Was this page helpful?
Your feedback about this content is important. Let us know what you think.
Additional feedback?
1500 characters remaining
Export (0) Print
Expand All

3.5.4.4.11 NetrChainSetClientAttributes (Opnum 49)

When an RODC receives either the NetrServerAuthenticate3 method or the NetrLogonGetDomainInfo method with updates requested, it invokes this method on a normal (writable) DC to update to a client's computer account object in Active Directory.<262><263>

NTSTATUS NetrChainSetClientAttributes(
  [in, string, ref] LOGONSRV_HANDLE PrimaryName,
  [in, string, ref] wchar_t* ChainedFromServerName,
  [in, string, ref] wchar_t* ChainedForClientName,
  [in, ref] PNETLOGON_AUTHENTICATOR Authenticator,
  [in, out, ref] PNETLOGON_AUTHENTICATOR ReturnAuthenticator,
  [in] DWORD dwInVersion,
  [in, ref] [switch_is(dwInVersion)] 
    NL_IN_CHAIN_SET_CLIENT_ATTRIBUTES* pmsgIn,
  [in, out, ref] DWORD* pdwOutVersion,
  [in, out, ref] [switch_is(*pdwOutVersion)] 
    NL_OUT_CHAIN_SET_CLIENT_ATTRIBUTES* pmsgOut
);

PrimaryName: The custom RPC binding handle, as specified in section 3.5.4.1.

ChainedFromServerName: The null-terminated Unicode string that contains the name of the read-only DC that issues the request.

ChainedForClientName: The null-terminated Unicode string that contains the name of the client computer that called NetrServerAuthenticate3 or NetrLogonGetDomainInfo on the RODC.

Authenticator: A pointer to a NETLOGON_AUTHENTICATOR structure that contains the client authenticator.

ReturnAuthenticator: A pointer to a NETLOGON_AUTHENTICATOR structure that contains the server return authenticator.

dwInVersion: One of the NL_IN_CHAIN_SET_CLIENT_ATTRIBUTES union types selected based on the value of the pmsgIn field. The value MUST be 1.

pmsgIn: A pointer to an NL_IN_CHAIN_SET_CLIENT_ATTRIBUTES_V1 structure that contains the values to update on the client's computer account object in Active Directory on the normal (writable) DC.

pdwOutVersion: A pointer to one of the NL_OUT_CHAIN_SET_CLIENT_ATTRIBUTES union types selected based on the value of the pmsgIn field. The value MUST be 1.

pmsgOut: A pointer to an NL_OUT_CHAIN_SET_CLIENT_ATTRIBUTES_V1 structure that contains information on the client workstation and the writable domain controller. For how it is populated by the server, see below.

Return Values: The method returns 0x00000000 on success.

On receiving this call, the normal (writable) DC MUST perform the following validation steps.

  • Verify that the server is a normal (writable) DC machine; otherwise, the server MUST return STATUS_NOT_SUPPORTED.<264>

  • Verify that the dwInVersion parameter is set to 1. All other values are invalid and STATUS_NOT_SUPPORTED MUST be returned.

  • Verify that the pdwOutVersion parameter is set to 1. All other values are invalid and STATUS_NOT_SUPPORTED MUST be returned.

  • Verify that the Authenticator passed, and compute the ReturnAuthenticator, as specified in section 3.1.4.5. If the Authenticator verification fails, the server MUST return STATUS_ACCESS_DENIED.<265>

The return structure MUST be generated as follows:

  • NL_OUT_CHAIN_SET_CLIENT_ATTRIBUTES.HubName MUST be set to the NetBIOS name of the writable domain controller.

  • If NL_OUT_CHAIN_SET_CLIENT_ATTRIBUTES.OldDnsHostName is not NULL, it MUST be set to the client's DNS host name, if any. If there was a change in domain naming, this value holds the previous DNS host name.

  • If NL_OUT_CHAIN_SET_CLIENT_ATTRIBUTES.SupportedEncTypes is not NULL, it MUST be set to the supported encryption algorithms.

 
Show:
© 2015 Microsoft