Introduction - Microsoft



[MS-DSCPM]: Desired State Configuration Pull Model ProtocolIntellectual Property Rights Notice for Open Specifications DocumentationTechnical Documentation. Microsoft publishes Open Specifications documentation for protocols, file formats, languages, standards as well as overviews of the interaction among each of these technologies. Copyrights. This documentation is covered by Microsoft copyrights. Regardless of any other terms that are contained in the terms of use for the Microsoft website that hosts this documentation, you may make copies of it in order to develop implementations of the technologies described in the Open Specifications and may distribute portions of it in your implementations using these technologies or your documentation as necessary to properly document the implementation. You may also distribute in your implementation, with or without modification, any schema, IDL's, or code samples that are included in the documentation. This permission also applies to any documents that are referenced in the Open Specifications. No Trade Secrets. Microsoft does not claim any trade secret rights in this documentation. Patents. Microsoft has patents that may cover your implementations of the technologies described in the Open Specifications. Neither this notice nor Microsoft's delivery of the documentation grants any licenses under those or any other Microsoft patents. However, a given Open Specification may be covered by Microsoft Open Specification Promise or the Community Promise. If you would prefer a written license, or if the technologies described in the Open Specifications are not covered by the Open Specifications Promise or Community Promise, as applicable, patent licenses are available by contacting iplg@. Trademarks. The names of companies and products contained in this documentation may be covered by trademarks or similar intellectual property rights. This notice does not grant any licenses under those rights. For a list of Microsoft trademarks, visit trademarks. Fictitious Names. The example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted in this documentation are fictitious. No association with any real company, organization, product, domain name, email address, logo, person, place, or event is intended or should be inferred.Reservation of Rights. All other rights are reserved, and this notice does not grant any rights other than specifically described above, whether by implication, estoppel, or otherwise. Tools. The Open Specifications do not require the use of Microsoft programming tools or programming environments in order for you to develop an implementation. If you have access to Microsoft programming tools and environments you are free to take advantage of them. Certain Open Specifications are intended for use in conjunction with publicly available standard specifications and network programming art, and assumes that the reader either is familiar with the aforementioned material or has immediate access to it.Revision SummaryDateRevision HistoryRevision ClassComments8/8/20131.0NewReleased new document.11/14/20132.0MajorUpdated and revised the technical content.2/13/20142.1MinorClarified the meaning of the technical content.5/15/20142.1NoneNo changes to the meaning, language, or formatting of the technical content.6/30/20153.0MajorSignificantly changed the technical content.Table of ContentsTOC \o "1-9" \h \z1Introduction PAGEREF _Toc423368278 \h 51.1Glossary PAGEREF _Toc423368279 \h 51.2References PAGEREF _Toc423368280 \h 61.2.1Normative References PAGEREF _Toc423368281 \h 61.2.2Informative References PAGEREF _Toc423368282 \h 61.3Overview PAGEREF _Toc423368283 \h 61.4Relationship to Other Protocols PAGEREF _Toc423368284 \h 61.5Prerequisites/Preconditions PAGEREF _Toc423368285 \h 71.6Applicability Statement PAGEREF _Toc423368286 \h 71.7Vendor-Extensible Fields PAGEREF _Toc423368287 \h 71.8Standards Assignments PAGEREF _Toc423368288 \h 72Messages PAGEREF _Toc423368289 \h 82.1Transport PAGEREF _Toc423368290 \h 82.2Common Data Types PAGEREF _Toc423368291 \h 82.2.1Namespaces PAGEREF _Toc423368292 \h 82.2.2HTTP Headers PAGEREF _Toc423368293 \h 82.2.2.1Content-Type PAGEREF _Toc423368294 \h 82.2.2.1.1Application/octet-stream PAGEREF _Toc423368295 \h 92.2.2.1.2Application/json PAGEREF _Toc423368296 \h 92.2.2.2Checksum PAGEREF _Toc423368297 \h 92.2.2.3ChecksumAlgorithm PAGEREF _Toc423368298 \h 92.2.2.4ConfigurationName PAGEREF _Toc423368299 \h 92.2.3Common URI Parameters PAGEREF _Toc423368300 \h 102.2.3.1ConfigurationId PAGEREF _Toc423368301 \h 102.2.3.2ModuleName PAGEREF _Toc423368302 \h 102.2.3.3ModuleVersion PAGEREF _Toc423368303 \h 103Protocol Details PAGEREF _Toc423368304 \h 113.1GetConfiguration Details PAGEREF _Toc423368305 \h 113.1.1Abstract Data Model PAGEREF _Toc423368306 \h 113.1.2Timers PAGEREF _Toc423368307 \h 113.1.3Initialization PAGEREF _Toc423368308 \h 113.1.4Higher-Layer Triggered Events PAGEREF _Toc423368309 \h 113.1.5Message Processing Events and Sequencing Rules PAGEREF _Toc423368310 \h 113.1.5.1Action(ConfigurationId={ConfigurationId})/ConfigurationContent PAGEREF _Toc423368311 \h 123.1.5.2GET PAGEREF _Toc423368312 \h 123.1.5.2.1Request Body PAGEREF _Toc423368313 \h 133.1.5.2.2Response Body PAGEREF _Toc423368314 \h 133.1.5.2.3Processing Details PAGEREF _Toc423368315 \h 133.1.6Timer Events PAGEREF _Toc423368316 \h 143.1.7Other Local Events PAGEREF _Toc423368317 \h 143.2GetModule Details PAGEREF _Toc423368318 \h 143.2.1Abstract Data Model PAGEREF _Toc423368319 \h 143.2.2Timers PAGEREF _Toc423368320 \h 143.2.3Initialization PAGEREF _Toc423368321 \h 143.2.4Higher-Layer Triggered Events PAGEREF _Toc423368322 \h 143.2.5Message Processing Events and Sequencing Rules PAGEREF _Toc423368323 \h 143.2.5.1Module(ConfigurationId={ConfigurationId},ModuleName={moduleName},ModuleVersion={moduleVersion})/ModuleContent PAGEREF _Toc423368324 \h 153.2.5.1.1GET PAGEREF _Toc423368325 \h 153.2.5.1.1.1Request Body PAGEREF _Toc423368326 \h 163.2.5.1.1.2Response Body PAGEREF _Toc423368327 \h 163.2.5.1.1.3Processing Details PAGEREF _Toc423368328 \h 163.2.6Timer Events PAGEREF _Toc423368329 \h 173.2.7Other Local Events PAGEREF _Toc423368330 \h 173.3GetAction Details PAGEREF _Toc423368331 \h 173.3.1Abstract Data Model PAGEREF _Toc423368332 \h 173.3.2Timers PAGEREF _Toc423368333 \h 173.3.3Initialization PAGEREF _Toc423368334 \h 173.3.4Higher-Layer Triggered Events PAGEREF _Toc423368335 \h 173.3.5Message Processing Events and Sequencing Rules PAGEREF _Toc423368336 \h 173.3.5.1Action(ConfigurationId={ConfigurationId})/GetAction PAGEREF _Toc423368337 \h 173.3.5.1.1POST PAGEREF _Toc423368338 \h 183.3.5.1.1.1Request Body PAGEREF _Toc423368339 \h 193.3.5.1.1.2Response Body PAGEREF _Toc423368340 \h 193.3.5.1.1.3Processing Details PAGEREF _Toc423368341 \h 193.3.6Timer Events PAGEREF _Toc423368342 \h 193.3.7Other Local Events PAGEREF _Toc423368343 \h 193.4SendStatusReport Details PAGEREF _Toc423368344 \h 193.4.1Abstract Data Model PAGEREF _Toc423368345 \h 193.4.2Timers PAGEREF _Toc423368346 \h 203.4.3Initialization PAGEREF _Toc423368347 \h 203.4.4Higher-Layer Triggered Events PAGEREF _Toc423368348 \h 203.4.5Message Processing Events and Sequencing Rules PAGEREF _Toc423368349 \h 203.4.5.1Nodes(ConfigurationID={ConfigurationId})/SendStatusReport PAGEREF _Toc423368350 \h 203.4.5.1.1POST PAGEREF _Toc423368351 \h 203.4.5.1.1.1Request Body PAGEREF _Toc423368352 \h 213.4.5.1.1.2Response Body PAGEREF _Toc423368353 \h 223.4.5.1.1.3Processing Details PAGEREF _Toc423368354 \h 223.4.6Timer Events PAGEREF _Toc423368355 \h 223.4.7Other Local Events PAGEREF _Toc423368356 \h 223.5GetStatusReport Details PAGEREF _Toc423368357 \h 223.5.1Abstract Data Model PAGEREF _Toc423368358 \h 223.5.2Timers PAGEREF _Toc423368359 \h 223.5.3Initialization PAGEREF _Toc423368360 \h 233.5.4Higher-Layer Triggered Events PAGEREF _Toc423368361 \h 233.5.5Message Processing Events and Sequencing Rules PAGEREF _Toc423368362 \h 233.5.5.1Nodes(ConfigurationId={ConfigurationId})/Reports PAGEREF _Toc423368363 \h 233.5.5.1.1GET PAGEREF _Toc423368364 \h 233.5.5.1.1.1Request Body PAGEREF _Toc423368365 \h 243.5.5.1.1.2Response Body PAGEREF _Toc423368366 \h 253.5.5.1.1.3Processing Details PAGEREF _Toc423368367 \h 253.5.6Timer Events PAGEREF _Toc423368368 \h 253.5.7Other Local Events PAGEREF _Toc423368369 \h 254Protocol Examples PAGEREF _Toc423368370 \h 264.1GetConfiguration Sequence PAGEREF _Toc423368371 \h 264.2GetModule Sequence PAGEREF _Toc423368372 \h 264.3GetAction Sequence PAGEREF _Toc423368373 \h 274.4SendStatusReport Sequence PAGEREF _Toc423368374 \h 284.5GetStatusReport Sequence PAGEREF _Toc423368375 \h 295Security PAGEREF _Toc423368376 \h 305.1Security Considerations for Implementers PAGEREF _Toc423368377 \h 305.2Index of Security Parameters PAGEREF _Toc423368378 \h 306Appendix A: Full JSON Schema PAGEREF _Toc423368379 \h 317Appendix B: Product Behavior PAGEREF _Toc423368380 \h 328Change Tracking PAGEREF _Toc423368381 \h 339Index PAGEREF _Toc423368382 \h 39Introduction XE "Introduction" XE "System overview - introduction" XE "Introduction"The Desired State Configuration Pull Model Protocol is based on the Hypertext Transfer Protocol (HTTP) (as specified in [RFC2616]). It is used for getting a client's configuration and modules (1) from the server and for reporting back the client's status to the server.Sections 1.8, 2, and 3 of this specification are normative and can contain the terms MAY, SHOULD, MUST, MUST NOT, and SHOULD NOT as defined in [RFC2119]. Sections 1.5 and 1.9 are also normative but do not contain those terms. All other sections and examples in this specification are informative.Glossary XE "Glossary" The following terms are specific to this document:Augmented Backus-Naur Form (ABNF): A modified version of Backus-Naur Form (BNF), commonly used by Internet specifications. ABNF notation balances compactness and simplicity with reasonable representational power. ABNF differs from standard BNF in its definitions and uses of naming rules, repetition, alternatives, order-independence, and value ranges. For more information, see [RFC5234].binary large object (BLOB): A collection of binary data stored as a single entity in a database.checksum: A value that is the summation of a byte stream. By comparing the checksums computed from a data item at two different times, one can quickly assess whether the data items are identical.configuration: Represents a binary large object (BLOB). The protocol does not process the content of the BLOB and it is passed as-is to the higher layer.Hypertext Transfer Protocol (HTTP): An application-level protocol for distributed, collaborative, hypermedia information systems (text, graphic images, sound, video, and other multimedia files) on the World Wide Web.module: (1) A file used by a server to register and instantiate one or more components. It contains either implementations of the components or metadata that a server can use to find implementations.(2) A BLOB in the Desired State Configuration Pull Model Protocol [MS-DSCPM]. The protocol does not process the content of the BLOB, and it is passed as it is to the higher layer.Transmission Control Protocol (TCP): A protocol used with the Internet Protocol (IP) to send data in the form of message units between computers over the Internet. TCP handles keeping track of the individual units of data (called packets) that a message is divided into for efficient routing through the Internet.Uniform Resource Identifier (URI): A string that identifies a resource. The URI is an addressing mechanism defined in Internet Engineering Task Force (IETF) Uniform Resource Identifier (URI): Generic Syntax [RFC3986].Uniform Resource Locator (URL): A string of characters in a standardized format that identifies a document or resource on the World Wide Web. The format is as specified in [RFC1738].universally unique identifier (UUID): A 128-bit value. UUIDs can be used for multiple purposes, from tagging objects with an extremely short lifetime, to reliably identifying very persistent objects in cross-process communication such as client and server interfaces, manager entry-point vectors, and RPC objects. UUIDs are highly likely to be unique. UUIDs are also known as globally unique identifiers (GUIDs) and these terms are used interchangeably in the Microsoft protocol technical documents (TDs). Interchanging the usage of these terms does not imply or require a specific algorithm or mechanism to generate the UUID. Specifically, the use of this term does not imply or require that the algorithms described in [RFC4122] or [C706] must be used for generating the UUID.MAY, SHOULD, MUST, SHOULD NOT, MUST NOT: These terms (in all caps) are used as defined in [RFC2119]. All statements of optional behavior use either MAY, SHOULD, or SHOULD NOT.ReferencesLinks to a document in the Microsoft Open Specifications library point to the correct section in the most recently published version of the referenced document. However, because individual documents in the library are not updated at the same time, the section numbers in the documents may not match. You can confirm the correct section numbering by checking the Errata. Normative References XE "References:normative" XE "Normative references" We conduct frequent surveys of the normative references to assure their continued availability. If you have any issue with finding a normative reference, please contact dochelp@. We will assist you in finding the relevant information. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997, [RFC2616] Fielding, R., Gettys, J., Mogul, J., et al., "Hypertext Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999, [RFC4122] Leach, P., Mealling, M., and Salz, R., "A Universally Unique Identifier (UUID) URN Namespace", RFC 4122, July 2005, [RFC4234] Crocker, D., Ed., and Overell, P., "Augmented BNF for Syntax Specifications: ABNF", RFC 4234, October 2005, [RFC4634] Eastlake III, D. and Hansen, T., "US Secure Hash Algorithms (SHA and HMAC-SHA)", RFC 4634, July 2006, [RFC4648] Josefsson, S., "The Base16, Base32, and Base64 Data Encodings", RFC 4648, October 2006, References XE "References:informative" XE "Informative references" None.Overview XE "Overview (synopsis)" XE "Overview (synopsis)"The Desired State Configuration Pull Model Protocol is used to get the configuration and the module (2) from the server and to report back some elements to the server.The protocol depends on HTTP for the transfer of all protocol messages, including the transfer of the binary data. In this specification, the entity that initiates the HTTP connection is referred to as the client, and the entity that responds to the HTTP connection is referred to as the server. With the Desired State Configuration Pull Model Protocol, binary data flows from the server to the client. Relationship to Other Protocols XE "Relationship to other protocols" XE "Relationship to other protocols"This protocol depends on HTTP as specified in [RFC2616]. HTTP version 1.1 is used with this protocol.Prerequisites/Preconditions XE "Prerequisites" XE "Preconditions" XE "Prerequisites" XE "Preconditions"This protocol does not provide a mechanism for a client to discover the Uniform Resource Locator (URL) of the server. Thus, it is a prerequisite that the client obtain the URL of the server before this protocol can be used.Applicability Statement XE "Applicability" XE "Applicability"The Desired State Configuration Pull Model Protocol is capable of downloading the configuration and modules from the server.This document covers versioning issues in the following areas:Supported Transports: This protocol can be implemented on top of HTTP, as specified in section 2.1.Security and Authentication Methods: This protocol supports HTTP access authentication, as specified in [RFC2616] section 11. Localization: This specification does not specify any localization-dependent protocol behavior.Vendor-Extensible Fields XE "Vendor-extensible fields" XE "Fields - vendor-extensible" XE "Fields - vendor-extensible" XE "Vendor-extensible fields"None.Standards Assignments XE "Standards assignments" XE "Standards assignments"None.MessagesTransport XE "Messages:transport" XE "Transport" XE "Transport" XE "Messages:transport"The Desired State Configuration Pull Model Protocol uses HTTP 1.1, as specified in [RFC2616], as the transport layer.A Transmission Control Protocol (TCP) port has not been reserved for this protocol. TCP port 80 is commonly used because many HTTP proxy servers forward only HTTP traffic that uses port 80.The protocol uses the access authentication functionality of the HTTP layer as specified in [RFC2616] section mon Data Types XE "Common data types" XE "Transport:common data types" XE "Messages:data types"None.Namespaces XE "Namespaces" XE "Transport:namespaces" XE "Namespaces"None.HTTP Headers XE "HTTP headers"The Desired State Configuration Pull Model Protocol uses existing headers as specified in [RFC2616].Unless specified otherwise, the headers defined in this specification are used in both request and response messages.If a client or server receives an HTTP header that is not defined in this section, or if the header is not defined in the current context (for example, receiving a request-only header in a response), the header MUST be interpreted as specified in [RFC2616].This section defines the syntax of the HTTP headers that use the Augmented Backus-Naur Form (ABNF) syntax, as specified in [RFC4234]. The following table summarizes the HTTP headers defined by this specification.HeaderDescriptionContent-TypeSection 2.2.2.1ChecksumSection 2.2.2.2Content-TypeThe Content-Type header specifies the type of data that is included in the body of the GET or POST request.The syntax of the Content-Type header is defined as follows.Ctype = "application/octet-stream" / "application/json"Content-Type = "Content-Type: " "application/octet-stream" CRLF / "Content-Type: " "application/json" [";charset=UTF-8"] CRLFExample: Content-Type: application/octetstring Content-Type: application/json;charset=UTF-8Application/octet-streamThis Content-Type is defined only for use in a request sent to the server and used in a GET request to get the module (2) or configuration from a server.Application/jsonThis Content-Type is defined only for use in a request sent to the server and used in POST request.ChecksumThe Checksum header field is defined only for use in a response message sent to a client as part of a GET request for the module and configuration.Checksum = "Checksum" : DQUOTE Check-sumvalue DQUOTE CRLFCheck-sumvalue = BASE16 ; specified in [RFC4648] / 0x00 (Null Character) Example: "Checksum":"8eDMbsSDig15Xx+B3msvRrDa5N1njaf5smVujQjhOeI=""Checksum":""ChecksumAlgorithmThe ChecksumAlgorithm header field specifies the checksum algorithm used to generate the checksum.ChecksumAlgorithm = "ChecksumAlgorithm" : DQUOTE Check-sumAlgorithmvalue DQUOTE CRLFCheck-sumAlgorithmvalue = "SHA-256" ; specified in [RFC4634]Example: "ChecksumAlgorithm":"SHA-256"ConfigurationNameThe ConfigurationName header field HYPERLINK \l "Appendix_A_1" \h <1> is used in the request message sent to the server as part of a GET request for the configuration.ConfigurationName: "ConfigurationName" : DQUOTE Configuration-Namevalue DQUOTE CRLFConfiguration-Namevalue: Element *(Element)Element: DIGIT / ALPHAExample: "ConfigurationName":"SubPart1"Common URI Parameters XE "URI parameters"The following table summarizes the set of common URI parameters defined by this protocol.URI parameterSectionConfigurationIdSection 2.2.3.1ModuleNameSection 2.2.3.2ModuleVersionSection 2.2.3.3ConfigurationIdThe ConfigurationId parameter is a universally unique identifier (UUID) as specified in [RFC4122] section 3.ModuleNameThe ModuleName parameter is a string that is used by the server to identify a specific module.MODULENAME = Element *(Element)Element = DIGIT / ALPHA / 0x5fModuleVersionThe ModuleVersion parameter identifies the version of a module. It can be either an empty string or a string containing two to four groups of digits where the groups are separated by a period.MODULEVERSION = MULTIDIGIT 0x2E MULTIDIGIT / MULTIDIGIT 0x2E MULTIDIGIT 0x2E MULTIDIGIT / MULTIDIGIT 0x2E MULTIDIGIT 0x2E MULTIDIGIT 0x2E MULTIDIGIT / 0x00 (NULL character)MULTIDIGIT = DIGIT *[DIGIT]Protocol DetailsGetConfiguration Details XE "Protocol Details:GetConfiguration" XE "Protocol details:GetConfiguration"The purpose of the GetConfiguration request is to get the configuration from the server. The GetConfiguration request maps to an HTTP GET request in which the Content-Type header is an application/octet-stream.Abstract Data Model XE "Getconfiguration:Abstract data model" XE "GetConfiguration:abstract data model"The server MUST maintain a ConfigurationTable where each entry contains:ServerConfigurationId: A unique combination of a ConfigurationId?(section?2.2.3.1) and a ConfigurationName?(section?2.2.2.4). The ConfigurationId MUST NOT be empty.ServerConfigurationData: A binary large object (BLOB). This data is not interpreted as part of this protocol and is passed on to higher layers as is.Timers XE "Getconfiguration:Timers" XE "GetConfiguration:timers"None.Initialization XE "Getconfiguration:Initialization" XE "GetConfiguration:initialization"None.Higher-Layer Triggered Events XE "Getconfiguration:Higher-layer triggered events" XE "GetConfiguration:higher-layer triggered events"None.Message Processing Events and Sequencing Rules XE "Getconfiguration:Message processing events and sequencing rules" XE "GetConfiguration:message processing events and sequencing rules"The server MUST match the ConfigurationId from the URL and, if specified, the ConfigurationName from the headers with the ServerConfigurationId in the ConfigurationTable. The server MUST use case-insensitive ordinal comparison to match the ConfigurationId?(section?2.2.3.1) and ConfigurationName?(section?2.2.2.4). If a match is found, the server MUST return ConfigurationData to the client with status code 200. If a match is not found, the server MUST return status code 404.ResourceDescriptionAction(ConfigurationId={ConfigurationId})/ConfigurationContentGets the configuration from the server.Request headerUsageValueConfigurationNameOptionalAs specified in section 2.2.2.4.The responses to all the methods can result in the following status codes.Status codeReason phraseDescription200OKReturned when the request is completed.400BAD REQUESTThe request could not be understood by the server due to malformed syntax.404NOT FOUNDReturned when the resource is not found.The response message for this operation contains the following HTTP headers.Response headerUsageValuechecksumRequiredAs specified in section 2.2.2.2.checksumalgorithmRequiredAs specified in section 2.2.2.3.Action(ConfigurationId={ConfigurationId})/ConfigurationContentThe following HTTP method is allowed to be performed on this resource.HTTP methodDescriptionGETGets the configuration from the server.GETThe URL specified by the client in the HTTP request line of the GET request identifies a "configuration point" targeted for the client. The server can have multiple configuration points and different configuration points can have different access permissions associated with them. For example, some configuration points require HTTP access authentication (as specified in [RFC2616] section 11). As another example, a configuration point could also allow only clients that connect from a specific IP address.The syntax of the GetConfiguration request is defined as follows. DSC-GetConfiguration-Request = DSC-GetConfiguration-Req-Line DSC-GetConfigurationSetReq-Headers DSC-GetConfiguration-Req-Line ? = "GET" SP Request-URI SP HTTP-Version CRLF Request-URI = Request-URI-Start DSC-GetConfigurationRequest-URI-End DSC-GetConfigurationSetReq-Headers = *( DSC-GetConfigurationSetReq-Header-REQ / DSC-GetConfigurationSetReq-Header-OPT ) DSC-GetConfigurationSetReq-Header-REQ????= Host ; section 14.23 of [RFC2616] DSC-GetConfigurationSetReq-Header-OPT??? = Connection ; section 14.10 of [RFC2616] / ConfigurationName ; section 2.2.2.4DSC-GetConfigurationRequest-URI-End = "Action(ConfigurationId=" SQUOTE CONFIGURATIONID SQUOTE RBRACKET FSLASH "ConfigurationContent"SQUOTE = %x27 ; ' (Single Quote)RBRACKET = %29 ; ) (Closing Bracket)FSLASH = %2F ; / (Forward Slash)CONFIGURATIONID = UUID ; as specified in [RFC4122]The syntax of the GetConfiguration response is defined as follows: DSC-GetConfiguration-Response??= Status-LineDSC-GetConfigurationResp-HeadersDSC-GetConfigurationResp-Body DSC-GetConfigurationResp-Headers = *( DSC-GetConfigurationResp-Header-REQ??????????????????????? ? / DSC-GetConfigurationResp-Header-OPT ? / DSC-GetConfigurationResp-Body) DSC-GetConfigurationResp-Header-REQ??= Content-Length ; section 14.13 of [RFC2616] / Content-Type ; section 2.2.2.1.1 / Checksum ; section 2.2.2.2 / ChecksumAlgorithm ; section 2.2.2.3 DSC-GetConfigurationResp-Header-OPT? = Server ; section 14.38 of [RFC2616] DSC-GetConfigurationResp-Body = Configuration ; section 3.1.5.1.1.2The response message for this operation contains the following HTTP headers.Response headerUsageValuechecksumRequiredAs specified in section 2.2.2.2.checksumalgorithmRequiredAs specified in section 2.2.2.3.The response message for this method can result in the following status codes.Status codeDescription200Request completed.400Bad request.404The resource was not found.Request BodyNone.Response BodyIn the response body, configuration represents a BLOB.Processing DetailsThe client gets the configuration from the server as content-type application/octet-stream in the response body for the GetConfiguration request. The server MUST send the checksum in the response headers as specified in section 2.2.2.2. The server MUST send the ChecksumAlgorithm in the response headers as specified in section 2.2.2.3. The server MUST generate the checksum using the following algorithm:Use the algorithm specified in section 2.2.2.3 to compute the hash of the response body as specified in [RFC4634] section 4.1.Perform base16 encoding of the computed hash as specified in [RFC4648] section 8.Timer Events XE "Getconfiguration:Timer events" XE "GetConfiguration:timer events"None.Other Local Events XE "Getconfiguration:Other local events" XE "GetConfiguration:other local events"None.GetModule Details XE "Protocol Details:GetModule" XE "Protocol details:GetModule"The purpose of the GetModule request is to get the module (2) from the server. GetModule request maps to HTTP GET request with content-type as application/octet-stream as part of the request.Abstract Data Model XE "Getmodule:Abstract data model" XE "GetModule:abstract data model"The server MUST maintain a ModuleTable in which each entry contains the following:ServerConfigurationId: The ConfigurationId?(section?2.2.3.1).ServerModuleName: The ModuleName?(section?2.2.3.2).ServerModuleVersion: The ModuleVersion?(section?2.2.3.3).ServerModuleData: A BLOB of data. This data is not interpreted as part of this protocol and is passed on to higher layers as is.Timers XE "Getmodule:Timers" XE "GetModule:timers"None.Initialization XE "Getmodule:Initialization" XE "GetModule:initialization"None.Higher-Layer Triggered Events XE "Getmodule:Higher-layer triggered events" XE "GetModule:highedr-layer triggered events"None.Message Processing Events and Sequencing Rules XE "Getmodule:Message processing events and sequencing rules" XE "GetModule:message processing events and sequencing rules"The server MUST match ConfigurationId from the URL with ServerConfigurationId, ModuleName with ServerModuleName, and ModuleVersion with ServerModuleVersion of the ModuleTable. The server MUST use case-insensitive ordinal comparison to match ConfigurationId, ModuleName, and ModuleVersion. For a ServerConfigurationId, the server MUST have a unique combination of ServerModuleName and ServerModuleVersion. ServerModuleName in the ModuleTable MUST NOT be empty. If a match is found, the server MUST return ModuleData to the client with status code 200. If a match is not found, the server MUST return status code 404.ResourceDescriptionModule(ConfigurationId={ConfigurationId},ModuleName={moduleName},ModuleVersion={moduleVersion})/ModuleContentGet the module from the server.The responses to all the methods can result in the following status codes.Status codeReason phraseDescription200OKRequest completed.400BAD REQUESTThe request could not be understood by the server due to malformed syntax.404NOT FOUNDUsed in cases where the resource is not found.The response message for this operation contains the following HTTP headers.Response headerUsageValuechecksumRequiredAs specified in section 2.2.2.2.checksumalgorithmRequiredAs specified in section 2.2.2.3.Module(ConfigurationId={ConfigurationId},ModuleName={moduleName},ModuleVersion={moduleVersion})/ModuleContentThe following HTTP method is allowed to be performed on this resource.HTTP methodDescriptionGETGets the module from the server.GETThe URL specified by the client in the HTTP request line of the GET request identifies a "module point" targeted for the client. The server might have multiple module points and different modules points can have different access permissions associated with them. For example, some module points require HTTP access authentication (as specified in [RFC2616] section 11). Other module points allow only clients that connect from a specific IP address.The syntax of the GetModule request is defined as follows. DSC-GetModule-Request??? = DSC-GetModule-Req-Line DSC-GetModuleSetReq-Headers DSC-GetModule-Req-Line ? = "GET" SP Request-URI SP HTTP-Version CRLFRequest-URI = Request-URI-Start DSC-GetModuleRequest-URI-EndDSC-GetModuleSetReq-Headers = *( DSC-GetModuleSetReq-Header-REQ / DSC-GetModuleSetReq-Header-OPT ) DSC-GetModuleSetReq-Header-REQ????= Host ; section 14.23 of [RFC2616] DSC-GetModuleSetReq-Header-OPT??? = Connection ; section 14.10 of [RFC2616]DSC-GetModuleRequest-URI-End = "Module(ConfigurationId=" SQUOTE CONFIGURATIONID SQUOTE ",ModuleName=" SQUOTE MODULENAME SQUOTE ",ModuleVersion=" SQUOTE MODULEVERSION SQUOTE RBRACKET FSLASH "ModuleContent" SQUOTE = %x27 ; ' (Single Quote)MODULENAME = ModuleName; as specified in section 2.2.3.2MODULEVERSION = *(DIGIT)[ 0x2E *(DIGIT)]RBRACKET = %29 ; ) (Closing Bracket)FSLASH = %2F ; / (Forward Slash)CONFIGURATIONID = UUID ; as specified in [RFC4122]The syntax of the GetModule response is defined as follows: DSC-GetModule-Response??= Status-Line ? DSC-GetModuleResp-Headers DSC-GetModuleResp-Body DSC-GetModuleResp-Headers = *( DSC-GetModuleResp-Header-REQ??????????????????????? ? / DSC-GetModuleResp-Header-OPT) DSC-GetModuleResp-Header-REQ??= Content-Length ; section 14.13 of [RFC2616] / Content-Type ; section 2.2.2.1.1 / Checksum ; section 2.2.2.2 / ChecksumAlgorithm ; section 2.2.2.3 DSC-GetModuleResp-Header-OPT? = Server ; section 14.38 of [RFC2616]DSC-GetModuleResp-Body = ModuleData ; section 3.2.5.1.1.2The response message for this operation contains the following HTTP headers.Response headerUsageValuechecksumRequiredAs specified in section 2.2.2.2.checksumalgorithmRequiredAs specified in section 2.2.2.3.The response message for this method can result in the following status codes.Status codeDescription200Request completed.400Bad request.404The resource is not found.Request BodyNone.Response BodyModuleData represents a binary large object (BLOB) .Processing DetailsThe client gets the module from the server as content-type application/octet-stream in the response body for GetModule request. The server MUST send the checksum in response headers as specified in section 2.2.2.2. The server MUST send the ChecksumAlgorithm in the response headers as specified in section 2.2.2.3. The server generates the checksum using the following algorithm:Use the algorithm specified in ChecksumAlgorithm to compute the hash of the response body as specified in [RFC4634] section 4.1.Perform base16 encoding of the computed hash as specified in [RFC4648] in section 8.Timer Events XE "Getmodule:Timer events" XE "GetModule:timer events"None.Other Local Events XE "Getmodule:Other local events" XE "GetModule:other local events"None.GetAction Details XE "Protocol Details:GetAction" XE "Protocol details:GetAction"The purpose of the GetAction request is to get the action, as specified in section 3.3.5.1.1.2, from the server. GetAction request maps to HTTP POST request with content-type as application/json, as specified in Appendix A: Full JSON Schema?(section?6), as part of the request.Abstract Data Model XE "Getaction:Abstract data model" XE "GetAction:abstract data model"None.Timers XE "Getaction:Timers" XE "GetAction:timers"None.Initialization XE "Getaction:Initialization" XE "GetAction:initialization"None.Higher-Layer Triggered Events XE "Getaction:Higher-layer triggered events" XE "GetAction:higher-layer triggered events"None.Message Processing Events and Sequencing Rules XE "Getaction:Message processing events and sequencing rules" XE "GetAction:message processing events and sequencing rules"ResourceDescriptionAction(ConfigurationId={ConfigurationId})/GetActionGet the action from the server.The responses to all the methods can result in the following status codes.Status codeReason phraseDescription200OKThe Request completed.400BAD REQUESTThe request could not be understood by the server due to malformed syntax.404NOT FOUNDThe resource was not found.Action(ConfigurationId={ConfigurationId})/GetActionThe following HTTP method is allowed to be performed on this resource.HTTP methodDescriptionPOSTPOSTs the data to the server and gets action from the server.POSTThe URL specified by the client in the HTTP request line of the POST request identifies the action point targeted for the client. The server can have multiple action points and different action points can have different access permissions associated with them. For example, some action points require HTTP access authentication (as specified in [RFC2616] section 11). Or, action points can also allow only clients that connect from a specific IP address.The syntax of the GetAction request is defined as follows. DSC-GetAction-Request = DSC-GetAction-Req-Line DSC-GetActionSetReq-Headers? DSC-GetActionReq-Body DSC-GetAction-Req-Line ? = "POST" SP Request-URI SP HTTP-Version CRLFRequest-URI = Request-URI-Start DSC-GetActionRequest-URI-End DSC-GetActionRequest-URI-End = "Action(ConfigurationId=" SQUOTE CONFIGURATIONID SQUOTE RBRACKET FSLASH "GetAction"SQUOTE = %x27 ; ' (Single Quote)RBRACKET = %29 ; ) (Closing Bracket)FSLASH = %2F ; / (Forward Slash)CONFIGURATIONID = UUID ; as specified in [RFC4122] DSC-GetActionSetReq-Headers = *( DSC-GetActionSetReq-Header-REQ / DSC-GetActionSetReq-Header-OPT ) DSC-GetActionSetReq-Header-REQ????