File and Printer Sharing

Overview

One of the key functions provided in the Microsoft Windows Server 2003 family is the ability to share files and printers. The Windows Server 2003 family provides both the Common Internet File System (CIFS), based on the Server Message Block (SMB) file and printer sharing protocol, and the Internet Printing Protocol (IPP), which allows clients to install printer drivers over their intranet or the Internet, as well as to send print jobs using IPP encapsulated in Hypertext Transfer Protocol version 1.1 (HTTP/1.1).

CIFS is an operating-system-independent protocol that evolved from the SMB and NetBIOS file- and printer-sharing mechanisms of earlier versions of Windows. The SMB protocol was created in the 1980s by IBM and later enhanced and extended by IBM, 3Com, Intel, and Microsoft. SMB is now also known by the name CIFS.

CIFS allows clients to access files and printers over their corporate LAN as well as over the Internet. Microsoft and several other vendors are jointly developing CIFS specifications, and a specification draft was submitted to the Internet Engineering Task Force (IETF) in expectation that it might be adopted as an informational RFC (this Internet draft has now expired). Copies of the early drafts of this material are contained in the Cifs folder on the companion CD-ROM.

One problem with CIFS is that there is no up-to-date formally published specification. The draft RFC documents contained in the folder were written in 1997 and have not been significantly updated since. They are largely accurate, although they are not completeand appear inaccurate in some areas. There is an active CIFS mailing list; see http://discuss.microsoft.com/archives/cifs.html for the list's archive and for instructions on how to join the list.

IPP is a method of performing printing operations across a network based on usingHTTP/1.1. With Windows Server 2003, IPP also requires the IPP server to be running Microsoft Internet Information Services (IIS) 6, which is not installed by default.

Introduction to CIFS

CIFS is a cross-platform mechanism allowing clients to request file and print services from a network server based on the widely used SMB protocol.

The SMB protocol was invented by Dr. Barry Feigenbaum of IBM's Boca Raton lab during the early Microsoft Disk Operating System (MS-DOS) days. It was extended by 3Com, IBM, Intel, and Microsoft during the mid- to late 1980s. During late 1996, Microsoftrelaunched the Microsoft Windows NT 4.0 extensions of the SMB protocol as CIFS andreleased a draft RFC. Some of the enhancements that were most visible were the addition of Andrew File System/Distributed File System (AFS/DFS), or Transarc, style referrals and the use of port 445 (to avoid reliance on the RFC 1001 NetBIOS service). To ensure compatibility between older and newer systems, the client and server negotiate which variant of the SMB protocol to use, the highest version that both client and server support.

The version of CIFS included with Windows Server 2003 remains backward-compatible with previous versions of Windows. CIFS is an open protocol, which means that all aspects of communication are publicly documented, although the documentation that is publicly available is incorrect and lacking in places.

The chief advantage that CIFS provides over file access protocols such as HTTP and File Transfer Protocol (FTP) is that it allows simultaneous read and write access to a file, as opposed to the simple file transfer capabilities provided by HTTP and FTP. CIFS supports distributed, replicated virtual volumes such as Distributed File System (Dfs), file and record locking, file change notification, read-ahead and write-behind operations, and most of the functionality typically associated only with direct connections to a corporate network. CIFS functions over any IP-based network, including the Internet.

The SMB protocol was originally based on NetBIOS as a transport protocol, running on top of TCP/IP, IPX/SPX, or NetBEUI. Using TCP/IP, a CIFS client wanting access to a file or print server would first create a TCP connection to the server (assuming that both client and server shared a compatible transport connection). Next, the client would establish a NetBIOS session over the previous transport session. The client would finally use the NetBIOS session to create and then utilize a file and print sharing session with the server. When TCP/IP is used as the transport protocol for the NetBIOS session, the client initiates the NetBIOS session over TCP, using server port 139.

With Windows Server, the file server can directly host the file and print sharing and does not require NetBIOS. A client opening a direct host connection sets up a TCP session using TCP port 445.

File and print sharing sessions can also be established and used with NetBIOS running over IPX/SPX and NetBEUI. However, details of such sessions are outside the scope of this book, which concentrates only on the use of TCP/IP.

CIFS Operation

The steps involved in CIFS file sharing can be summarized as follows:

  1. The client determines the IP address of the server and makes a connection to either TCP port 445 or TCP port 139 (if NetBIOS is being used) on the server.
  2. If the client is using NetBIOS, then a NetBIOS session is set up over the existing TCP connection.
  3. The client then negotiates the SMB dialect to use. The server chooses the most functional dialect that both client and server understand and returns a list of capabilities to the client.
  4. The client then requests a session with the server, providing some securityinformation. The exchanges relating to security will be dependent on thespecific security mechanisms in use. If the session can be created, the server responds with the User ID (UID).
  5. The client attaches to a share using the UID. The server responds with the Tree ID (TID) relating to that share.
  6. The client opens a file using the TID and UID. The server responds with a File ID (FID) to identify the open file.
  7. The client then uses the UID, TID, and FID to perform file operations onthe file.
  8. When complete, the client closes the file, closes the session, and finally closes the TCP connection, which terminates the file sharing session. If the connection has been made using NetBIOS, closing the underlying TCP connection also closes the NetBIOS session.

These steps are shown in Figure 19-1 and discussed in more detail in the following pages.

Figure 19-1: CIFS file sharing.

Name Resolution and Connection Establishment

The CIFS server registers its name with a name resolution service, using either a fully qualified domain name and the Domain Name System (DNS) or a NetBIOS name and Windows Internet Naming Service (WINS). A client wishing to connect to the CIFS server can query a DNS or WINS server to obtain the IP address of the CIFS server. Capture 19-01, included in the Captures folder on the companion CD-ROM, demonstrates the CIFS protocol. This is a trace of a client, Kapoho11, accessing a file on a share contained on the server Kapoho10.

The first step made by the client is to resolve the name to the IP address of the CIFS server. The client establishes a connection to the CIFS server using TCP port 445 (assuming direct hosting is used). If a NetBIOS-based connection is being used, the client next sets up a NetBIOS session. In the trace, NetBIOS hosting is used.

Once the basic connection is established, the CIFS client negotiates which variant of the SMB protocol is to be used. Clients and servers can understand multiple variants of the SMB protocol and need to negotiate which specific variant to use for this connection.The client performs this by issuing an SMB SESSION REQUEST message over TCP port 139 (the NetBIOS session service) or over TCP port 445 (direct hosting).

The client begins the session negotiation by sending a NEGOTIATE packet to the server. This packet contains a list of the dialects the client is able to use. Table 19-1 lists the full set of SMB dialects, with those understood by Windows Server 2003 noted.

Table 19-1: SMB Dialects

Dialect Name

Comment

PC NETWORK PROGRAM 1.0

The original MSNET SMB protocol (sometimes referred to as a"core protocol").

PCLAN1.0

Some versions of the original MSNET defined this as analternate to the core protocol name (not supported byWindows Server 2003).

MICROSOFT NETWORKS 1.03

This is used for the MS-NET 1.03 product. It defines Lock & Read, Write & Unlock, and a special version of raw read and raw write (not supported by Windows Server 2003).

MICROSOFT NETWORKS 3.0

This is the DOS LANMAN 1.0 specific protocol. It is equivalent to the LANMAN 1.0 protocol, except the server is required to map errors from the OS/2 error to an appropriate DOS error (this dialect is not supported by Windows Server 2003).

LANMAN1.0

This is the first version of the full LANMAN 1.0 protocol.

LM1.2X002

This is the first version of the full LANMAN 2.0 protocol (this dialect is not supported by Windows Server 2003).

DOS LM1.2X002

This is the DOS equivalent of the LM1.2X002 protocol. It is identical to the LM1.2X002 protocol, but the server will perform error mapping to appropriate DOS errors (this dialect is not supported by Windows Server 2003).

DOS LANMAN2.1

DOS LANMAN2.1 (this dialect is not supported byWindows Server 2003).

LANMAN2.1

OS/2 LANMAN2.1 (this dialect is not supported byWindows Server 2003).

Windows for Workgroups 3.1a

Windows for Workgroups Version 1.

NT LM 0.12

This is the latest version of the SMB protocol designed for Windows NT networking. This has special SMBs that duplicate Windows NT, Windows 2000, and Windows Server 2003 file handling semantics.

Windows Server 2003 clients and servers attempt to negotiate NT LM 0.12, which allows the server to issue parameters that specify things such as encryption key lengths, maximum message sizes, and whether the server is Dfs aware.

The server responds to the client with a NEGOTIATE packet identifying the highest dialect that both machines understand, as well as parameters specific to that dialect. Table 19-2 describes the components of a CIFS server NEGOTIATE response.

Table 19-2: Components of a CIFS Server NEGOTIATE Response

Server Response

Description

WordCount

A count of the parameter words in the packet (17 in the case of NT LM 0.12 dialect).

DialectIndex

The index of the selected dialect. For example, if the client offered six dialects, numbered 0–5, with 5 representing NT LM 0.12, the index would be 5.

