real-Time Transport Protocol (RTP) session. An SSRC value is part of an RTP packet header, as described in [RFC3550].

synchronization upload context: A Server object that represents a context for an ICS upload.

syntax: See attribute syntax.

system volume (SYSVOL): A shared directory that stores the server copy of the domain's public files that must be shared for common access and replication throughout a domain.