188.8.131.52.10 DsrDeregisterDnsHostRecords (Opnum 41)
The DsrDeregisterDnsHostRecords method<237> deletes all of the DNS SRV records registered by a specified domain controller. For the list of SRV records that a domain registers, see [MS-ADTS] section 184.108.40.206, "SRV Records Registered by DC".
NET_API_STATUS DsrDeregisterDnsHostRecords( [in, unique, string] LOGONSRV_HANDLE ServerName, [in, unique, string] wchar_t* DnsDomainName, [in, unique] GUID* DomainGuid, [in, unique] GUID* DsaGuid, [in, string] wchar_t* DnsHostName );
DomainGuid: A pointer to the domain GUID. If the value is not NULL, the DNS SRV record of type _ldap._tcp.DomainGuid.domains._msdcs.DnsDomainName is also deregistered.
DsaGuid: A pointer to the objectGUID of the DC's NTDSDSA object. For details about the NTDSDSA object, see [MS-ADTS] section 220.127.116.11.18.104.22.168.1. If the value is not NULL, the CNAME [RFC1035] record of the domain in the form of DsaGuid._msdcs.DnsDomainName is also deregistered.
DnsHostName: A null-terminated Unicode string that specifies the fully qualified domain name (FQDN) (1) of the DC whose records are being deregistered.
Return Values: The method returns 0x00000000 on success; otherwise, it returns a nonzero error code.<238>
The server SHOULD determine if the client has sufficient privileges (as described in section 22.214.171.124) with the Access Request mask set to the NETLOGON_CONTROL_ACCESS mask.
If the client does not have sufficient privilege, the server MUST return ERROR_ACCESS_DENIED.
If the DnsHostName parameter is not null, the server MUST attempt to delete the DNS SRV records registered for the DC DnsHostName, as specified in [MS-ADTS] section 126.96.36.199.
If the DomainGuid parameter is not null, then the server MUST attempt to delete the domain-GUID-based SRV record.
If the DsaGuid parameter is not null, then the server MUST attempt to delete the domain CNAME record.
The deletion of site-specific records MUST be attempted for every site in the enterprise of the DC on which the method is executed.
Unless stated otherwise, if the attempt to delete any records documented above fails for any reason, then the server MUST ignore the error and continue message processing.
It is possible that this method call will create a time-consuming run that can generate significant network traffic for enterprises with many sites.