1.1 Glossary

This document uses the following terms:

access control list (ACL): A list of access control entries (ACEs) that collectively describe the security rules for authorizing access to some resource; for example, an object or set of objects.

Active Directory: The Windows implementation of a general-purpose directory service, which uses LDAP as its primary access protocol. Active Directory stores information about a variety of objects in the network such as user accounts, computer accounts, groups, and all related credential information used by Kerberos [MS-KILE]. Active Directory is either deployed as Active Directory Domain Services (AD DS) or Active Directory Lightweight Directory Services (AD LDS), which are both described in [MS-ADOD]: Active Directory Protocols Overview.

authenticated user identity: The principal that is provided by the underlying protocol. See retrieval of client identity in [MS-RPCE] sections and for details.

authentication: The ability of one entity to determine the identity of another entity.

branch office print mode: An operating mode in which a print client is able to perform branch office printing. Every shared printer on a print server can be configured to operate in branch office print mode.

branch office print remote logging: An operating mode in which a print client logs printing-related Windows Events on the print server. Branch office print remote logging occurs only when the print client is in branch office print mode.

cabinet file: A file that has the suffix .cab and that acts as a container for other files. It serves as a compressed archive for a group of files. For more information, including the format of CAB files, see [MSDN-CAB].

Common Internet File System (CIFS): The "NT LM 0.12" / NT LAN Manager dialect of the Server Message Block (SMB) Protocol, as implemented in Windows NT. The CIFS name originated in the 1990's as part of an attempt to create an Internet standard for SMB, based upon the then-current Windows NT implementation.

deployed printer connection: A computer connection or user connection as described in [MS-GPDPC].

device: Any peripheral or part of a computer system that can send or receive data.

domain: A set of users and computers sharing a common namespace and management infrastructure. At least one computer member of the set must act as a domain controller (DC) and host a member list that identifies all members of the domain, as well as optionally hosting the Active Directory service. The domain controller provides authentication of members, creating a unit of trust for its members. Each domain has an identifier that is shared among its members. For more information, see [MS-AUTHSOD] section and [MS-ADTS].

Domain Name System (DNS): A hierarchical, distributed database that contains mappings of domain names to various types of data, such as IP addresses. DNS enables the location of computers and services by user-friendly names, and it also enables the discovery of other information stored in the database.

driver package: A collection of the files needed to successfully load a driver. This includes the device information (.inf) file, the catalog file, and all of the binaries that are copied by the .inf file.  Multiple drivers packaged together for deployment purposes.

driver store: A secure location on the local hard disk where the entire driver package is copied.

endpoint: A network-specific address of a remote procedure call (RPC) server process for remote procedure calls. The actual name and type of the endpoint depends on the RPC protocol sequence that is being used. For example, for RPC over TCP (RPC Protocol Sequence ncacn_ip_tcp), an endpoint might be TCP port 1025. For RPC over Server Message Block (RPC Protocol Sequence ncacn_np), an endpoint might be the name of a named pipe. For more information, see [C706].

enhanced metafile format (EMF): A file format that supports the device-independent definitions of images.

enhanced metafile spool format (EMFSPOOL): A format that specifies a structure of enhanced metafile format (EMF) records used for defining application and device-independent printer spool files.

Graphics Device Interface (GDI): An API, supported on 16-bit and 32-bit versions of the operating system, that supports graphics operations and image manipulation on logical graphics objects.

Graphics Device Interface, Extended (GDI+): A Windows API, supported on 32-bit and 64-bit versions of the operating system, that extends GDI to include support for Bezier curves, gradient brushes, image effects, and EMF+ metafiles.

Group Policy: A mechanism that allows the implementer to specify managed configurations for users and computers in an Active Directory service environment.

Hypertext Markup Language (HTML): An application of the Standard Generalized Markup Language (SGML) that uses tags to mark elements in a document, as described in [HTML].

Hypertext Transfer Protocol (HTTP): An application-level protocol for distributed, collaborative, hypermedia information systems (text, graphic images, sound, video, and other multimedia files) on the World Wide Web.

