Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Redmond Protocols Plugfest 2016 Windows Protocols Overview Documents The role of the Message Analyzer parsers and network captures Althea Champagnie, Senior Content Developer, Microsoft Paul Bartos, Senior Content Developer, Microsoft Randy Dong, Software Engineer II, Microsoft Agenda • What, why, where of Overview Documents • Why were they created? • What technology areas do they cover? • How are use cases paired with their network captures? • A look through an Overview Document • How is it structured? • What protocols does it cover? • Demo of one of the examples and its associated network capture • Wrap up • Hands-on demo • Q&A What Are Overview Documents? • “… illustrate how Windows protocols that are functionally related work together, with practical examples that demonstrate common usage scenarios.” • Good resource for new developers getting into protocol implementation work • Good for seasoned developers getting into a new technology area • Includes sequencing diagrams of the examples • Includes Network Captures of the examples • Find them at https://aka.ms/ods Typical Outline of an OD Where Can You Find Them? At https://aka.ms/ods What ODs Are Available? Technology Overview Document(s) File, Fax, and Printing Services MS-CCROD, MS-FASOD, MS-FSMOD, MSPRSOD, MS-STOROD, MS-VSOD [prelim] Security and Identity Management MS-AUTHSOD, MS-AZOD, MS-CERSOD, MS-RMSOD Directory Services MS-ADOD, MS-ADFSOD Systems Management MS-GPOD, MS-WMOD, MS-WSUSOD Application Services MS-MQOD, MS-TPSOD Collaboration and Communications MS-MSSOD Networking MS-NETOD, MS-NAPOD Remote Connectivity MS-RDSOD What Are The Network Captures? Where Are The Network Captures? • At https://aka.ms/ODCap Next Up... An overview of an OD A sequencing diagram and network capture for one example in detail A Brief Tour… The Active Directory Federation Services (AD FS) Protocols Overview Document [MS-ADFSOD] (https://msdn.microsoft.com/en-us/library/dn600411.aspx; short URL: https://aka.ms/adfsod) Scenario – User and Relying Party in Different Realms A user wishes to use a number of resources that are accessible through the Internet, but does not wish to log on to each resource separately. This example of single sign-on (SSO) uses security token service (STS) and WS-Federation Environment 3.1.1.1 User and Relying Party in Different Realms Example [email protected] p@ssw0rd User: Randy Prerequisites for TLS/SSL decryption on NDIS • Disable DH in SSL cipher suite: ‐ “gpedit.msc” =>”SSL Cipher Suite Order” • Disable extended master secret: ‐ HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL ‐ Client: add DWORD 'DisableClientExtendedMasterSecret' key with non-zero ‐ Server: add DWORD 'DisableServerExtendedMasterSecret‘ key with non-zero • Disable TLS resume session: ‐ HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL ‐ Set DWORD 'ClientCacheTime‘ key with zero Step 1 Step 3 Step 5 Step 7 Step 11 Step 12 Step 14 Step 16 Step 20 Wrap Up • Hands-on demo available. Contact us – [email protected], [email protected], [email protected] - if you're interested • Feedback on MS-VSOD [email protected] • Feedback on the ODs (what additions you'd like to see in the current ones, which new ones we should create): [email protected] • Thank You! Interoperability Resources • Windows Overview Documents: http://aka.ms/ods http://aka.ms/ADFSOD • http://aka.ms/odcap Windows Technical Documents: http://aka.ms/techspecs http://aka.ms/doco http://aka.ms/plugfests