SecurityMode

Security Mode of the selected dialect consists of 4 bits, as follows:

Bit 0 Set to 0 to indicate share-level security or set to 1 to indicate user-level security.

Bit 1 If set to 1 this indicates that passwords must be encrypted.

Bit 2 Set to 1 to indicate that SMB signatures are enabled.

Bit 3 Set to 1 to indicate that SMB signatures are required.

MaxMpxCount

Maximum number of pending multiplexed requests (default is 50).

MaxNumberVcs

Maximum number of virtual circuits between client and server (the default is 1).

MaxBufferSize

This is the size of the largest message that the client can transmit to the server. The default value is 4356 bytes.

MaxRawSize

Maximum raw-buffer size. This is the maximum message size that the server can send or receive for SMB_COM_WRITE_RAW or SMB_COM_READ_RAW operations. The default is 65,536 bytes.

SessionKey

The unique key identifying this session.

Capabilities

Server capabilities. These parameters are listed in Table 19-3.

SystemTimeLow

System (Universal Time Coordinate [UTC]) time of the server (low).

SystemTimeHigh

System (UTC) time of the server (high).

ServerTimeZone

Time zone of the server (minutes from UTC).

EncryptionKeyLength

Length of the encryption key.

ByteCount

Count of data bytes.

Server Guid

A globally unique identifier (GUID) uniquely identifying the server.

Security BLOB

An opaque security object.

By returning a list of its capabilities, the server informs the client which operations might or might not be performed at the client's request. Table 19-3 lists the bit definitions of the server's capabilities.

Table 19-3: Bit Definitions of Server Capabilities

Capability

Encoding

Description

CAP_RAW_MODE

0x0001

The server supports SMB_COM_READ_RAW and SMB_COM_WRITE_RAW.

CAP_MPX_MODE

0x0002

The server supports SMB_COM_READ_MPX and SMB_COM_WRITE_MPX.

CAP_UNICODE

0x0004

The server supports Unicode strings.

CAP_LARGE_FILES

0x0008

The server supports large files with 64-bit offsets.

CAP_NT_SMBS

0x0010

The server supports the SMBs particular to the NT LM 0.12 dialect.

CAP_RPC_REMOTE_APIS

0x0020

The server supports remote application program- ming interface (API) requests using remote procedure calls (RPCs).

CAP_STATUS32

0x0040

The server can respond with 32-bit status codes.

CAP_LEVEL_II_OPLOCKS

0x0080

The server supports level 2 oplocks.

CAP_LOCK_AND_READ

0x0100

The server supports the SMB_COM_LOCK_AND_READ SMB.

CAP_NT_FIND

0x0200

The server supports NT Find.

CAP_DFS

0x1000

The server is Dfs-aware.

CAP_LARGE_READX

0x4000

The server supports SMB_COM_READ_ANDX requests that exceed the negotiated buffer size.

Once the CIFS client receives a NEGOTIATE PROTOCOL response, it completes the session negotiation by issuing a SESSION SETUP ANDX SMB to the server. Table 19-4 describes the components of a SESSION SETUP ANDX SMB.

Table 19-4: Components of a SESSION SETUP ANDX SMB

Client Request

Description

Word Count

A count of the parameter words in the packet (17 in the case of NT LM 0.12 dialect)

AndXCommand

Secondary (X) command; set to 0xFF = none

Reserved

Two octets, set to 0x0000

AndXOffset

Offset to next command WordCount

Max Buffer

Maximum buffer at the client

Max MPX Count

Actual maximum multiplexed pending requests

VC Number

0 = first (only), nonzero = additional VC number

Session Key

Session key

Security Blob Length

Length of opaque security blob

Reserved

Four octets set to 0x000000

Capabilities

Client capabilities

ByteCount

Count of data bytes; minimum = 0

SecurityBlob

The opaque security blob

NativeOS

Client's native operating system in Unicode

NativeLanMan

Client's native LAN Manager type in Unicode

The CIFS server then responds with a SESSION SETUP ANDX response message. This message contains a UID to the client session. Additional sessions can be set up over the same connection without prompting the user for a password. CIFS can use any authentication supported by client and server, including Windows 2000 or Windows Server 2003 Kerberos authentication mechanisms.

The connection between client and server in an SMB session is called a virtual circuit (VC), which is formed over the transport service, typically TCP. Within a VC, the server assigns a TID that provides a unique identifier for each file sharing session and defines the types of access allowed over that connection. A process ID (PID) identifies the process environment for that session, and an FID is assigned to each file opened during the session. If a VC is closed, all environments within the VC (TID, PID, FID) are also closed. However, the closing of a single FID might not result in the closing of the VC, as multiple operations can be requested over a single VC.