Hypertext Transfer Protocol Secure (HTTPS): An extension of HTTP that securely encrypts and decrypts web page requests. In some older protocols, "Hypertext Transfer Protocol over Secure Sockets Layer" is still used (Secure Sockets Layer has been deprecated). For more information, see [SSL3] and [RFC5246].

Independent Hardware Vendor (IHV): In the context of this document, an IHV is a printer manufacturer, such as Canon or Hewlett-Packard.

Internet Information Services (IIS): The services provided in Windows implementation that support web server functionality. IIS consists of a collection of standard Internet protocol servers such as HTTP and FTP in addition to common infrastructures that are used by other Microsoft Internet protocol servers such as SMTP, NNTP, and so on. IIS has been part of the Windows operating system in some versions and a separate install package in others. IIS version 5.0 shipped as part of Windows 2000 operating system, IIS version 5.1 as part of Windows XP operating system, IIS version 6.0 as part of Windows Server 2003 operating system, and IIS version 7.0 as part of Windows Vista operating system and Windows Server 2008 operating system.

Internet Printing Protocol (IPP): A standard protocol for printing and for the management of print jobs and printer settings over the Internet. It is built on the Hypertext Transfer Protocol (HTTP).

Internet Protocol security (IPsec): A framework of open standards for ensuring private, secure communications over Internet Protocol (IP) networks through the use of cryptographic security services. IPsec supports network-level peer authentication, data origin authentication, data integrity, data confidentiality (encryption), and replay protection.

language monitor: An executable object that provides a communications path between a print queue and a printer's port monitor. Language monitors add control information to the data stream, such as commands defined by a Page Description Language (PDL). They are optional, and are only associated with a particular type of printer if specified in the printer's INF file.

Lightweight Directory Access Protocol (LDAP): The primary access protocol for Active Directory. Lightweight Directory Access Protocol (LDAP) is an industry-standard protocol, established by the Internet Engineering Task Force (IETF), which allows users to query and update information in a directory service (DS), as described in [MS-ADTS]. The Lightweight Directory Access Protocol can be either version 2 [RFC1777] or version 3 [RFC3377].

metafile: A sequence of record structures that store an image in an application-independent format. Metafile records contain drawing commands, object definitions, and configuration settings. When a metafile is processed, the stored image can be rendered on a display, output to a printer or plotter, stored in memory, or saved to a file or stream.

monitor module: An executable object that provides a communication path between the print system and the printers on a server.

NetBEUI: NetBIOS Enhanced User Interface. NetBEUI is an enhanced NetBIOS protocol for network operating systems, originated by IBM for the LAN Manager server and now used with many other networks.

page description language (PDL): The language for describing the layout and contents of a printed page. Common examples are PostScript and Printer Control Language (PCL).

port monitor: A plug-in that communicates with a device that is connected to a port. A port monitor can interact with the device locally, remotely over a network, or through some other communication channel. The data that passes through a port monitor is in a form that can be understood by the destination device, such as page description language (PDL).

Portable Document Format (PDF): An Adobe Systems specification for electronic documents that use the Adobe Acrobat family of servers and readers. PDF-format files have a .pdf file name extension.

PostScript: A page description language developed by Adobe Systems that is primarily used for printing documents on laser printers. It is the standard for desktop publishing.

print client: The application or user that is trying to apply an operation on the print system either by printing a job or by managing the data structures or devices maintained by the print system.

print job: The rendered page description language (PDL) output data sent to a print device for a particular application or user request.

print processor: A plug-in that runs on the print server and processes print job data before it is sent to a print device.

print queue: The logical entity to which jobs can be submitted for a particular print device. Associated with a print queue is a print driver, a user's print configuration in the form of a DEVMODE structure, and a system print configuration stored in the system registry.

print server: A machine that hosts the print system and all its different components.

print spooler: The component is a service that implements the Print Services system on Windows-based print clients and print servers. The spooler buffers and orders print jobs and converts print job data to printer-specific formats.

