none
[MS-RDPESC].pdf - Smartcard cache support RRS feed

  • Question

  • Hi

    RDS smartcard redirection is supported for several years by Axel thin clients.
    Now we want to speed up the management (specially for smartcard logon) and we're investigating about the ReadCache functions.
    But there is no information in [MS-RDPESC].pdf how to announce the cache support.
    To go further we did a Netmon trace of a Win7 RDP client. And we can see the ReadCacheA/W commands sent by the server to the client.
    Why the server 'decides' to issue (or not) ReadCacheA/W commands.
    We noticed the following differences between the Win7 network trace and our thin client trace:
    - 8-byte handles are returned by the Win7 EstablishContext command (it was before a 4-byte handle). Is it important?
    - At the very beginning a GetDeviceTypeID command (0x00090108) is sent to the Win7 client. Nver seen that before. Is it connect with the 8-byte context handle?

    Note: These two Network traces (Win7 and Axel) are available if needed.

    So could you explain how to negotiate the smartcard cache support?

    Thank you

    Vincent

    Tuesday, August 9, 2016 3:53 PM

Answers

  • UPDATE PROVIDED.

    MS-RDPESC will be updated to show the supported protocol versions SCREDIR_VERSION_WINDOWS_8, SCREDIR_VERSION_LONGHORN and SCREDIR_VERSION_XP.

    In order to improve the performance of smart card management, support for protocol version SCREDIR_VERSION_LONGHORN is required. 

    SCREDIR_VERSION_WINDOWS_8 adds support for SCARD_IOCTL_GETREADERICON and SCARD_IOCTL_GETDEVICETYPEID. 

    SCREDIR_VERSION_LONGHORN adds support for SCARD_IOCTL_GETTRANSMITCOUNT, SCARD_IOCTL_READCACHEW, SCARD_IOCTL_READCACHEA, SCARD_IOCTL_WRITECACHEW, and SCARD_IOCTL_WRITECACHEA.

    SCREDIR_VERSION_XP is the minimum and supports all other RDPESC IOCTLs.

    Moving from SCREDIR_VERSION_XP to SCREDIR_VERSION_LONGHORN allows the server to make use of smart card cache and helps improve the performance significantly. When supporting SCREDIR_VERSION_WINDOWS_8, SCARD_IOCTL_GETREADERICON helps in retrieving icons which denote difference between physical and virtual cards. So this is just for improving user experience. Similarly SCARD_IOCTL_GETDEVICETYPEID denotes the difference between physical cards, virtual cards, and Windows Hello.

    Various smart card related IOCTLs supported can be mapped to an SCard* API call, which can help determine its purpose and use. For example, SCARD_IOCTL_GETREADERICON corresponds to SCardGetReaderIcon(), which is documented at https://msdn.microsoft.com/en-us/library/windows/desktop/hh448501(v=vs.85).aspx. The PC/SC interface documented at http://www.pcscworkgroup.com/specifications/specdownload.php also provides some details.

    Regards,
    Sreekanth Nadendla
    Microsoft Windows Open Specifications

    Thursday, September 29, 2016 6:36 PM
    Moderator

All replies

  • Hello Vincent
                     Thank you for your inquiry about RDP protocols. We have created an incident for investigating this issue. One of the Open specifications team member will contact you shortly.

    Regards.


    Tarun Chopra | Escalation Engineer | Open Specifications Support Team

    Tuesday, August 9, 2016 5:22 PM
  • Hello Vincent, I will be assisting you on this issue. Would you be able to share the network traces by sending email to dochelp at microsoft dot com ?

    Regards,
    Sreekanth Nadendla
    Microsoft Windows Open specifications

    Tuesday, August 9, 2016 9:29 PM
    Moderator
  • Hello

    Traces had been sent.

    Thank you for your hep

    Vincent

    Wednesday, August 10, 2016 7:09 AM
  • UPDATE PROVIDED.

    MS-RDPESC will be updated to show the supported protocol versions SCREDIR_VERSION_WINDOWS_8, SCREDIR_VERSION_LONGHORN and SCREDIR_VERSION_XP.

    In order to improve the performance of smart card management, support for protocol version SCREDIR_VERSION_LONGHORN is required. 

    SCREDIR_VERSION_WINDOWS_8 adds support for SCARD_IOCTL_GETREADERICON and SCARD_IOCTL_GETDEVICETYPEID. 

    SCREDIR_VERSION_LONGHORN adds support for SCARD_IOCTL_GETTRANSMITCOUNT, SCARD_IOCTL_READCACHEW, SCARD_IOCTL_READCACHEA, SCARD_IOCTL_WRITECACHEW, and SCARD_IOCTL_WRITECACHEA.

    SCREDIR_VERSION_XP is the minimum and supports all other RDPESC IOCTLs.

    Moving from SCREDIR_VERSION_XP to SCREDIR_VERSION_LONGHORN allows the server to make use of smart card cache and helps improve the performance significantly. When supporting SCREDIR_VERSION_WINDOWS_8, SCARD_IOCTL_GETREADERICON helps in retrieving icons which denote difference between physical and virtual cards. So this is just for improving user experience. Similarly SCARD_IOCTL_GETDEVICETYPEID denotes the difference between physical cards, virtual cards, and Windows Hello.

    Various smart card related IOCTLs supported can be mapped to an SCard* API call, which can help determine its purpose and use. For example, SCARD_IOCTL_GETREADERICON corresponds to SCardGetReaderIcon(), which is documented at https://msdn.microsoft.com/en-us/library/windows/desktop/hh448501(v=vs.85).aspx. The PC/SC interface documented at http://www.pcscworkgroup.com/specifications/specdownload.php also provides some details.

    Regards,
    Sreekanth Nadendla
    Microsoft Windows Open Specifications

    Thursday, September 29, 2016 6:36 PM
    Moderator