Session Operations

Once a session has been established, a client can request four basic sets of operations against the file server:

Session Disconnection

When a client wishes to disconnect its session to a CIFS server, it follows a teardown process that is essentially the reverse of the session-establishment process. Any open files are closed and their associated FIDs and PIDs then can be disconnected. The TID is disconnected and the user logs off, which results in the server discarding that client's UID. If the client should reconnect, the user is again prompted for credentials because the UID assigned during the last session no longer exists.

Connection Management

CIFS provides mechanisms that allow for efficient disconnections when a client and server have completed all session traffic or when a connection is lost or malfunctioning. A client can issue a connection request only once to a CIFS server in any given session. If the CIFS server receives another connection request from a client with whom it already has an established session, the server disconnects the original session with the client to help ensure that a client that was unexpectedly disconnected from its session can effectively establish another session with the server. If a client is generating malformed or illegal requests to the CIFS server, the server can issue an error to the client and then disconnect the session, again potentially allowing the client to correct the problem and reconnect. A server can also disconnect a session with a client in the case of hard transport errors or if the client has been inactive for a long period of time and the server needs the connection.

File and Printer Access

After a client has established an SMB session with a CIFS server, the client can begin requesting files by issuing open SMBs to the server for the files it wishes to access. A file can be opened for read access, write access, or both. Accessing a printer is accomplished using a read request to the printer. Printing is accomplished using a write request to the printer.

Distributed File System Operations

Any client and CIFS server that supports dialects NT LM 0.12 and later supports Dfs operations. Using Dfs, the CIFS server can represent multiple shares on multiple servers in a single namespace that appears to the client to be located on a single server. The CIFS server can redirect the client software to another location on the network to access a resource, but the client will believe the resource is local to the server with which it originally negotiated a connection.

When a client wants to access a file that is contained in a Dfs share, it will issue a normal set of SMBs, because the client is not initially aware that part of a file path represents a Dfs share. The client sets a flag in the request SMB header indicating that the client wants the server to resolve this SMB's paths within the Dfs known to the server. The server then attempts to resolve the requested name to a file contained within the local directory tree indicated by the TID of the request. If this succeeds, then processing proceeds normally. If, however, the request path name resolves to a file on a different system, the server returns the error STATUS_DFS_PATH_NOT_COVERED. This indicates that the server does not support the part of the Dfs namespace needed to resolve the path name in the request. The client should request a referral from this server for further information.

The client can then ask for a referral using the TRANS2_DFS_GET_REFERRAL request containing the Dfs path name of interest. The response from the server indicates the server and share that the Dfs client should now attempt to access.

Read-Ahead and Write-Behind

To improve performance, CIFS supports read-ahead and write-behind operations. Read-ahead allows a client to cache read data locally so that it does not have to incur traffic over its connection to the server to obtain the next block of data it wants to read. Write-behind allows a client to perform and cache write operations on a file that then can be uploaded to the server, rather than having to submit each read/write operation separately.

Files on the server can also be called locked or unlocked. An unlocked file is a file to which no client has been granted exclusive access for either read or write purposes. CIFS supports caching, read-ahead, and write-behind, even for unlocked files, because the files are said to be "safe" as long as no client is actively writing to the file. If a client wants to write to a file, it must either submit the write data to the server for the server to write, or it can request a lock from the server.

Opportunistic Locks

When a client is actively writing to a file on the server, it can be more efficient for the client to locally buffer its data and submit it as a batched request. However, this increases the possibility that the same file might be opened by another client and data might also be written by that client. To help a client increase the efficiency of its data buffering, CIFS allows for opportunistic locks (referred to as oplocks), which allow the client to "lock" the file, or part of a file, so that it can't be written to simultaneously by another client. The following are three types of oplocks used in CIFS:

Introduction to Internet Printing

Internet printing in the Windows Server 2003 family allows you to install, use, and monitor a printer over an internet. This can, but probably will not include the Internet and might include using a corporate intranet. Using IPP, you can install a printer using a Web browser or the Add Printer Wizard, but you can specify a Uniform Resource Locator (URL) or IP address instead of a Universal Naming Convention (UNC) path to the printer. When submitting a print request, the user can then use the installed printer interface to print directly to the URL. The print server must, however, be running IIS to accept these print requests. Because the print server uses the HTTP functionality of IIS, it can return information regarding the print job in browser-ready format. The underlying protocol that allows Internet printing to function is the IPP, which is sent encapsulated in an HTTP/1.1 request to the print server. The implementation of IPP in the Windows Server 2003 family is unchanged, functionally, from IPP in Windows 2000.

