Port Enumeration:
In Windows 2000, the client enumerates ports by iterating through the DOS devices for COM and LPT ports and checking whether the CreateFile call succeeds. If it does, the port exists; otherwise, it doesn’t announce the port.
Printer Queue Enumeration:
Win32 EnumPrinter() APIs return all printer queues that are currently present on the system. In the current RDP 5.0 implementation, only queues connected to LPT, COM, and USB ports are redirected by default. Because these printer queues are automatically detected, they are called automatic printer queues.
3. In addition to the EnumPrinter() API, the client remembers manually created printer queues from previous logons. The manual queue information is preserved under the following registry key:
HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\Default\AddIns\RDPDR.SYS\<printer queue name> \PrinterCacheData
The client enumerates these subkeys to build the manual created queues list. In a sense, these become automatic printer queues for the current logon because they are “automatically” detected from a previous manual creation.
Client port names for automatic printer queues are always named PRNxxx, where xxx is a number that increases for each printer. Client port names for physical ports are always LPTxxx, COMxxx where xxx represents a number that increases for each port device (for information on naming conventions, see Printer Queues).
4. The client builds the list of devices using all of the above enumerated ports and sends it to the server.
5. For each printing port announced by the client, the KERNEL-mode RDPDR.SYS creates a corresponding TS printing port. These ports are named using the following convention:
TS<Port Number>
where Port Number is a monotonically increasing value representing the next available port. On reboot, all TS ports are deleted.
6. RDPDR.SYS registers a device interface using the PnP APIs, which in turn notify the Spooler of a dynamic printer device. The Spooler then calls USBMON.DLL to enumerate the ports.
7. WLNOTIFY.DLL is loaded by Winlogon and is notified of the connect. A background thread in this module communicates with RDPDR.SYS by using IOCTLs to obtain any events such as printer and port announces.
8. In response to the printer announce event, WLNOTIFY.DLL does the following:
-
Checks whether a matching driver string name is installed on the server. If not, it checks the user-defined .INF files and NTPRINT.INF.
-
If a driver string name match is found, it calls a PnP function exposed by PRINTUI.DLL to create the printer queue. If the driver is not found, the printer queue is not installed for the session, the printer is not redirected, and event log entries notifying of the failed redirection attempt are logged. Therefore, this printer cannot be used and is not visible to the user.
-
Sets the default printer to be the client’s default printer (this information is part of the printer announce data received from the client). If policy does not allow it, the existing default printer is not changed.
-
Adds the new printer queue to its internal list of devices that includes printer queues.
-
Restores any configuration information sent by the client (such as paper orientation or the number of pages per sheet).
-
Sets the default security for the printer to give read/write/print permissions for the logged-on user. Full Control is given to administrators. Redirected TS printers are visible only to the user logged onto the printer’s associated session and to any user with Administrator privileges.
Windows 2000 security helps hide printers. Clients can access and enumerate only those printers for which they have Write access. The same user logged in to multiple TS terminals will have access to all remote printers from each terminal he/she is logged in to.
9. RDPDR.SYS also generates events to announce printer ports (LPT and COM). The WLNOTIFY.DLL component receives this event and saves information related to the printer port in its internal list of devices, which includes printer ports. This list will be used when creating manual printer queues. Note that RDPDR.SYS does not generate events for printer ports associated with Automatic Printer Queues; that is, client port names with PRNxxx do not generate events. Therefore, WLNOTIFY.DLL does not have an internal list of printer ports that belong to Automatic Printer Queues. This differs from local port redirection, because these ports are exposed only as available to printers under the Printers folder.
|