= Host ; section 14.23 of [RFC2616] / Accept ; section 14.1 of [RFC2616] / ContentType ' section 2.2.2.1.2 / Content-Length ; section 14.13 of [RFC2616] DSC-GetActionSetReq-Header-OPT??? = Connection ; section 14.10 of [RFC2616] / Expect ; section 14.20 of [RFC2616] DSC-GetActionReq-Body = ActionRequest ; section 3.3.5.1.1.1The syntax of the GetAction response is defined as follows: DSC-GetAction-Response??= Status-LineDSC-GetActionResp-HeadersDSC-GetActionResp-Body DSC-GetActionResp-Headers = *( DSC-GetActionResp-Header-REQ??????????????????????? ? / DSC-GetActionResp-Header-OPT) DSC-GetActionResp-Header-REQ??= Content-Length ; section 14.13 of [RFC2616] / Content-Type ; section 2.2.2.1.2 DSC-GetActionResp-Header-OPT? = Server ; section 14.38 of [RFC2616]DSC-GetActionResp-Body = ActionContent ; section 3.3.5.1.1.2The response message for this method can result in the following status codes.Status codeDescription200Request completed.400Bad request.404The resource is not found.Request BodyThe ActionRequest packet is used by the client to transfer the following data fields:Checksum: A checksum as specified in section 2.2.2.2.ChecksumAlgorithm: The algorithm for the Checksum as specified in section 2.2.2.3.NodeCompliant: A value indicating TRUE or FALSE.StatusCode: A value indicating a number between –2147483648 and 2147483647.ConfigurationName: An opaque name as specified in section 2.2.2.4.Response BodyThe ActionContent packet is used by the server to transfer the following data field:Value: MUST be either GetConfiguration, Retry HYPERLINK \l "Appendix_A_2" \h <2>, or OK.Processing DetailsThe client sends the GetAction request with content-type as application/json to the server with a request body as specified in section 3.3.5.1.1.1. The client MUST include Checksum and ChecksumAlgorithm in the request body. The client SHOULD include StatusCode in the request body. The server responds back with content-type as application/json with response body as specified in section 3.3.5.1.1.2.Timer Events XE "Getaction:Timer events" XE "GetAction:timer events"None.Other Local Events XE "Getaction:Other local events" XE "GetAction:other local events"None.SendStatusReport Details XE "Protocol Details:SendStatusReport" XE "Protocol details:SendStatusReport"The SendStatusReport request HYPERLINK \l "Appendix_A_3" \h <3> sends the status report, as specified in section 3.4.5.1.1.1, to the server. The SendStatusReport request maps to the HTTP POST request with content-type as application/json, as specified in Appendix A: Full JSON Schema?(section?6), as part of the request.Abstract Data Model XE "Sendstatusreport:Abstract data model" XE "SendStatusReport:abstract data model"None.Timers XE "Sendstatusreport:Timers" XE "SendStatusReport:timers "None.Initialization XE "Sendstatusreport:Initialization" XE "SendStatusReport:initialization "None.Higher-Layer Triggered Events XE "Sendstatusreport:Higher-layer triggered events" XE "SendStatusReport:higher-layer triggered events "None.Message Processing Events and Sequencing Rules XE "Sendstatusreport:Message processing events and sequencing rules" XE "SendStatusReport:message processing events and sequencing rules "ResourceDescriptionNodes(ConfigurationID={ConfigurationId})/SendStatusReportSend the status report to the server.The response to all the methods results in one of the following status codes.Status codeReason phraseDescription200OKThe request completed.400BAD REQUESTThe server could not read the request due to malformed syntax.404NOT FOUNDThe resource was not found.Nodes(ConfigurationID={ConfigurationId})/SendStatusReportThe following HTTP method can be performed on this resource.HTTP methodDescriptionPOSTPosts the data to the server and gets status from the server.POSTThe URL specified by the client in the HTTP request line of the POST request identifies the status point targeted for the client. The server can have multiple status points that have different access permissions associated with them. For example, some status points require HTTP access authentication (as specified in [RFC2616] section 11). As another example, status points allow only clients that connect from a specific IP address.The syntax of the SendStatusReport request is defined as follows.DSC-SendStatusReport-Request = DSC-SendStatusReport-Req-Line DSC-SendStatusReportSetReq-Headers DSC-SendStatusReportReq-Body DSC-SendStatusReport-Req-Line = "POST" SP Request-URI SP HTTP-Version CRLFRequest-URI = Request-URI-Start DSC-SendStatusReportRequest-URI-End DSC-SendStatusReportRequest-URI-End = "Nodes(ConfigurationId=" SQUOTE CONFIGURATIONID SQUOTE RBRACKET FSLASH "SendStatusReport"SQUOTE = %x27 ; ' (Single Quote)RBRACKET = %29 ; ) (Closing Bracket)FSLASH = %2F ; / (Forward Slash)ConfigurationID = UUID ; as specified in [RFC4122] DSC-SendStatusReportSetReq-Headers = *( DSC-SendStatusReportSetReq-Header-REQ / DSC-SendStatusReportSetReq-Header-OPT ) DSC-SendStatusReportSetReq-Header-REQ = Host ; section 14.23 of [RFC2616] / Accept ; section 14.1 of [RFC2616] / ContentType ' section 2.2.2.1.2 / Content-Length ; section 14.13 of [RFC2616] DSC-SendStatusReportSetReq-Header-OPT = Connection ; section 14.10 of [RFC2616] / Expect ; section 14.20 of [RFC2616] DSC-SendStatusReportReq-Body = StatusReportRequest ; section 3.4.5.1.1.1The syntax of the SendStatusReport response is defined as follows:DSC-SendStatusReport-Response = Status-LineDSC-SendStatusReportResp-HeadersDSC-SendStatusReportResp-Body DSC-SendStatusReportResp-Headers = *( DSC-SendStatusReportResp-Header-REQ / DSC-SendStatusReportResp-Header-OPT) DSC-SendStatusReportResp-Header-REQ = Content-Length ; section 14.13 of [RFC2616] / Content-Type ; section 2.2.2.1.2 DSC-SendStatusReportResp-Header-OPT = Server ; section 14.38 of [RFC2616]DSC-SendStatusReportResp-Body = StatusReportContent ; section 3.4.5.1.1.2 The response message for this method can result in the following status codes.Status codeDescription200Request completed.400Bad request.404The resource was not found.Request BodyThe StatusReportRequest packet is used by the client to transfer the following data fields:JobId: The JobId parameter is a universally unique identifier (UUID) as specified in [RFC4122] section 3.NodeName: A value that is used to identify the name of the client.OperationType: A value that identifies the type for the operation.LCMVersion: A value that identifies the report generator on the client.ReportFormatVersion: A value that finds the identifier for the report.ConfigurationVersion: .A value that contains a string of two to four groups of digits where the groups are separated by a period.IpAddress: A value that identifies the IP addresses of the client separated by a semicolon (;).StartTime: A value that identifies the start time of an operation on the client.EndTime: A value that identifies the end time of an operation on the client.Errors: A value that represents the errors for an operation on the client.StatusData: A value that represents the status of an operation on the client.Response BodyThe StatusReportContent packet does not contain any data.Processing DetailsThe client sends the SendStatusReport request with content-type as application/json to the server with a request body as specified in section 3.3.5.1.1.1. The client MUST include JobId in the request body. The server responds back with status codes as specified in section 3.4.5.1.1.Timer Events XE "Sendstatusreport:Timer events" None.Other Local Events XE "Sendstatusreport:Other local events" None.GetStatusReport Details XE "Protocol Details:GetStatusReport" The GetStatusReport HYPERLINK \l "Appendix_A_4" \h <4> request gets the status report from the server, as specified in section 3.5.5.1.1. The GetStatusReport request maps to the HTTP GET request with content-type as application/json, as specified in Appendix A: Full JSON Schema (section 6), as part of the request.Abstract Data Model XE "Getstatusreport:Abstract data model" None.Timers XE "Getstatusreport:Timers" None.Initialization XE "Getstatusreport:Initialization" None.Higher-Layer Triggered Events XE "Getstatusreport:Higher-layer triggered events" None.Message Processing Events and Sequencing Rules XE "Getstatusreport:Message processing events and sequencing rules" ResourceDescriptionNodes(ConfigurationId={ConfigurationId})/Reports(JobId={JobId}))Get the status report from the server.The responses to all the methods can result in the following status codes.Status CodeReason PhraseDescription200OKThe request completed.400BAD REQUESTThe request could