1.3 Overview

The Common Internet File System (CIFS) is a general-purpose network file system protocol. It provides clients with managed, concurrent access to files and directories hosted on server systems. It also provides access to print queues and interprocess communication services, and supports authenticated transport for remote procedure call subprotocols. With a few exceptions, CIFS is client-driven in that a client makes requests to which a server responds.

To this end, CIFS defines three entities: the client, the server, and the application. The client is an implementation of the protocol and originates most of the messages. The server is also an implementation of the protocol and provides the majority of the functionality described herein as a service. Remaining functionality is handled by a number of subsystems associated with CIFS. These include:

  • Transaction processing subsystems (SMB Trans, SMB Trans2, and NT Trans)

  • User authentication subsystem

  • Distributed File System (DFS) processing subsystem

  • Remote Administration Protocol (RAP) processing subsystem

  • Remote Procedure Call (RPC) processing subsystem

These subsystems can be integrated into a CIFS server implementation or can be accessed as separate services via CIFS.

Although the client originates most exchanges in CIFS, it is not the triggering entity in most cases; that role is filled by the application. The application is an entity that needs support of the CIFS protocol, but does not directly implement the protocol. Instead, the application relies on the implementation of CIFS by the client to gain the benefits of the CIFS services, through an API or other access method that is not defined in this specification. The application can be a piece of software that fulfills purposes such as word processing or a graphic user interface to file management, but can be particular to CIFS.

Hereafter, the terms "client", "server", and "application" describe the aforementioned entities. This specification assumes that although the client and the application are independent entities, they are considered to be tightly bound as far as CIFS is concerned. There is no direct interaction between the application and the server, except through the client. As such, there is no independent role attributed to the application in this specification.

CIFS is a stateful protocol. It imposes state to maintain security contexts, cryptographic protections, and file access semantics such as locking and caching. CIFS allows multiple clients to concurrently share files and printers hosted by server systems, thus facilitating collaboration, efficient use of resources, and centralized management.

CIFS supports the following features:

  • Transport independence. The CIFS protocol itself does not place any requirements upon the transport protocol that is used to pass SMB messages between the client and the server. CIFS is typically carried over a connection-oriented protocol, but connectionless protocols have been used as CIFS transports.

  • Flexible connectivity. A single client can connect to multiple servers, and can make one or more connections to each server. The activity of multiple client processes can be multiplexed over a single connection.

  • Feature negotiation. The dialect and the supported feature set of the protocol are negotiated on a per-connection basis.

  • Resource access. A client can concurrently access multiple shared resources (files, named pipes, print queues) on the target server.

  • Security contexts. A client can create and use one or more security contexts over a connection.

  • File access. A client can open, read, write, modify, delete, and close multiple files on the target server. File sharing is managed by the server, so multiple clients can have the same file open at the same time.

  • Extended subprotocols. CIFS supports a set of subprotocols that provide direct access to additional server functionality.

  • Named pipe interprocess communication. A client can open, read, write, and close named pipes on the target server. Named pipes provide a communications path between client and server processes.

  • File and record locking, and safe caching. CIFS supports file and record locking, as well as opportunistic locking of files to allow clients to cache data for better performance.

  • File, directory, and volume attributes. CIFS provides the ability to query and (with limitations) set file, directory, and volume attributes, including extended attributes. CIFS also provides support for the use of Access Control Lists (ACLs).

  • File and directory change notification. CIFS clients can post a request to be notified when a change is made to a file within a directory or directory tree on the server.

  • Batched commands. CIFS AndX messages can be chained together and executed in sequence on the server, avoiding multiple message round-trips.

  • Distributed File System (DFS) support. The DFS namespace is supported. DFS provides a single consistent object naming scheme (a unified namespace) that can span a collection of different servers and shares. The DFS model employed is a referral-based model, which is specified in [MS-DFSC]. CIFS specifies the manner in which clients and servers receive and process referrals.

  • Remote Procedure Call Transport. CIFS provides authenticated transport for remote procedure call protocols such as RPC [MS-RPCE] and RAP [MS-RAP].

  • Message verification. CIFS supports message signing, as described in [KB887429], which is used to ensure that messages have not been modified in transit.

  • Unicode file name support. CIFS supports both extended ASCII (OEM) character set and Unicode file names. CIFS supports 8.3 name format file names, long file names using the extended ASCII character set (8-bit characters), and long file names in Unicode.