Printer Control Language (PCL): A page description language (PDL) developed by Hewlett Packard for its laser and ink-jet printers.

printer driver: The interface component between the operating system and the printer device. It is responsible for processing the application data into a page description language (PDL) that can be interpreted by the printer device.

printer port: Hardware port that transfers drawing commands to the printer hardware.

registry: A local system-defined database in which applications and system components store and retrieve configuration data. It is a hierarchical data store with lightly typed elements that are logically stored in tree format. Applications use the registry API to retrieve, modify, or delete registry data. The data stored in the registry varies according to the version of the operating system.

Remote Administration Protocol (RAP): A synchronous request/response protocol, used prior to the development of the remote procedure call (RPC) protocol, for marshaling and unmarshaling procedure call input and output arguments into messages and for reliably transporting messages to and from clients and servers.

remote procedure call (RPC): A communication protocol used primarily between client and server. The term has three definitions that are often used interchangeably: a runtime environment providing for communication facilities between computers (the RPC runtime); a set of request-and-response message exchanges between computers (the RPC exchange); and the single message from an RPC exchange (the RPC message).  For more information, see [C706].

RPC endpoint: A network-specific address of a server process for remote procedure calls (RPCs). The actual name of the RPC endpoint depends on the RPC protocol sequence being used. For example, for the NCACN_IP_TCP RPC protocol sequence an RPC endpoint might be TCP port 1025. For more information, see [C706].

security descriptor: A data structure containing the security information associated with a securable object. A security descriptor identifies an object's owner by its security identifier (SID). If access control is configured for the object, its security descriptor contains a discretionary access control list (DACL) with SIDs for the security principals who are allowed or denied access. Applications use this structure to set and query an object's security status. The security descriptor is used to guard access to an object as well as to control which type of auditing takes place when the object is accessed. The security descriptor format is specified in [MS-DTYP] section 2.4.6; a string representation of security descriptors, called SDDL, is specified in [MS-DTYP] section 2.5.1.

security provider: A pluggable security module that is specified by the protocol layer above the remote procedure call (RPC) layer, and will cause the RPC layer to use this module to secure messages in a communication session with the server. The security provider is sometimes referred to as an authentication service. For more information, see [C706] and [MS-RPCE].

Server Message Block (SMB): A protocol that is used to request file and print services from server systems over a network. The SMB protocol extends the CIFS protocol with additional security, file, and disk management support. For more information, see [CIFS] and [MS-SMB].

Server Service: The CIFS file sharing service. The Server Service registers a NetBIOS name with a suffix byte value of 0x20 and responds to SMB commands.

Simple and Protected GSS-API Negotiation Mechanism (SPNEGO): An authentication mechanism that allows Generic Security Services (GSS) peers to determine whether their credentials support a common set of GSS-API security mechanisms, to negotiate different options within a given security mechanism or different options from several security mechanisms, to select a service, and to establish a security context among themselves using that service. SPNEGO is specified in [RFC4178].

TCP/IP: A set of networking protocols that is widely used on the Internet and provides communications across interconnected networks of computers with diverse hardware architectures and various operating systems. It includes standards for how computers communicate and conventions for connecting networks and routing traffic.

Uniform Resource Locator (URL): A string of characters in a standardized format that identifies a document or resource on the World Wide Web. The format is as specified in [RFC1738].

universal serial bus (USB): An external bus that supports Plug and Play installation. It allows devices to be connected and disconnected without shutting down or restarting the computer.

UNIX: A multiuser, multitasking operating system developed at Bell Laboratories in the 1970s. In this document, the term "UNIX" is used to refer to any derivatives of this operating system.

Web Services on Devices (WSD): A function-discovery protocol used to discover and communicate certain data structures in a HomeGroup network environment. Implementation details are specified in [DPWS].

workgroup: A collection of computers that share a name. In the absence of a domain, a workgroup allows a convenient means for browser clients to limit the scope of a search.

XML Paper Specification (XPS): An XML-based document format. XML Paper Specification (XPS) specifies the set of conventions for the use of XML and other widely available technologies to describe the content and appearance of paginated documents. For more information, see [MSFT-XMLPAPER].