not be understood by the server due to malformed syntax.404NOT FOUNDThe resource was not found.Nodes(ConfigurationId={ConfigurationId})/Reports The following HTTP method can be performed on this resource.HTTP MethodDescriptionGETGets the status report from the server.GET The URL specified by the client in the HTTP request line of the GET request identifies the "status point" targeted for the client. The server might have multiple status points and different status points might have different access permissions associated with them. For example, some status points require HTTP access authentication (as specified in [RFC2616] section 11). Other status points allow only clients that connect from a specific IP address.The syntax of the GetStatusReport request is defined as follows.DSC-GetStatusReport-Request = DSC-GetStatusReport-Req-Line DSC-GetStatusReportSetReq-Headers DSC-GetStatusReport-Req-Line = "GET" SP Request-URI SP HTTP-Version CRLFRequest-URI = Request-URI-Start DSC-GetStatusReportRequest-URI-EndDSC-GetStatusReportRequest-URI-End = "Nodes(ConfigurationId=" SQUOTE CONFIGURATIONID SQUOTERBRACKET FSLASH "Reports(JobId=" SQUOTE JOBID SQUOTERBRACKETSQUOTE = %x27 ; ' (Single Quote)RBRACKET = %29 ; ) (Closing Bracket)FSLASH = %2F ; / (Forward Slash)ConfigurationID = UUID ; as specified in [RFC4122]JOBID = UUID; as specified in [RFC4122]DSC-GetStatusReportSetReq-Headers = *( DSC-GetStatusReportSetReq-Header-REQ / DSC-GetStatusReportSetReq-Header-OPT ) DSC-GetStatusReportSetReq-Header-REQ = Host ; section 14.23 of [RFC2616] / Accept ; section 14.1 of [RFC2616] / ContentType ' section 2.2.2.1.2 / Content-Length ; section 14.13 of [RFC2616]DSC-GetStatusReportSetReq-Header-OPT = Connection ; section 14.10 of [RFC2616] / Expect ; section 14.20 of [RFC2616]The syntax of the GetStatusReport response is defined as follows:DSC-GetStatusReport-Response = Status-LineDSC-GetStatusReportResp-HeadersDSC-GetStatusReportResp-BodyDSC-GetStatusReportResp-Headers = *( DSC-GetStatusReportResp-Header-REQ / DSC-GetStatusReportResp-Header-OPT)DSC-GetStatusReportResp-Header-REQ = Content-Length ; section 14.13 of [RFC2616] / Content-Type ; section 2.2.2.1.2DSC-GetStatusReportResp-Header-OPT = Server ; section 14.38 of [RFC2616]DSC-GetStatusReportResp-Body = StatusReportContent ; section 3.4.5.1.1.2The response message for this method can result in the following status codes.Status codeDescription200Request completed.400Bad request.404The resource was not found.Request BodyThe StatusReportRequest packet is used by the client to transfer the following data fields:JobId: A universally unique identifier (UUID) as specified in [RFC4122] section 3.NodeName: A value that identifies the name of the client.OperationType: A value that identifies the type for the operation.LCMVersion: A value that identifies the report generator on the client.ReportFormatVersion: A value that finds the identifier for the report.ConfigurationVersion: .A value that contains a string of two to four groups of digits where the groups are separated by a period.IpAddress: A value that identifies the IP addresses of the client separated by a semicolon (;).StartTime: A value that identifies the start time of an operation on the client.EndTime: A value that identifies the end time of an operation on the client.Errors: A value that represents the errors for an operation on the client.StatusData: A value that represents the status of an operation on the client.Response BodyStatusReportContent represents a BLOB.Processing Details The client sends the GetStatusReport request with the content-type as application/json to the server with a request body as specified in section 3.5.5.1.1.1. The server responds back with status codes as specified in section 3.5.5.1.1.Timer Events XE "Getstatusreport:Timer events" None.Other Local Events XE "Getstatusreport:Other local events" None.Protocol ExamplesGetConfiguration Sequence XE "Examples:GetConfiguration Sequence example" XE "Protocol examples:GetConfiguration Sequence" XE "GetConfiguration sequence example" XE "Examples:GetConfiguration sequence"The following sequence occurs between a client and a server during a GetConfiguration request.The client sends a GetConfiguration request.If the server requires the client to be authenticated, the server and client exchange access authentication HTTP headers as specified in [RFC2616] section 11.If authentication is not required, or if authentication has succeeded, the server responds with a "200 OK" HTTP response.The client closes the TCP connection to the server.The following figure shows a message sequence with a single GetConfiguration request.Figure 1: Message sequence for a single GetConfiguration requestGetModule Sequence XE "Examples:GetModule Sequence example" XE "Protocol examples:GetModule Sequence" XE "GetModule sequence example" XE "Examples:GetModule sequence"The following sequence occurs between a client and a server during a GetModule request.The client sends a GetModule request.If the server requires the client to be authenticated, the server and client exchange access authentication HTTP headers as specified in [RFC2616] section 11.If authentication is not required, or if authentication has succeeded, the server responds with a "200 OK" HTTP response.The client closes the TCP connection to the server.The following figure shows a message sequence with a single GetModule request.Figure 2: Message sequence for a single GetModule requestGetAction Sequence XE "Examples:GetAction Sequence example" XE "Protocol examples:GetAction Sequence" XE "GetAction sequence example" XE "Examples:GatAction sequence"The following sequence occurs between a client and a server during a GetAction request.The client sends a GetAction request.If the server requires the client to be authenticated, the server and client exchange access authentication HTTP headers as specified in [RFC2616] section 11.If authentication is not required, or if authentication has succeeded, the server responds with a "200 OK" HTTP response.The client closes the TCP connection to the server.The following figure shows a message sequence with a single GetAction request.Figure 3: Message sequence with a single GetAction requestSendStatusReport Sequence XE "Examples:SendStatusReport Sequence example" XE "Protocol examples:SendStatusReport Sequence" XE "SendStatusReport sequence example" XE "Examples:SendStatusReport sequence"The following sequence occurs between a client and a server during a SendStatusReport request.The client sends a SendStatusReport request.If the server requires the client to be authenticated, the server and client exchange access authentication HTTP headers as specified in [RFC2616] section 11.If authentication is not required, or if authentication has succeeded, the server responds with a HTTP 200 (OK) response.The client closes the TCP connection to the server.The following figure shows a message sequence with a single SendStatusReport request.Figure 4: Message sequence with a single SendStatusReportGetStatusReport Sequence XE "Examples:GetStatusReport Sequence example" XE "Protocol examples:GetStatusReport Sequence" The following sequence occurs between a client and a server during a GetStatusReport request.The client sends a GetStatusReport request.If the server requires the client to be authenticated, the server and client exchange access authentication HTTP headers as specified in [RFC2616] section 11.If authentication is not required, or if authentication has succeeded, the server responds with a HTTP 200 (OK) response.The client closes the TCP connection to the server.The following figure shows a message sequence with a single GetStatusReport request.Figure 5: Message sequence with a single GetStatusReportSecuritySecurity Considerations for Implementers XE "Security:implementer considerations" XE "Implementer - security considerations" XE "Security:implementation"The protocol is vulnerable to a hijacking attack in which the attacker guesses the value of the ConfigurationId (as specified in section 3.1.5.1), JobId, and/or ModuleName, ModuleVersion (as specified in section 3.2.5.1), and the TCP port number used by the client. This approach works because the attacker can establish its own TCP connection to the server and send a request by using the victim's ConfigurationId, JobId, and/or ModuleName, ModuleVersion value. To mitigate the attack, ConfigurationId and JobId should be a random value. Also, if HTTP access authentication is used, the server should authenticate access at least once on each new URL or TCP connection.Index of Security Parameters XE "Security:parameter index" XE "Index of security parameters" XE "Parameters - security index" XE "Security:parameter index"Security parameterSectionHTTP access authenticationAs specified in section 2.1.Appendix A: Full JSON Schema XE "JSON schema" XE "Full JSON schema" XE "Schema - JSON" XE "JSON schema"{ "title": "GetAction request schema", "type" : "object", "properties": { "Checksum": { "type": ["string","null"] }, "ConfigurationName": { "type": ["string","null"] }, "NodeCompliant": { "type": "boolean" }, "ChecksumAlgorithm": { "enum": ["SHA-256"], "description": "Checksum algorithm used to generate checksum" } }, "required": ["Checksum", "NodeCompliant", "ChecksumAlgorithm"]}{ "title": "GetAction response", "type": "object", "properties": { "value": { "enum": ["OK", "GetConfiguration", "Retry"], "required": "true" } }} Appendix B: Product Behavior XE "Product behavior" The information in this specification is applicable to the following Microsoft products or supplemental software. References to product versions include released service packs.Note: Some of the information in this section is subject to change because it applies to an unreleased, preliminary version of the Windows Server operating system, and thus may differ from the final version of the server software when released. All behavior notes that pertain to the unreleased, preliminary version of the Windows Server operating system contain specific references to Windows Server 2016 Technical Preview as an aid to the reader.Windows 7 operating systemWindows Server 2008 R2 operating systemWindows Server 2012 operating systemWindows 8.1 operating systemWindows Server 2012 R2 operating systemWindows 10 operating systemWindows Server 2016 Technical Preview operating system Exceptions, if any, are noted below. If a service pack or Quick Fix Engineering (QFE) number appears with the product version, behavior changed in that service pack or QFE. The new behavior also applies to subsequent service packs of the product unless otherwise specified. If a product edition appears with the product version, behavior is different in that product edition.Unless otherwise specified, any statement of optional behavior in this specification that is prescribed using the terms SHOULD or SHOULD NOT implies product behavior in accordance with the SHOULD or SHOULD NOT prescription. Unless otherwise specified, the term MAY implies that the product does not follow the prescription. HYPERLINK \l "Appendix_A_Target_1" \h <1> Section 2.2.2.4: The ConfigurationName header field is available in Windows 10 and Windows Server 2016 Technical Preview only. HYPERLINK \l "Appendix_A_Target_2" \h <2> Section 3.3.5.1.1.2: Retry is available in Windows 10 and Windows Server 2016 Technical Preview only. HYPERLINK \l "Appendix_A_Target_3" \h <3> Section 3.4: The SendStatusReport request is available in Windows Server 2016 Technical Preview and Windows 10 only. HYPERLINK \l "Appendix_A_Target_4" \h <4> Section 3.5: The GetStatusReport request is available in Windows 10 and Windows Server 2016 Technical Preview only.Change Tracking XE "Change tracking" XE "Tracking changes" This section identifies changes that were made to this document since the last release. Changes are classified as New, Major, Minor, Editorial, or No change. The revision class New means that a new document is being released.The revision class Major means that the technical content in the document was significantly revised. Major changes affect protocol interoperability or implementation. Examples of major changes are:A document revision that incorporates changes to interoperability requirements or functionality.The removal of a document from the documentation set.The revision class Minor means that the meaning of the technical content was clarified. Minor changes do not affect protocol interoperability or implementation. Examples of minor changes are updates to clarify ambiguity at the sentence, paragraph, or table level.The revision class Editorial means that the formatting in the technical content was changed. Editorial changes apply to grammatical, formatting, and style issues.The revision class No change means that no new technical changes were introduced. Minor editorial and formatting changes may have been made, but the technical content of the document is identical to the last released version.Major and minor changes can be described further using the following change types:New content added.Content updated.Content removed.New product behavior note added.Product behavior note updated.Product behavior note removed.New protocol syntax added.Protocol syntax updated.Protocol syntax removed.New content added due to protocol revision.Content updated due to protocol revision.Content removed due to protocol revision.New protocol syntax added due to protocol revision.Protocol syntax updated due to protocol revision.Protocol syntax removed due to protocol revision.Obsolete document removed.Editorial changes are always classified with the change type Editorially updated.Some important terms used in the change type descriptions are defined as follows:Protocol syntax refers to data elements (such as packets, structures, enumerations, and methods) as well as interfaces.Protocol revision refers to changes made to a protocol that affect the bits that are sent over the wire.The changes made to this document are listed in the following table. For more information, please contact dochelp@.SectionTracking number (if applicable) and descriptionMajor change (Y or N)Change type2.2.2.4 ConfigurationNameAdded section with content for Windows 10 and Windows Server 2016 Technical Preview.YNew content added.3.1.1 Abstract Data ModelUpdated content for Windows 10 and Windows Server 2016 Technical Preview.YContent update.3.1.5 Message Processing Events and Sequencing RulesUpdated content for Windows 10 and Windows Server 2016 Technical Preview.YContent update.3.1.5.2 GETUpdated content for Windows 10 and Windows Server 2016 Technical Preview.YContent update.3.3.5.1.1.1 Request BodyUpdated content for Windows 10 and Windows Server 2016 Technical Preview.YContent update.3.3.5.1.1.2 Response BodyUpdated content for Windows 10 and Windows Server 2016 Technical Preview.YContent update.3.4 SendStatusReport DetailsAdded section with content for Windows 10 and Windows Server 2016 Technical Preview.YNew content added.3.4.1 Abstract Data ModelAdded section with content for Windows 10 and Windows Server 2016 Technical Preview.YNew content added.3.4.2 TimersAdded section with content for Windows 10 and Windows Server 2016 Technical Preview.YNew content added.3.4.3 InitializationAdded section with content for Windows 10 and Windows Server 2016 Technical Preview.YNew content added.3.4.4 Higher-Layer Triggered EventsAdded section with content for Windows 10 and Windows Server 2016 Technical Preview.YNew content added.3.4.5 Message Processing Events and Sequencing RulesAdded section with content for Windows 10 and Windows Server 2016 Technical Preview.YNew content added.3.4.5.1 Nodes(ConfigurationID={ConfigurationId})/SendStatusReportAdded section with content for Windows 10 and Windows Server 2016 Technical Preview.YNew content added.3.4.5.1.1 POSTAdded section with content for Windows 10 and Windows Server 2016 Technical Preview.YNew content added.3.4.5.1.1.1 Request BodyAdded section with content for Windows 10 and Windows Server 2016 Technical Preview.YNew content added.3.4.5.1.1.2 Response BodyAdded section with content for Windows 10 and Windows Server 2016 Technical Preview.YNew content added.3.4.5.1.1.3 Processing DetailsAdded section with content for Windows 10 and Windows Server 2016 Technical Preview.YNew content added.3.4.6 Timer EventsAdded section with content for Windows 10 and Windows Server 2016 Technical Preview.YNew content added.3.4.7 Other Local EventsAdded section with content for Windows 10 and Windows Server 2016 Technical Preview.YNew content added.3.5 GetStatusReport DetailsAdded section with content for Windows 10 and Windows Server 2016 Technical Preview.YNew content added.3.5.1 Abstract Data ModelAdded section with content for Windows 10 and Windows Server 2016 Technical Preview.YNew content added.3.5.2 TimersAdded section with content for Windows 10 and Windows Server 2016 Technical Preview.YNew content added.3.5.3 InitializationAdded section with content for Windows 10 and Windows Server 2016 Technical Preview.YNew content added.3.5.4 Higher-Layer Triggered EventsAdded section with content for Windows 10 and Windows Server 2016 Technical Preview.YNew content added.3.5.5 Message Processing Events and Sequencing RulesAdded section with content for Windows 10 and Windows Server 2016 Technical