IPP Operation

IPP is defined in the following RFCs:

IPP presents a very simplified model of printing that can be implemented on top of a variety of architectures. IPP defines two principal objects as the basis for Internet printing: a printer and a job. The printer object is the server-side component of the IPP protocol. In the Windows Server 2003 family, the IPP printer can be any printer that is installed on a computer running IIS. IPP also requires an underlying directory that can be used to store and retrieve definitions of IPP printers. However, the printer object shouldn't be confused with the output device. The output device is the physical device, which can be a simple printer, fax printer, or software, such as desktop publishing programs, document archive software, or a CD writer. The physical output device does not need to be IPP-aware or IPP-compliant as long as the printer object (the IPP server) handles the IPP.

With the Windows Server 2003 family, a user can query the Active Directory service to locate a printer object based on a printer's attributes, such as its location or capabilities. When a user sends a document for printing using IPP, the client computer submits the document as a print job, which contains a listing of the document's print attributes. The print submission is sent to the printer object, which validates the submission's attributes and creates a new job object. The newly created job object can then be queried. This facilitates reporting on print status and errors.

An IPP client is a computer running an HTTP/1.1-compatible browser, such as Microsoft Internet Explorer, and an installed printer software interface representing the print object. The user at the client computer installs the printer by entering its URL or IP address in either a Web browser or the Add Printer Wizard. After the printer has been added on the client computer, the user can submit print jobs from any application as if the printer were a network printer. When you try to print from a Windows Server 2003 client, theclient attempts to use normal SMB print sharing before using IPP.

When you are printing, the client IPP software processes the print job in the appropriate format for the printer object. The IPP client then submits the job as an encapsulated HTTP/1.1 request to the printer object, which might be a print server or the actual output device. RFC 2566 specifies three different scenarios for setup of the printer objects and output devices. Figures 19-2, 19-3, and 19-4 diagram each of these scenarios.

Hosted Printing

In hosted printing, the IPP client sends a print job to the printer object, which is represented in Active Directory. The client locates the printer object by querying Active Directory for printers that are capable of specific functionality. However, queries for dynamic information, such as job status and queue length, are submitted to the printer object itself. The printer object in this scenario, as shown in Figure 19-2, is a print server running the IPP service (IIS, for example). The output device is a physical print device or software application that can be installed directly on the print server network. The output device does not need to support any IPP functionality, because the printer object, in this case the IIS server, performs all processing related to IPP and sends the job to the output device as it would any locally submitted print job. The printer object is also responsible for providing status monitoring and notification functionality to the requesting client using HTTP/1.1, which is why the server must be running IIS to serve as an IPP printer object.

Figure 19-2: IPP hosted printing.

Fan Out Printing

Fan out printing is very similar to hosted printing, except that the print object can transparently direct the print job to any of a number of physical output devices (as shown in Figure 19-3). These devices can be physical print devices, fax printers, or software on the local computer or another computer on the network. As with hosted printing, the output device does not need to use IPP, because the IPP server or printer object handles that functionality. Client queries relating to job status are submitted to the printer object, not to the output devices.

Figure 19-3: IPP fan out printing.

Embedded Printing

In embedded printing, the printer object and the output device are the same entity, and might or might not be represented in Active Directory. Unlike hosted and fan out printing, there is no intermediary server acting as the print object and print server for the output device (as shown in Figure 19-4). Embedded printing requires that the output device be capable of receiving and processing IPP client requests, as well as returning information to the client over HTTP. Therefore, this implementation requires additional functionality on the part of the output device, which is already provided by some printer vendors.

Figure 19-4: IPP embedded printing.

IPP Specifications

IPP structure and semantics are defined in a series of RFCs, as noted earlier in this chapter. The IPP specifications define two layers to the protocol: transport and operation. The transport layer of the protocol consists of HTTP/1.1 requests and responses, defined in Chapter 21, "Internet Information Services (IIS) and the Internet Protocols." The operation layer is a message body embedded in the HTTP/1.1 requests and responses. Each request or response message contains a sequence of attributes that describe the capabilities and characteristics of the objects involved in the printing operation. These object attributes are as follows:

IPP Request Response Mechanisms

IPP operations are passed between client and server as a series of HTTP/1.1 request and response messages. When a client submits a print request to a print object (IPP server), the client sends a request message to the printer object URI. This message contains operation attributes, object attributes, and the document to be printed. Each request message is followed by a response message from the IPP server. The response message contains a code indicating the success or failure of the requested operation, as well as operation attributes, object attributes, and status messages that the server generated.

