none
why gpsvc send traffic to WNS(Windows Push Notification Services)

    Question

  • When a client join domain and restart, the gpsvc will send the TLS traffic to the WNS(Windows Push Notification Services(*.wns.windows.com)). Why gpsvc send traffic to WNS? If we block the traffic to WNS, will it impact the group policy's function? Thanks
    Thursday, August 4, 2016 9:30 AM

Answers

  • Hi,
    As far as I know, The Windows Push Notification Services (WNS) enables third-party developers to send toast, tile, badge, and raw updates from their own cloud service. This provides a mechanism to deliver new updates to your users in a power-efficient and dependable way. The following diagram shows the complete data flow for sending a push notification:

    1. Your app requests a push notification channel from the Universal Windows Platform.
    2. Windows asks WNS to create a notification channel. This channel is returned to the calling device in the form of a Uniform Resource Identifier (URI).
    3. The notification channel URI is returned by Windows to your app.
    4. Your app sends the URI to your own cloud service. You then store the URI on your own cloud service so that you can access the URI when you send notifications. The URI is an interface between your own app and your own service; it's your responsibility to implement this interface with safe and secure web standards.
    5. When your cloud service has an update to send, it notifies WNS using the channel URI. This is done by issuing an HTTP POST request, including the notification payload, over Secure Sockets Layer (SSL). This step requires authentication.
    6. WNS receives the request and routes the notification to the appropriate device.


    More detail steps regarding how WNS works is in:
    Windows Push Notification Services (WNS) overview
    https://msdn.microsoft.com/en-us/windows/uwp/controls-and-patterns/tiles-and-notifications-windows-push-notification-services--wns--overview

    You could compare your environment with this article to see if it is reasonable firstly before blocking the traffic .
    Regards,
    Wendy


    Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, August 5, 2016 3:02 AM
    Moderator

All replies

  • When a client join domain and restart, the gpsvc will send the TLS traffic to the WNS(Windows Push Notification Services(*.wns.windows.com)). Why gpsvc send traffic to WNS? If we block the traffic to WNS, will it impact the group policy's function? Thanks
    Thursday, August 4, 2016 9:31 AM
  • Hi,
    As far as I know, The Windows Push Notification Services (WNS) enables third-party developers to send toast, tile, badge, and raw updates from their own cloud service. This provides a mechanism to deliver new updates to your users in a power-efficient and dependable way. The following diagram shows the complete data flow for sending a push notification:

    1. Your app requests a push notification channel from the Universal Windows Platform.
    2. Windows asks WNS to create a notification channel. This channel is returned to the calling device in the form of a Uniform Resource Identifier (URI).
    3. The notification channel URI is returned by Windows to your app.
    4. Your app sends the URI to your own cloud service. You then store the URI on your own cloud service so that you can access the URI when you send notifications. The URI is an interface between your own app and your own service; it's your responsibility to implement this interface with safe and secure web standards.
    5. When your cloud service has an update to send, it notifies WNS using the channel URI. This is done by issuing an HTTP POST request, including the notification payload, over Secure Sockets Layer (SSL). This step requires authentication.
    6. WNS receives the request and routes the notification to the appropriate device.


    More detail steps regarding how WNS works is in:
    Windows Push Notification Services (WNS) overview
    https://msdn.microsoft.com/en-us/windows/uwp/controls-and-patterns/tiles-and-notifications-windows-push-notification-services--wns--overview

    You could compare your environment with this article to see if it is reasonable firstly before blocking the traffic .
    Regards,
    Wendy


    Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, August 5, 2016 3:02 AM
    Moderator