archive
/
windows-nt-4.0
mirror of https://github.com/lianthony/NT4.0
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Windows NT 4.0 source code leak
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
184 MiB
 
 
 
 
 
 
Tree: b4a8d373d8
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'b4a8d373d8'
${ noResults }
windows-nt-4.0/private/net/svcdlls/upssvc/spec

195 lines
7.2 KiB
Raw Blame History

Overview
UPS provides protection against power failure. Upon power interruption,
users with active sessions to the affected server are notified of the
impending shutdown and an orderly server shutdown is performed. UPS is
implemented as an NT service.
Functional Description
In the standard configuration, signalling is accomplished by connecting
the uninterruptable power supply to the server via a dedicated serial port.
The uninterruptible power supply generates signals corresponding to various
fault conditions. The serial port will block until a signal is received.
When a signal is received, the UPS service take appropriate actions.
The UPS service has the following configurable parameter:
Installed: A bit in the registry specifying whether a UPS
is installed or. UPS service would not start
if this bit is not set.
Signal on Line Fail: A bit in the registry specifying whether the installed
UPS can signal upon power line fail. The physical
signal is the CTS line of the Comm Port.
Signal on Low Battery: A bit in the registry specifying whether the installed
UPS can signal when the battery can supply less than
2 minutes of power. The physical signal is the RLSD
line of the Comm Port.
UPS turn off by
computer : A bit in the registry specifying whether the installed
UPS can be told to turn itself off by the computer.
The physical signal is the DTR line of the Comm Port.
(Currently not implemented... can't do a system
shutdown without power, but shutdown would kill
all running processes in the first place. Talk to
scottlu)
Singal voltages: Three bits in the registry specifying the assertion
voltage level of the three signals: signal on line
fail, signal on low battery, and UPS turn off.
This is the definition of the bit mask for the "OPTIONS" field.
#define UPS_INSTALLED 0x00000001
#define UPS_POWERFAILSIGNAL 0x00000002
#define UPS_LOWBATTERYSIGNAL 0x00000004
#define UPS_CANTURNOFF 0x00000008
#define UPS_POSSIGONPOWERFAIL 0x00000010
#define UPS_POSSIGONLOWBATTERY 0x00000020
#define UPS_POSSIGSHUTOFF 0x00000040
Port: name of the serial port the UPS is connected to.
(e.g. COM1)
Battery life: the life of the UPS backup battery when fully charged.
Configurable from 0 to 480 minutes.
Rechare rate: the recharge rate of the UPS backup battery, in terms
of X minutes per miunte of power. Configurable from
5 minutes to 250 minutes.
First Message Delay: Specifies the number of seconds between initial power
failure and first message sent to the users.
(If power is retored within first message delay, no
messages are sent, although the event is logged.)
Configurable from 0 to 120s.
Warning Interval: Specifies the number of seconds between messages sent
to users informing them of power failure.
Configurable from 30 to 300 seconds.
The UPS service do a range check on the above parameters (except for Port).
The service would not be started unless all parameters are present in
the registry, and all of them are within the specified range.
In which case, the error code NERR_UPSInvalidConfig would be
returned. The UPS service also fails to start if it can't find
the configuration key in the registry.
System configuration can be done through the control panel of NT,
which would both update the registry and restart the UPS service.
Update through registry editor is also possible.
If an invalid port is specified (either a non-existing port or a port that
is already used by another process), the error code NERR_UPSInvalidCommPort
would be returned.
The UPS service would not be started if any valid signals (as defined by
the signal low batt and singal power out) is asserted (as defined by
their voltage levels). This helps to eliminate system shutdown due to
incorrect configuration of the UPS. The error code NERR_UPSSignalAsserted
would be returned.
The UPS service would return UPSShutdownFailed if the UPS service failed
to perform a shutdown. The error code returned is NERR_UPSShutdownFailed.
The above four error codes would all be logged to the event logger.
The following lines are added to the files nt\public\sdk\inc\lmerr.h
#define NERR_UPSInvalidConfig (NERR_BASE+381) /* The UPS service is not correctly configured. */
#define NERR_UPSInvalidCommPort (NERR_BASE+382) /* The UPS service could not access the specified Comm Port. */
#define NERR_UPSSignalAsserted (NERR_BASE+383) /* The UPS indicated a line fail or low battery situation. Service not started. */
#define NERR_UPSShutdownFailed (NERR_BASE+384) /* The UPS service failed to perform a system shutdown. */
Service Flow of Control
The UPS service runs as a time-critical process. Under normal
conditions this should not affect the system, since the UPS service
thread is blocked indefinitely (by WaitForSingleObject() of
WaitCommEvent() ). However, when UPS awakens, it needs to have high
priority so that it can complete its tasks before battery power runs
out.
After the service is installed and running, the following assertion
of singals are done:
a.TXD is set to permanently low.
b.RTS is set to permanently hight.
c.DTR is set to the level opposite to UPSShutdownFailed level if the UPS
supports UPS shutdown.
a. and b. are for supporting contact closure UPS by supplying
the power supply. c. is for avoiding turning off the UPS.
One of the two signals may then be received from the device
driver -- either power failure or low battery. (Low battery actions are
described below.)
If a power failure is received, the following happens:
1. The server is paused.
2. The following error is logged:
NELOG_UPS_PowerOut
3. The following alert is raised:
ALERT_PowerOut
If the power is restored before messdelay expires, the following happends:
1. The server is continued.
2. The following alert is raised:
ALERT_PowerBack
If the power is not restored before messdelay expires, the following happens:
1. The following message is being sent to the local user and
all users with session on the server every messtime:
APE2_UPS_POWER_OUT
2. The following alert is raised every messtime:
ALERT_PowerOut
If the power is restored the following happens:
1. The following message is being sent to the local user and
all users with session on the server:
APE2_UPS_POWER_BACK
2. The following alert is raised:
ALERT_PowerBack
If the power does not return, either the low battery signal will
be received, or the battery timer will expire.
For the confoguration where both the low battery signal and the power
fail signal are supported, the service would not expire the battery
timer (the service shuts down only when low battery signal is asserted).
Whenever a low battery signal is received (even if the line fail has not
been signaled) or batterytime equals zero (in the case where low battery
is not supported), the following happens:
1. The server is stopped.
2. The following message is being sent to the local user and
all users with session on the server:
APE2_UPS_POWER_SHUTDOWN_FINAL
3. The following entry is written to the error log:
NELOG_UPS_SHUTDOWN
4. The following alert is raised:
ALERT_PowerShutDown