After the server has accepted the print request and created a job object with its own URI, the client can request the addition of further documents to the same job object. Although a printer is not required to support job objects that contain more than one document, allowing the submission of multiple documents to a single job object increases printing efficiency and allows print requests to be "batched." Because each job object can be queried, the client can use a single job URI to obtain status reports on multiple documents if the server supports this mechanism.

Each operation request issued by the IPP client must contain a Version-Number, an Operation-ID, a Request-ID, and any attributes required by the specific request type. Each server response message must contain a Version-Number, a Status-Code, the Request-ID that the client issued, and any attributes that are specific to that request type. Figure 19-5 illustrates the format for these requests and responses.

Figure 19-5: Request/Response format.

As Figure 19-5 demonstrates, the Version-Number is the version identifier for the request/response sequence. The Operation-ID is used in a request message to specify what operation the client wants to request of the print object, and the Status-ID is sent in the server's response message to indicate whether that operation was successfully received and processed. The Request-ID is used to assign a number to the request for tracking purposes. The 1-byte Attributes field identifies the type of attributes being sent in this request or response message (printer, job, operation, or unsupported), and the variable-length Attributes sequence lists the attributes particular to that type. The end of theAttributes sequence is indicated by a 1-byte End-Of-Attributes tag, and the remaining bytes might or might not consist of the actual print data being sent.

Operations

An IPP client requests submission of a print job by sending an HTTP Request message containing an operation request and attributes to the printer's URI. The printer uses the information provided by the client to construct a new job object, the URI of which is then passed back to the client so that the client can use it for purposes of querying or adding to the job. IPP version 1 defines certain operations, listed in Table 19-5, which can be requested of a printer or a job.

Table 19-5: IPP Operations

Operation

Type (Printer or Job)

Description

Print-Job

Printer

Required. Allows a client to submit a print job and supply the document data, which is not considered a separate rate object and therefore has no attributes of its own. Includes the operation attributes, character set and natural language attributes, and printer URI.

Print-URI

Printer

Identical to a Print-Job operation except that the client supplies a job URI reference to the print data as opposed to submitting the data itself. The printer then validates the job URI before responding to the client.

Validate-Job

Printer

Required. Similar to a Print-Job operation except that no data is supplied in the request/response process. The client uses it to verify that a print job submitted to this printer would be accepted and processed.

Create-Job

Printer

Similar to Print-Job, except that the client sends no document data in the operation, but issues attributes for multiple print requests to submit them to a single job object.

Get-Printer-Attributes

Printer

Required. Allows the client to request printer attributes to determine the capabilities of the printer.

Get-Jobs

Printer

Required. Allows the client to request a list of job objects owned by the printer object.

Send-Document

Job

Allows the client to send a multidocument job object request, so that multiple requests can be submitted under a single job.

Send-URI

Job

Identical to the Send-Document operation, except that the client supplies a document URI operation attribute rather than the document data itself.

Cancel-Job

Job

Required. Allows a client to request cancellation of a print job.

Get-Job

Job

Required. Allows a client to request the attributes of the Attributes job object identified in the message.

Each of these operations can be sent as part of either a request or response message between IPP client and printer. Each operation includes attributes that identify the details of the request or response. Printer attributes can be sent as part of a printer operation message, and job object attributes can be sent as part of a job operation.

Attributes

Attributes are extensible characteristics or properties of any object in IPP, such as printer objects, job objects, and operations. Attribute specifications include the name of theattribute, followed by its syntax in parentheses. Tables 19-6, 19-7, 19-8, and 19-9 describe these attributes.

Table 19-6: IPP Operation Attributes

Attribute

Description

Attributes-charset

Required. Must be supplied as the first attribute in any request or response to define the character set that the client or the IPP server uses.

Attributes-natural-language

Required. Must be supplied as the second attribute in any request or response message to define the natural language that the client or IPP server uses.

Table 19-7: IPP Job Template Attributes

Attribute

Description

Job-priority (integer (1:100))

Priority for job scheduling; 1 is the lowest priority and100 is the highest.

Job-hold-until (type3 keyword | name (MAX))

Named time frame during which the job must become eligible for printing; values include the following: no-hold(immediately); day-time (during the day); evening(evening); night (night); weekend (weekend); second- shift (after close of business); third-shift (after midnight); and indefinite.

Job-sheets (type3 keyword | name (MAX))

Job start/end sheets that must be printed with the job (if any). Keyword values: none (no job sheet printed); standard (site-specific standard sheets are printed, administrator-defined values).

