How does windows file sharing actually work?

I just added a quoted answers from Microsoft resources for how Windows file sharing works protocol and authentication wise. This should tell you what you need for all your questions.

1 Answer 1

How does windows file sharing actually work?

_{Microsoft SMB Protocol Authentication}

_{The security model used in Microsoft SMB Protocol is identical to the one used by other variants of SMB, and consists of two levels of security—user and share. A share is a file, directory, or printer that can be accessed by Microsoft SMB Protocol clients.}

_{User-level authentication indicates that the client attempting to access a share on a server must provide a user name and password. When authenticated, the user can then access all shares on a server not also protected by share-level security. This security level allows system administrators to specifically determine which users and groups can access a share.}

_{Share-level authentication indicates that access to a share is controlled by a password assigned to that share only. Unlike user-level security, this security level does not require a user name for authentication and no user identity is established.}

_{Under both of these security levels, the password is encrypted before it is sent to the server. NTLM and the older LAN Manager (LM) encryption are supported by Microsoft SMB Protocol. Both encryption methods use challenge-response authentication, where the server sends the client a random string and the client returns a computed response string that proves the client has sufficient credentials for access.}

_source

_{Microsoft SMB Protocol and CIFS Protocol Overview}

• _{Dialect negotiation}
• _{Determining other Microsoft SMB Protocol servers on the network, or network browsing}
• _{Printing over a network}
• _{File, directory, and share access authentication}
• _{File and record locking}
• _{File and directory change notification}
• _{Extended file attribute handling}
• _{Unicode support}
• _{Opportunistic locks}

• _{Session control packets—Establishes and discontinues a connection to shared server resources.}
• _{File access packets—Accesses and manipulates files and directories on the remote server.}
• _{General message packets—Sends data to print queues, mailslots, and named pipes, and provides data about the status of print queues.}

• _{Description: To establish a connection between a client and a server using Microsoft SMB Protocol, you must first determine the dialect with the highest level of functionality that both the client and server support.}

• _{Description: The security model used in Microsoft SMB Protocol is identical to the one used by other variants of SMB, and consists of two levels of security—user and share. A share is a file, directory, or printer that can be accessed by Microsoft SMB Protocol clients.}

• _{Description: Example of a Microsoft SMB Protocol packet exchange between a client and a server.}

Comment Clarification

File access packets—Accesses and manipulates files and directories on the remote server.' How does this happen? Where is the response packet to give the requested data to client? Kraken

_{Each packet is typically a basic request of some kind, such as open file, close file, or read file. The server then receives the packet, checks to see if the request is legal, verifies the client has the appropriate file permissions, and finally executes the request and returns a response packet to the client. The client then parses the response packet and can determine whether or not the initial request was successful.}

_source

Further Resources

A diagram and an explanation of the authentication aspects involved in establishing a client-server session with the protocol.

• 3.2.4.2.4.1 Sequence Diagram

Reads for further detail on SMB.

• Microsoft SMB, SMB2, NetBIOS, WINS protocol suite
• Server Message Block
• Server Message Block Protocol (SMB)