|SMB Protocol Variant||Protocol Name||Comments|
|PC NETWORK PROGRAM 1.0||Core Protocol||The original version of SMB as defined in IBM's PC Network Program. Some versions were called PCLAN1.0|
|MICROSOFT NETWORKS 1.03||Core Plus Protocol||Included Lock&Read and Write&Unlock SMBs with different versions of raw read and raw write SMBs|
|MICROSOFT NETWORKS 3.0||DOS LAN Manager 1.0||The same as LANMAN1.0, but OS/2 errors must be translated to DOS errors.|
|LANMAN1.0||LAN Manager 1.0||The full LANMAN1.0 protocol.|
|DOS LM1.2X002||LAN Manager 2.0||The same as LM1.2X002, but errors must be translated to DOS errors.|
|LM1.2X002||LAN Manager 2.0||The full LANMAN2.0 protocol.|
|DOS LANMAN2.1||LAN Manager 2.1||The same as LANMAN2.1, but errors must be translated to DOS errors.|
|LANMAN2.1||LAN Manager 2.1||The full LANMAN2.1 protocol.|
|Windows for Workgroups 3.1a||LAN Manager 2.1?||Windows for Workgroups 1.0?|
|NT LM 0.12||NT LAN Manager 1.0?||Contains special SMBs for NT|
|Samba||NT LAN Manager 1.0?||Samba's version of NT LM 0.12?|
|CIFS 1.0||NT LAN Manager 1.0||Really NT LM 0.12 plus a bit?|
Some variants introduced new SMBs, some simply changed the format of existing SMBs or responses, and some variants did both.
The SMB model defines two levels of security:
Browsing the network
Having lots of servers out in the network is not much good if users cannot find them. Of course, clients can simply be configured to know about the servers in their environment, but this does not help when new servers are to be introduced or old ones removed.
To solve this problem, browsing has been introduced. Each server
broadcasts information about its presence. Clients listen for
these broadcasts and build up browse lists. In a NetBEUI environment,
this is satisfactory, but in a TCP/IP environment, problems arise.
The problems exist because TCP/IP broadcasts are not usually sent
outside the subnet in which they originate (although some routers
can selectively transport broadcasts to other subnets).
Microsoft have introduced browse servers and the Windows Internet Name Service (WINS) to help overcome these problems.
CIFS: The latest incarnation?
Microsoft and a group of other vendors (Digital Equipment, Data General, SCO, Network Appliance Corp, etc) are engaged in developing a public version of the SMB protocol. It is expected that CIFS 1.0 will be essentially NT LM 0.12 with some modifications for easier use over the Internet.
An Example SMB Exchange
The protocol elements (requests and responses) that clients and servers exchange are called SMBs. They have a specific format that is very similar for both requests and responses. Each consists of a fixed size header portion, followed by a variable sized parameter and data portion.
After connecting at the NetBIOS level, either via NBF, NetBT, etc, the client is ready to request services from the server. However, the client and server must first identify which protocol variant they each understand.
The client sends a negprot SMB to the server, listing the protocol dialects that it understands. The server responds with the index of the dialect that it wants to use, or 0xFFFF if none of the dialects was acceptable.
Dialects more recent than the Core and CorePlus protocols supply
information in the negprot response to indicate their capabilities
(max buffer size, canonical file names, etc).
Once a protocol has been established. The client can proceed to logon to the server, if required. They do this with a sesssetupX SMB. The response indicates whether or not they have supplied a valid username password pair and if so, can provide additional information. One of the most important aspects of the response is the UID of the logged on user. This UID must be submitted with all subsequent SMBs on that connection to the server.
Once the client has logged on (and in older protocols-Core and CorePlus-you cannot logon), the client can proceed to connect to a tree.
The client sends a tcon or tconX SMB specifying the network name of the share that they wish to connect to, and if all is kosher, the server responds with a TID that the client will use in all future SMBs relating to that share.
Having connected to a tree, the client can now open a file with an open SMB, followed by reading it with read SMBs, writing it with write SMBs, and closing it with close SMBs.
The main clients are from Microsoft, and are included in Windows for WorkGroups 3.x, Windows 95, and Windows NT. They are most evident when you use the File Manager or the Windows 95 Explorer, as these allow you to connect to servers across the network. However they are also used when you open files using a UNC (universal naming convention).
Some other clients that I am aware of are:
Server implementations are available from many sources. Some that I am aware of are:
The next two sections will discuss each of the above in turn.
A workgroup is a collection of computers that each maintain their own security information. With Windows for Workgroups, each server is pretty much in share level security. Windows 95 can pass user authentication off to an NT or LAN Manager server.