Multiple-document handling (type2 keyword)

If a job consists of more than one document, this controls the placement of pages onto media sheets (such as large sheets of paper used in commercial printing). Keywords: single-document (multiple documents must be treated as a single media sheet); separate-documents-uncollated- copies (each document is treated as a single, noncollated media sheet); separate-documents-collated-copies (each document is treated as a single media sheet and the media sheets are collated); single-document-new-sheet(each document instance in the job must be forced onto a new sheet).

Copies (integer (1:MAX))

Number of copies to be printed, ranging from 1 through the maximum number supported by the output device(such as number of collation trays for collated copies, or the maximum number of noncollated copies allowed by the output device).

Finishings (1setOf type2 enum)

Identifies the finishing operations used for each copy of each document in the job. Enum values: 3 = no finishing; 4 = staple; 5 = punch; 6 = cover (used to specify a cover sheet); 7 = bind (specifies site-defined binding operations).

Page-ranges (1setOf

Range of pages to be printed for a document. A page rangerangeOfInteger (1:MAX)) of 1:5, 24:24 would specify pages 1–5 and page 24 should be printed.

Page-ranges-supported (Boolean)

Indicates whether the printer supports printing of ranges(0 = No, 1 = Yes).

Sides (type2 keyword)

Specifies whether printing is one-sided or two-sided. Keyword values: one-sided; two-sided-long-edge; duplex or head-to-head; two-sided-short-edge.

Number-up (integer (1:MAX))

Number of pages to place on a single side of the selected medium.

Orientation-requested

Page orientation, such as portrait, landscape, reverse (type2 enum) landscape, or reverse portrait (used in commercial printing).

Media (type3

Media type used by the printer, such as paper type,keyword | name (MAX)) paper size, paper tray, or electronic form.

Printer-resolution (resolution)

The resolution used by the printer for the job.

Print-quality (type2 enum)

Print quality used by the printer for the job. Enum values: 3 = draft; 4 = normal; 5 = high.

Table 19-8: IPP Job Description Attributes

Attribute

Description

Job-uri (URI)

Required. The URI for this print job.

Job-id (integer (1:MAX))

Required. Job ID generated by the print object on receipt of a new job and returned to the requesting client for identification purposes.

Job-printer-uri (URI)

Required. Identifies the printer object that created the job object.

Job-more-info (URI)

Contains the URI referencing a resource that has more infor mation about the job object (such as a Hypertext Markup - Language [HTML] page listing job status information).

Job-name (name (MAX))

Required. User-friendly name assigned to the print job. Generated by the print object and returned to the client.

Job-originating-user-name

Required. Name of the user who submitted the print job. (name (MAX)) Can be used for authentication purposes in access-controlled print environments.

Job-state (type1 enum)

Required. Identifies the current job state. Values: 3 = pending; 4 = pending-held; 5 = processing; 6 = processing-stopped; 7 = canceled; 8 = aborted; 9 = completed.

Job-state-reasons

Provides additional information about the job-state attribute,(1setOf type2 keyword) such as none, job-incoming, submission-interrupted, job-outgoing, and so forth.

Job-state-message (text (MAX))

Job-state and job-state-reasons information provided in friendly message format.

Number-of-documents

Indicates the number of documents in the job.(integer (0:MAX))

Output-device-assigned

Identifies the output device to which the printer object (name (127)) assigned the print job. If this is an embedded printer object, this attribute is unnecessary.

Time at creation.(integer (0:MAX))

Time at which the job object was created

Time at processing.(integer (0:MAX))

Time at which the job object began processing

Time at completed(integer (0:MAX))

Time at which the job object was completed, canceled or aborted.

Number-of-intervening jobs.(integer (0:MAX))

The number of jobs "ahead" of this job in the queue

Job message from operator(text (127))

Message sent to the client from an operator or administrator of the printer.

Job-k octets (integer (0:MAX))

Total size in k octets (units of 1024 octets, or kilobytes) of the document.

Job impressions(integer (0:MAX))

Total size of the document in number of impressions (pagesas chosen by the client, such as letter or legal).

Job media sheets.(integer (0:MAX))

Total number of media sheets to be produced for the job

Job k octets processed.(integer (0:MAX))

The total number of k octets processed so far

Job impressions completed(integer (0:MAX))

Number of impressions completed, which includes interpreting, marking, and stacking the output, and both sides of the impression.

Job media sheetscompleted(integer (0:MAX))

The media sheets completed for the job, whether both sidesof the sheet have been processed or not.

