14.3 The SESSION SETUP ANDX RESPONSE SMB

14.3 The SESSION SETUP ANDX RESPONSE SMB

The SESSION SETUP ANDX RESPONSE SMB structure is described in Section 4.1.2 of the SNIA doc.

In the NT LM 0.12 dialect , there are two versions of the SESSION SETUP ANDX RESPONSE message. They differ , of course, based on whether or not Extended Security is in use. In the Extended Security version the Parameter block has a SecurityBlobLength field, and there is an associated SecurityBlob within the Data block. These two fields are missing from the non-Extended Security version. Other than that, the two are the same.

The SESSION SETUP ANDX RESPONSE message also has an interesting little bitfield called SMB_PARAMETERS.Action . Only the low-order bit (bit 0) of this field is defined. If set, it indicates that the username was not recognized by the server (that is, authentication failed no such user ) but the logon is being allowed to succeed anyway.

That's rather odd, eh?

What it means is this: If the username (in the AccountName field) is not recognized, the server may choose to grant anonymous or guest authorization instead. Anonymous access typically provides only very limited access to the server. For example, it may allow the use of a limited set of RAP function calls such as those used for querying the Browse Service.

So, the Action bit is used to indicate that the logon attempt failed, but anonymous access was granted instead. No error code will be returned in this case, so the Action bit is the only indication to the client that the rules have changed. Server-side support for this behavior is optional.