However, the point of a workgroup is that security is distributed, not centralized.
A domain is a collection of computers where security is handled centrally. Each domain has one or more domain controllers. There is usually a primary domain controller and several backup domain controllers. The domain controllers maintain account style information related to users (clients), like account names, encrypted passwords, authorized hours of use, groups the user belongs to, etc.
Samba is a freely available SMB server for UNIX, OpenVMS (recently ported and maybe not very stable) developed by Andrew Tridgell and maintained by a loosely knit group of people all over the world. Samba runs on a great many UNIX variants (Linux, Solaris, SunOS, HP-UX, ULTRIX, DEC OSF/1, Digital UNIX, Dynix (Sequent), IRIX (SGI), SCO Open Server, DG-UX, UNIXWARE, AIX, BSDI, NetBSD, NEXTSTEP, A/UX, etc).
Samba implements the NT LM 0.12 protocol dialect. Samba can now participate in a domain (both as a PDC and a Member of a domain), and it can participate in browsing and can be a browse master. Samba can also process logon requests for Windows 95 systems
Samba implements user level security, but shares can be public where access is mapped to the owner etc of the share.
Microsoft Windows Servers
Microsoft has a number of SMB server implementations for the Windows range of operating systems. These are not separate products, rather, they are integral to the appropriate version of the Windows operating system. However, they can be switched off either though the Control Panel or at the command line (net stop server at DOS prompt).
It is clear from the fact that the Windows 95 and Windows NT SMB servers react differently to certain sequences of SMBs, that Microsoft do not use the same code for each of these servers (although the Windows for Workgroups and Windows 95 implementations may be derived from the same code).
Windows for Workgroups 3.11 implements the Windows for Workgroups 3.0a protocol variant, and implements share level security.
Windows 95 implements the NT LM 0.12 protocol level and implements both share and user level security.
Windows NT implements the NT LM 0.12 protocol level and implements both share and user level security.
LAN Manager and LAN Manager for UNIX (LM/X)
Microsoft and AT&T GIS ported various LAN Manager versions to the UNIX operating system. This code formed the basis of many SMB servers available for UNIX operating systems from many vendors.
Some examples are: LM/X for SCO, LM Server for HP-UX (Advanced Server/9000), etc.
The most recent version of this software seems to be LAN Manager for UNIX Version 2.2, which implements the LANMAN2.1 protocol variant.
VisionFS is a written-from-scratch SMB server from SCO. It is available for Solaris 2.x, HP-UX and SCO (both SCO OpenServer and UNIXware).
TotalNET Advanced Server
This product is from Syntax. It is a completely independently written SMB server, that was perhaps the first SMB server for UNIX. These days, it comes with additional modules providing AppleShare and NetWare serving all in the one product.
Advanced Server for UNIX
After LM/X, NCR (which used to be ATT GIS) (perhaps with help from Microsoft) ported the Windows NT SMB server code to UNIX to provide the same level of functionality as Windows NT.
PATHWORKS is the name of a product family from Digital equipment corporation. It included both servers and clients, with the servers running on:
The clients ran on DOS, Windows, Windows for Workgroups, Windows NT and Windows 95 and are explained below.
Digital's clients and server implement SMB over DECnet as well as TCP/IP and more recently, NetBEUI. The SMB over DECnet specification has never been released.
Digital's original PATHWORKS servers were for VAX/VMS and implemented the CorePlus protocol (MICROSOFT NETWORKS 1.03 dialect). This product went through several versions and culminated in version 4.2. After a time, a version was done for ULTRIX and called PATHWORKS for ULTRIX V1, the highest version of which was 1.3. Both of these product streams were internally developed.
Subsequently, Digital used the AT&T and Microsoft LAN Manager for UNIX (LM/X) code. This was released as PATHWORKS V5.0 for OpenVMS (LAN Manager) and PATHWORKS V5.0 for Digital UNIX (LAN Manager). This product implements LAN Manager for UNIX V2.2 and the highest SMB dialect that it recognizes is LANMAN2.1 (and DOS LANMAN2.1). The reason for the LAN Manager in brackets at the end of each product name is that the products also support NetWare functionality.
PATHWORKS V5 is able to participate in a Windows NT based domain, albeit only as a Backup Domain Controller or a member server.
Recently, Digital has announced PATHWORKS V6.0 for UNIX (Advanced Server), which is based on AT&T's ASU (Advanced Server for UNIX) product.
LAN Server for OS/2
This is an IBM product that seems to be derived in some way from Microsoft's LAN Manager code.
My view on these matters is that this document was written to be read.
However, I would ask that you send me email stating your intended use and requesting my permission.
Visit me at RichardSharpe.com for more info on what I am currently doing.