Attributes charset (charset)

Required. Identifies the character set used in the job.

Attributes natural language(English,(naturalLanguage)

Required. Identifies the natural language of the job French, and so forth).

Table 19-9: IPP Printer Description Attributes

Attribute

Description

Printer-uri-supported

Required. Contains one or more URIs used to submit print (1setOf uri) jobs to this print object. Multiple URIs allow the print object to be represented as multiple objects in a directory service, but represent a single IPP server.

Uri-security-supported(1setOf type2 keyword)

Required. Identifies the security mechanisms for each of the URIs that identify a printer object (such as none or SSL3).

Printer-name (name (127))

Required. Friendly name of the printer object.

Printer-location (text (127))

Friendly text identifying the location of the printer.

Printer-info (text (127))

Friendly description of the printer.

Printer-more-info (URI)

Specifies a URI where more information about the printer can be obtained, such as an HTML page listing the printer's capabilities.

Printer-driver-installer (URI)

URI used to locate the driver installer for the printer object.

Printer-make-and-model.(text (127))

The make and model of the printer object

Printer-more-info-manufacturer.(URI)

Manufacturer's information about this printer

Printer-state (type1 enum)

Required. Identifies whether the printer is idle, pending, processing, or stopped.

Printer-state-reasons

Provides more information about the reported state of the(1setOf type2 keyword) printer, such as paused or shutdown.

Printer-state-message.(text (MAX))

Friendly message that represents the printer state to the user

Operations-supported(1setOf type2 enum)

Required. Operations that are supported by the printer for itsjob objects.

Charset-configured (charset)

Required. The configured character set of the printer.

Charset-supported(1setOf charset)

Required. A list of character sets supported by the printer.

Natural-language-configured(naturalLanguage)

Required. The configured natural language of the printer.

Generated-natural-language- supported (1setOf printer.naturalLanguage108)

Required. A list of natural languages supported by the

Document-format-default(mimeMediaType)

Required. The default document format that the printer assumes if the client does not specify a particular format.

Document-format-supported(1setOf mimeMediaType)

Required. MIME media types supported by the printer.

Printer-is-accepting-jobs(Boolean)

Required. I ndicates whether the printer is currently accepting job requests.

Queued-job-count(integer (0:MAX))

Recommended. The number of jobs in the print queue for this printer object.

Printer-message-from-operator

Text sent from an administrator or operator to the client.(text (127))

Color-supported (Boolean)

Indicates whether the printer is capable of color printing.

Reference-uri-schemes- supported (1setOf uriScheme)

List of URI schemes that the printer can accept jobs from, such as FTP and HTTP.

Pdl-override-supported of (type2 keyword)

Required. Specifies whether the printer object is capable overriding document defaults as supplied by the application that requested the print job with IPP settings.

Printer up time(integer (1:MAX))

Required. Amount of time, in seconds, that the printer hasbeen up and running.

Printer current time (dateTime)

The current date and time where the printer is located.

Multiple operation time out (integer (1:MAX))

Maximum time, in seconds, that the printer waits for additional instructions on a multidocument job before taking recovery action.

Compression supported (1setOf type3 keyword)

Printer supported HTTP compression types, such as none, gzip, deflate, and compress.

Job k octets supported(rangeOfInteger (0:MAX))

Upper and lower boundaries of k octets that the printer can accept in a single job.

Job impressions supported(rangeOfInteger (0:MAX))

Upper and lower bounds for the number of impressions per job.

Job media sheets supported(rangeOfInteger (0:MAX))

Upper and lower bounds of the number of media sheets supported per job.

Internet Printing Security

Because a printer object can be represented by more than one URI, an administrator has very flexible control options. For example, a printer can be represented by one URI that accepts unsecured HTTP connections and another URI that only accepts Secure Sockets Layer (SSL) connections. The printer administrator can grant specific permissions to each of the URIs, thereby permitting some clients to print over an unsecured connection and forcing others to print only over a secured connection. Additionally, because the printer object can be published in Active Directory, all Windows 2000 security mechanisms can be applied to the printer. Although IPP provides mechanisms for printing using HTTP, it does not provide full file-sharing functionality; CIFS provides that functionality.

Summary

CIFS enables platform-independent file and printing sharing sessions to be established between a client and a server over the Internet or an intranet. CIFS clients use these connections to access file and print resources including Dfs. IPP can extend the functionality and ease of printing in the Windows Server 2003 family. Using IPP, installing and using a printer can be as simple as typing a URL into a Web browser. The IPP functions of IIS also allow you to query individual printers and to view and manage the printer queue using an Internet browser.

Категории