SMB header

typedef unsigned char UCHAR;          // 8 unsigned bits
typedef unsigned short USHORT;        // 16 unsigned bits
typedef unsigned long ULONG;          // 32 unsigned bits

typedef struct {
    ULONG LowPart;
    LONG HighPart;
} LARGE_INTEGER;                      // 64 bits of data

typedef struct  {
    UCHAR Protocol[4];                // Contains 0xFF,'SMB'
    UCHAR Command;                    // Command code
    union {
        struct {
            UCHAR ErrorClass;         // Error class
            UCHAR Reserved;           // Reserved for future use
            USHORT Error;             // Error code
        } DosError;
        ULONG Status;                 // 32-bit error code
    } Status;
    UCHAR Flags;                      // Flags
    USHORT Flags2;                    // More flags
    union {
        USHORT Pad[6];                // Ensure this section is 12 bytes long
        struct {
            USHORT PidHigh;           // High part of PID
            ULONG  Unused;            // Not used
            ULONG  Unused2;
    } Extra;
    };
    USHORT Tid;                       // Tree identifier
    USHORT Pid;                       // Caller's process id
    USHORT Uid;                       // Unauthenticated user id
    USHORT Mid;                       // multiplex id
    UCHAR  WordCount;                 // Count of parameter words
    USHORT ParameterWords[ WordCount ];    // The parameter words
    USHORT ByteCount;                 // Count of bytes
    UCHAR  Buffer[ ByteCount ];       // The bytes
} SMB_HEADER;

All SMBs have identical format up to the ParameterWords fields.
Different SMBs have a different number and interpretation of ParameterWords and Buffer. All reserved fields in the SMB header must be zero.

Command is the operation code which this SMB is requesting, or responding to.
Status.DosError.ErrorClass and Status.DosError.Error are set by the server and combine to give the error code of any failed server operation. If the client is capable of receiving 32 bit error returns, the status is returned in status.status instead. When an error is returned, the server may choose to return only the header portion of the response SMB.
Flags and Flags2 contain bits which, depending on the negotiated protocol dialect, indicate various client capabilities.
PidHigh is used in the NtCreateAndX request SMB
Tid identifies the subdirectory, or "tree", on the server which the client is accessing. SMBs which do not reference a particular tree should set Tid to 0xFFFF.
Pid is the caller's process id, and is generated by the client to uniquely identify a process within the client computer.
Mid is reserved for multiplexing multiple messages on a single transport connection. A response message will always contain the same value as the corresponding request message. The client MUST not have multiple outstanding requests to a server with the same Mid.