Appendix H: Connection Manager and Internet Communication
Applies To: Windows Server 2003 with SP1
This section provides information about:
The benefits of Connection Manager 1.3
How Connection Manager communicates with sites on the Internet
Controlling Connection Manager to limit the flow of information to and from the Internet
Benefits and Purposes of Connection Manager 1.3
Connection Manager 1.3 is a client dialer and connection software program included with products in Microsoft Windows Server 2003. It provides support for local and remote connections to your network service using a network of access points, such as those available worldwide through Internet service providers (ISPs). Connection Manager 1.3 includes features that both simplify and enhance the implementation of connection support for you and your users.
Connection Manager is implemented using the Connection Manager Administration Kit (CMAK). CMAK is designed for network administrators, information officers, and other team members who are responsible for the design, development, testing, distribution, and support of connection software for users who connect to your Internet or network service.
You can customize Connection Manager so that the set of files you distribute to your users (called a service profile) can be easily installed and run. Using Connection Point Services you install Phone Book Service, which enables the distribution of phone books for a Connection Manager service profile.
In addition to the support for basic dial-up connections, you can also use the CMAK wizard to incorporate support for virtual private network (VPN) connections using tunneling protocols to tunnel through a public network (such as when dialing into an ISP to access an organization’s server). Connection Manager can create a VPN connection through a preexisting dial-up session, local area network (LAN), or digital subscriber line (DSL).
For more information about Connection Manager, see the instructions in "Accessing Help Documentation for Connection Manager," later in this appendix.
How Connection Manager Communicates with Sites on the Internet
Administrators control whether to enable the phonebook download feature and which server the client computer sends the request to. The client computer initiates the connection to the phone book server in order to update its data. The phone book server sends one of the following elements to the Connection Manager client while there is a connection:
Phone book update file: The server sends a phone book update file when the version of the phone book of the connecting client is earlier than the version of the phone book server.
Replacement phone book: This is sent when there is a difference of more than five versions between the client and the server phone book file versions.
Standard HTTP error message
The following list describes various aspects of the Connection Manager information that is sent to and from the Internet and how the exchange of information takes place:
Specific information sent or received: The information sent by Connection Manager in the phone book server query string contains the following elements:
osarch: Specifies the type of processor that the requesting computer is using.
ostype: Specifies the version of the Windows operating system of the computer making the request.
cmver: Specifies the version of Connection Manager of the computer making the request.
lcid: Specifies the locale identifier (LCID) describing the system default locale information of the computer making the request.
pbver: Specifies the current version of the phone book being used by the computer making the request.
pb: Specifies the name of the phone book being used by the computer making the request.
Default settings: By default, Connection Point Services and the Connection Manager Administration Kit are not installed with Windows Server 2003. (You can add these components by using Add or Remove Programs in Control Panel.)
Triggers: Connection Manager is triggered when users start it to connect to the Internet or their organization’s network.
Logging: Information is logged in the Connection Manager log file but not in the operating system event log. The logging feature for Connection Manager is used for troubleshooting and can be disabled.
Encryption: The information contained in the query string is sent as plaintext and is not encrypted.
Storage: The information that is sent is used by the phone book server to process the request being made, although the information is not stored.
Transmission protocol and port: The transmission protocol used is HTTP and the port is 80.
Ability to disable: On the server, you can prevent Connection Point Services and the Connection Manager Administration Kit from being installed, which prevents Connection Manager from being used. For clients, you can disable Connection Manager by not providing the user with a Connection Manager service profile. Also for clients, the Connection Manager phone book download and synchronization feature can be disabled using a Connection Manager service profile.
For more information about the Connection Manager Administration Kit (CMAK), see "Before you start: Understanding Connection Manager and the Administration Kit," on the Microsoft Web site at:
https://go.microsoft.com/fwlink/?LinkId=46011
You can also view the same information in Help, as described in "Accessing Help Documentation for Connection Manager," later in this appendix.
Controlling Connection Manager to Limit the Flow of Information to and from the Internet
Connection Manager client software is installed by default. Administrators determine when to create and distribute a Connection Manager service profile, without which Connection Manager cannot run.
You can limit the use of Connection Manager by creating and distributing a service profile only to users and administrators who need to use the Connection Manager client to initiate local or remote network access point connections. You can use the Connection Manager Administration Kit (CMAK) wizard to create a customized service profile to configure Connection Manager not to update the client phone book information.
For a list of items to consider when designing a service profile for Connection Manager, see "Security information for the Connection Manager Administration Kit" on the Microsoft Web site at:
https://go.microsoft.com/fwlink/?LinkId=46010
Procedures for Installing the Connection Manager Administration Kit and for Viewing Help
This subsection lists procedures for the following tasks:
Installing the Connection Manager Administration Kit on your server
Accessing Help documentation for Connection Manager
Installing Connection Manager Administration Kit on Your Server
The Connection Manager Administration Kit (CMAK) and Connection Point Services (used to install Phone Book Service) are not installed by default on Windows Server 2003. Use the following procedure to add these components.
To Add the Connection Manager Administration Kit and Connection Point Services After Server Installation
Click Start, and then either click Control Panel, or point to Settings and then click Control Panel.
Double-click Add or Remove Programs.
Click Add/Remove Windows Components (on the left).
In the Windows Components Wizard, scroll down and double-click Management and Monitoring Tools.
Select Connection Manager Administration Kit and Connection Point Services and any other subcomponents you want to install.
Follow the instructions to complete the Windows Components Wizard.
Accessing Help Documentation for Connection Manager
Windows Server 2003 has Help documentation describing the Connection Manager Administration Kit. You can view this documentation from any computer that has Internet access (regardless of the operating system running on that computer), or from any server running Windows Server 2003. The following procedure provides the details.
To Access Help Documentation for a Server Running Windows Server 2003
Open Help for Windows Server 2003 by doing one of the following:
On any computer running Windows Server 2003, click Start, and then click Help and Support.
View Help on the Web at:
https://go.microsoft.com/fwlink/?LinkId=29881
As appropriate, navigate from this Web site to the documentation for the server product you are using.
To view information about Connection Manager Administration Kit, navigate to Network Services\Managing Remote Connections\Connection Manager Administration Kit.