Calling NetrLogonSamLogoff

The client MUST do the following:

  • Have a secure channel established with a domain controller in the domain identified by domain-name, and pass its name as the LogonServer parameter.

  • Pass the client name as the ComputerName parameter.

  • Pass a valid client Netlogon authenticator as the Authenticator parameter.

After the method returns, the client MUST verify the ReturnAuthenticator as described in section

On receiving STATUS_ACCESS_DENIED, the client SHOULD reestablish the secure channel with the DC.<138>