for _, server := range infoMessage.Servers {
				anonEndpoint := anonAddr(server.Endpoint)
				servers = append(servers, madmin.ServerInfo{
					State:    server.State,
					Endpoint: anonEndpoint,
					Uptime:   server.Uptime,
					Version:  server.Version,
					CommitID: server.CommitID,
					Network:  anonymizeNetwork(server.Network),
					Drives:   anonymizeDrives(server.Disks),

- **SMB1/CIFS**: Legacy support via `jcifs.smb1/` package
- **SMB 2.0.2**: Windows Vista+ (0x0202)
- **SMB 2.1**: Windows 7/Server 2008R2 (0x0210)
- **SMB 3.0**: Windows 8/Server 2012 (0x0300) - AES-128-CCM encryption
- **SMB 3.0.2**: Windows 8.1/Server 2012R2 (0x0302) - Enhanced encryption
- **SMB 3.1.1**: Windows 10/Server 2016+ (0x0311) - AES-128-GCM + Pre-Auth Integrity

**Protocol Selection:**
- Default Range: SMB1 to SMB 3.1.1

	[ ${first_time} -ne 0 ] && sleep 120

	if ! ps -p $pid1 1>&2 >/dev/null; then
		echo "minio server 1 is not running" && fail
	fi

	if ! ps -p $pid2 1>&2 >/dev/null; then
		echo "minio server 2 is not running" && fail
	fi

	if ! ps -p $pid3 1>&2 >/dev/null; then
		echo "minio server 3 is not running" && fail
	fi

	if ! pkill minio; then
		fail
	fi

	sleep 1
	if pgrep minio; then

---------------------

The above scenario is representative of most TLS set ups: the client uses certificates to validate
the identity of a server. The converse is also possible. Here we create a server that authenticates
a client and a client that authenticates a server.

```java
// Create the root for client and server to trust. We could also use different roots for each!
HeldCertificate rootCertificate = new HeldCertificate.Builder()

 * This class provides functionality to open a handle to the LSA policy
 * database on a remote server using the LSA RPC interface.
 */
public class MsrpcLsarOpenPolicy2 extends lsarpc.LsarOpenPolicy2 {

    /**
     * Creates a new request to open an LSA policy handle.
     *
     * @param server the server name to connect to
     * @param access the desired access rights

            assertEquals("smb://server/IPC$/test", result);
        }

        @Test
        @DisplayName("Should generate correct pipe URL with server option")
        void testMakePipeUrl_WithServerOption() throws Exception {
            when(mockDcerpcBinding.getOption("server")).thenReturn("customServer");
            DcerpcPipeHandle handle = createMockedDcerpcPipeHandle();

 * a specific share using the Server Service RPC interface.
 */
public class MsrpcShareGetInfo extends srvsvc.ShareGetInfo {

    /**
     * Creates a new request to get share information.
     *
     * @param server the server name
     * @param sharename the name of the share to query
     */
    public MsrpcShareGetInfo(final String server, final String sharename) {

     */
    void setPath(String path);

    /**
     * Sets the full UNC path components.
     *
     * @param domain the domain name
     * @param server the server name
     * @param fullPath the full UNC path
     */
    void setFullUNCPath(String domain, String server, String fullPath);

    /**
     * Sets whether to resolve this request path in DFS.
     *
     * @param resolve true to enable DFS resolution
     */

		"Total number of bucket scans finished since server start")
	scannerBucketScansStartedMD = NewCounterMD(scannerBucketScansStarted,
		"Total number of bucket scans started since server start")
	scannerDirectoriesScannedMD = NewCounterMD(scannerDirectoriesScanned,
		"Total number of directories scanned since server start")
	scannerObjectsScannedMD = NewCounterMD(scannerObjectsScanned,

- `X-Amz-Server-Side-Encryption-Customer-Key`: Base64 encoded new key.
- `X-Amz-Copy-Source-Server-Side-Encryption-Customer-Key`: Base64 encoded current key.

Such a special COPY request is also known as S3 SSE-C key rotation.

### Server-Side Encryption with a KMS

SSE-S3 allows an S3 client to en/decrypt an object at the MinIO server using a KMS. The MinIO
server only assumes that the KMS provides two services: