Connection Manager ActiveSync Desktop Pass-through (DTPT) (Windows Embedded CE 6.0)
1/6/2010
ActiveSync Desktop Pass-through (DTPT) is a technology that a Windows Embedded CE powered device uses to transparently access external networks, such as the Internet, through the computer to which it is connected. In Windows Embedded CE 6.0, DTPT can be used to connect to a computer and download information such as search results or navigation maps.
Note
There is full connectivity between the computer and the device. However, there is limited connectivity between the computer running ActiveSync and the external host. Only outgoing TCP/IPv4 packets are routed through the DTPT Server to the external host.
DTPT Overview
ActiveSync Desktop Pass-through (DTPT) consists of the following components:
- DTPT Client
The DTPT Client service runs on the Windows Embedded CE powered device. This component is responsible for addressing and forwarding connection requests and name service provider (NSP) requests to the computer.
- DTPT Server
The DTPT Server service runs on the desktop to which the Windows Embedded CE powered device is connected and is integrated with ActiveSync. This component is used by the device as a proxy server to connect to external networks to which the computer is connected. It also processes NSP requests sent by the DTPT Client.
DTPT Addressing
After the device connects to the desktop, the DTPT Client and the DTPT Server try to discover one another.
The DTPT Client performs addressing by detecting the presence of a DTPT-compatible network interface. After an appropriate interface is detected, the DTPT Client assigns an IPv4 address for the device from the Auto IP range of addresses and then sends the address to the desktop by using the DHCP protocol.
Note
If an application that is running on the device tries to change the IP address of the device, the DTPT connection might be disconnected.
After the addressing is performed, a connection is established and the DTPT Server listens on a predetermined port for messages sent by the DTPT Client. Depending on the type of message that is received, the DTPT Server functions as a proxy server or a name service provider.
DTPT as a Proxy Server
The purpose of DTPT is to enable a Windows Embedded CE powered device to connect to and communicate with remote hosts on the network to which the desktop is connected. The DTPT Server functions as a proxy by forwarding data between the device and the remote host. The DTPT Client intercepts the proxy calls and sends requests to the computer for processing.
DTPT as a Name Service Provider
DTPT also supports name service-provider service. When a Winsock application that is running on the device makes a request for name resolution, the DTPT Client intercepts the call and forwards it to the DTPT Server for processing. The DTPT Server receives the NSP message and retrieves the requested service information and returns it to the DTPT Client.
DTPT Security
DTPT has potential security risks typically associated with networking because it supports the transfer of non-encrypted data over a network.
Recommendations
We recommend that you disable bridging on the computer running the DTPT Server. If you enable bridging on the computer running the DTPT Server, this might expose the attached device to security concerns from other networks the computer is connected to.
DTPT Limitations
The following list shows the limitations for ActiveSync Desktop Pass-through (DTPT).
DTPT functions over a point-to-point connection. Do not bridge the Windows Embedded CE adapter connection; use it with Internet Connection Sharing or manually configure the connection.
At a given time, only one Windows Embedded CE powered device can use DTPT.
Only outgoing TCP/IPv4 packets are routed through the DTPT Server to the external host. However, you can transfer non-TCP and non-IPv4 packets to and from the host without using the DTPT technology.
Applications that are running on the client are not able to change the address of the device, which is assigned by the DTPT Server.
The connected device cannot have more than 1000 concurrent requests to the computer.
Nonsecure DTPT connections are not supported. DTPT was designed to work as an encrypted channel.
Note
Nonsecure DTPT connections are DTPT connections provisioned using the CM_NetEntries Configuration Service Provider with the Secure parameter set to 0 (zero). For more information, see Configuration Service Providers Overview.
See Also
Concepts
Connection Manager OS Design Development
Making a Data Connection Using Connection Manager