Preview.YNew content added.3.5.5.1 Nodes(ConfigurationId={ConfigurationId})/ReportsAdded section with content for Windows 10 and Windows Server 2016 Technical Preview.YNew content added.3.5.5.1.1 GETAdded section with content for Windows 10 and Windows Server 2016 Technical Preview.YNew content added.3.5.5.1.1.1 Request BodyAdded section with content for Windows 10 and Windows Server 2016 Technical Preview.YNew content added.3.5.5.1.1.2 Response BodyAdded section with content for Windows 10 and Windows Server 2016 Technical Preview.YNew content added.3.5.5.1.1.3 Processing DetailsAdded section with content for Windows 10 and Windows Server 2016 Technical Preview.YNew content added.3.5.6 Timer EventsAdded section with content for Windows 10 and Windows Server 2016 Technical Preview.YNew content added.3.5.7 Other Local EventsAdded section with content for Windows 10 and Windows Server 2016 Technical Preview.YNew content added.4.4 SendStatusReport SequenceAdded section with content for Windows 10 and Windows Server 2016 Technical Preview.YNew content added.4.5 GetStatusReport SequenceAdded section with content for Windows 10 and Windows Server 2016 Technical Preview.YNew content added.5.1 Security Considerations for ImplementersUpdated content for Windows 10 and Windows Server 2016 Technical Preview.YContent update.6 Appendix A: Full JSON SchemaUpdated syntax for Windows 10 and Windows Server 2016 Technical Preview.YProtocol syntax updated.7 Appendix B: Product BehaviorAdded Windows 10 to applicability list.YContent update.7 Appendix B: Product BehaviorUpdated product behavior notes for Windows 10 and Windows Server 2016 Technical Preview.YProduct behavior note updated.IndexAApplicability PAGEREF section_9872db1ce3b14416b94a70a5a75298ae7CChange tracking PAGEREF section_e9d7b0c858104ce289c149da257cf8c533Common data types PAGEREF section_61c4535e1bc244e6bcc4544b097644a78EExamples GatAction sequence PAGEREF section_d6b5c492a3214b95ae89b7df958d8fe627 GetAction Sequence example PAGEREF section_d6b5c492a3214b95ae89b7df958d8fe627 GetConfiguration sequence PAGEREF section_f06820c86630400a8af0978472836e9926 GetConfiguration Sequence example PAGEREF section_f06820c86630400a8af0978472836e9926 GetModule sequence PAGEREF section_6cab9d45e891440c9a85ec3f03413a8726 GetModule Sequence example PAGEREF section_6cab9d45e891440c9a85ec3f03413a8726 GetStatusReport Sequence example PAGEREF section_2b183bdec320495c9d5f6009c6b9679229 SendStatusReport sequence PAGEREF section_11d338dcf10143469592361ec1e5437f28 SendStatusReport Sequence example PAGEREF section_11d338dcf10143469592361ec1e5437f28FFields - vendor-extensible PAGEREF section_20aafd8f549d4f73bfa5b3a3b8ad10a07Full JSON schema PAGEREF section_4cd205ec5b1c426e8176d5e02a91106b31GGetaction Abstract data model PAGEREF section_67ddf97d74fc43979e0b214434c856ee17 Higher-layer triggered events PAGEREF section_247ac2cba9024e93a8180786a5006a5d17 Initialization PAGEREF section_e778c61a86434055af34063881d3615517 Message processing events and sequencing rules PAGEREF section_c98b3ad3948046e5a2ff39ee6ee59df817 Other local events PAGEREF section_a793452c383d4519933153c4f561bfd919 Timer events PAGEREF section_92eb99790a184ecdb13959978ec8e4e419 Timers PAGEREF section_9e7f7239f9b1483bb7bd3879cc4d472017GetAction sequence example PAGEREF section_d6b5c492a3214b95ae89b7df958d8fe627Getconfiguration Abstract data model PAGEREF section_a77f566fa32d4dc2b267c37bac37b2fa11 Higher-layer triggered events PAGEREF section_e73a71f1a3194a039b06ab4ccd021c2111 Initialization PAGEREF section_ddcb7c9a97fd4f498fafe543f754bf8d11 Message processing events and sequencing rules PAGEREF section_35e21cb54e8f4e7a91dfc30d7536d91c11 Other local events PAGEREF section_dc63d5884b0a431ab45c763dc5ba642014 Timer events PAGEREF section_1ef4d35980c74948be8c584e5d5082f814 Timers PAGEREF section_7a6533f8379f4472a93db90d6122fedc11GetConfiguration sequence example PAGEREF section_f06820c86630400a8af0978472836e9926Getmodule Abstract data model PAGEREF section_aedd03588b44469fbf8f6e99044f9bee14 highedr-layer triggered events PAGEREF section_c0f9ab79bc68435ba90b86c1eca1b2ee14 Higher-layer triggered events PAGEREF section_c0f9ab79bc68435ba90b86c1eca1b2ee14 Initialization PAGEREF section_59a504ad7f214f2cb8f4c5c74bddc35814 Message processing events and sequencing rules PAGEREF section_ce9c0c5c896a4bf3a750a7545c7a3c3914 Other local events PAGEREF section_7774ba3f404f43819e56879dd105646817 Timer events PAGEREF section_4efb21ee43fa4294bba466293e64db7117 Timers PAGEREF section_9bdd03caf0b046ce84e2fd3062dfd94314GetModule sequence example PAGEREF section_6cab9d45e891440c9a85ec3f03413a8726Getstatusreport Abstract data model PAGEREF section_0953e3bf83c04c0ebfaf23eaa7e913f122 Higher-layer triggered events PAGEREF section_ef3ffd8f6e794ff0bf3a59bec57039fe23 Initialization PAGEREF section_561e799912d14a718aaedb23075e2c5423 Message processing events and sequencing rules PAGEREF section_034d9b0afb5048b6870ee0a5f4581b4523 Other local events PAGEREF section_45f37b3006ea48dc94aedb650377e83425 Timer events PAGEREF section_4b591fd0e88246efa08d9f26dd156a1525 Timers PAGEREF section_0c1c5498c6904c51b9d0297357baf40822Glossary PAGEREF section_497682e4c367412b90b68b83f702065c5HHTTP headers PAGEREF section_b8fbdee1fc5c47889e4dd3c831bae3628IImplementer - security considerations PAGEREF section_c46c0c1931c6433baa415c53860d345030Index of security parameters PAGEREF section_f79201248df84f84ab59b2c3ce774f2a30Informative references PAGEREF section_21eaf2adb55e451bbc42eb9f7e892e1b6Introduction PAGEREF section_479d46416a354c87a5a767ade6e917b75JJSON schema PAGEREF section_4cd205ec5b1c426e8176d5e02a91106b31MMessages data types PAGEREF section_61c4535e1bc244e6bcc4544b097644a78 transport PAGEREF section_1ac914e3be7440a7ac35d99368a388898NNamespaces PAGEREF section_c4a198a5371843578a2ed431dbd801538Normative references PAGEREF section_df32c81e7cd54d5da7a5fb0f222c92e36OOverview (synopsis) PAGEREF section_dd46a72b1b9a42d3bcbb0ab7a6e728446PParameters - security index PAGEREF section_f79201248df84f84ab59b2c3ce774f2a30Preconditions PAGEREF section_ad8e5357098349febc7773f6821f3c887Prerequisites PAGEREF section_ad8e5357098349febc7773f6821f3c887Product behavior PAGEREF section_19eb8183ce5f466a93bf9194d08a74d532Protocol Details GetAction PAGEREF section_c96de981c23945148f8d5825974b3d4517 GetConfiguration PAGEREF section_933a46da700b45a98e8e70f65297bdf311 GetModule PAGEREF section_404ebd2dbeec46c98df80d0ca344d14b14 GetStatusReport PAGEREF section_5dc5322cc56f4926b224d0b37d44adf822 SendStatusReport PAGEREF section_b1e50f896c354ad3800bf0f4f1edf40819Protocol examples GetAction Sequence PAGEREF section_d6b5c492a3214b95ae89b7df958d8fe627 GetConfiguration Sequence PAGEREF section_f06820c86630400a8af0978472836e9926 GetModule Sequence PAGEREF section_6cab9d45e891440c9a85ec3f03413a8726 GetStatusReport Sequence PAGEREF section_2b183bdec320495c9d5f6009c6b9679229 SendStatusReport Sequence PAGEREF section_11d338dcf10143469592361ec1e5437f28RReferences informative PAGEREF section_21eaf2adb55e451bbc42eb9f7e892e1b6 normative PAGEREF section_df32c81e7cd54d5da7a5fb0f222c92e36Relationship to other protocols PAGEREF section_21798ff0aa5d43d7b680e1420f5a14d46SSchema - JSON PAGEREF section_4cd205ec5b1c426e8176d5e02a91106b31Security implementation PAGEREF section_c46c0c1931c6433baa415c53860d345030 implementer considerations PAGEREF section_c46c0c1931c6433baa415c53860d345030 parameter index PAGEREF section_f79201248df84f84ab59b2c3ce774f2a30Sendstatusreport Abstract data model PAGEREF section_41ef7da115834e5c8b2f0c1ece46121419 Higher-layer triggered events PAGEREF section_288e08568a974c9ab9fe7ea8925b764620 Initialization PAGEREF section_f97b3814de2b4afcb8e753b3c989527a20 Message processing events and sequencing rules PAGEREF section_261a1ac2de1b44cbb09b2e4d1dc36a3b20 Other local events PAGEREF section_237fbed04592457a99d549325321c3d122 Timer events PAGEREF section_b1c718d485764918a1ade212cc9e91f322 Timers PAGEREF section_9c820c0b5298414cb5d9c3207235ac7420SendStatusReport sequence example PAGEREF section_11d338dcf10143469592361ec1e5437f28Standards assignments PAGEREF section_4f37e5f2d31f4e94a81f54fb866cd1297System overview - introduction PAGEREF section_479d46416a354c87a5a767ade6e917b75TTracking changes PAGEREF section_e9d7b0c858104ce289c149da257cf8c533Transport PAGEREF section_1ac914e3be7440a7ac35d99368a388898 common data types PAGEREF section_61c4535e1bc244e6bcc4544b097644a78 namespaces PAGEREF section_c4a198a5371843578a2ed431dbd801538UURI parameters PAGEREF section_3eaa1774f00249699330bd73fda1aaf210VVendor-extensible fields PAGEREF section_20aafd8f549d4f73bfa5b3a3b8ad10a07 ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download