Wi N D O W S enables the application to communicate on the network through the file system service built by the operating system. I / O Reset Concept:? IO In the operating system, to access remote machines, the operating system must re-oriented remote resources via the network, which is a general concept of redirecting. For example, Wi N D O W S allows us to map a local disk identifier (such as E :) or redirect to a directory sharing entry on the remote computer. If the application indicates that you need to use E:, the operating system automatically redirects the I / O request to a device, which is called "redirector" (R E D i r e c t o r). The redirector is established to a network channel to the remote computer to access the specified remote directory. Subsequently, the application can freely use some conventional file system A P i functions, such as R e a d f i l e (read file), and WR i t e f i l e (write file), etc. Although it is actually accessed through the network, the surface is not different from the access to the local file. How to make normal I / O requests to remote devices by a redirector: ?? Noun explanation: ???? UNC: Resource locator. Format: // [Server] / [ShareName] / [address] ???? MUP: Resource locator. ???? MSNP: Microsoft network provider. Customer Householder: Application <-> MUP <-> Redirector (Network Provider) <-> Transfer Driver <-> Network Interface Card
Service Householder: Local I / O <-> Redirector Server Services <-> Transfer Driver <-> Network Interface Card? Network Interface Card (Client)
Access token: After the user logs in into a Windows NT system, the system will verify the user's account name and password, and the two are collectively referred to as "login credentials". If the user logs in success (ie verification), the system creates a corresponding access token and assigns it to it. For any process performed to this user, you will have a copy of the access token. If a process tries to access a protected (ie confidential) object, the S i D in the access token will be compared to the access rights assigned to S i D in D A C1.