3.4.5.2.10 Calling NetrLogonGetCapabilities

The client SHOULD<93> do the following:

After the method returns, the client MUST verify the ReturnAuthenticator (section 3.1.4.5) and compare the received Capabilities with the negotiated flags of the current secure channel. If the negotiated flags do not match, then the client SHOULD<94> re-establish the secure channel with the DC.

Upon receiving STATUS_NOT_IMPLEMENTED, the client MUST treat this as successful confirmation that the DC does not support AES [FIPS197].<95>

On receiving STATUS_ACCESS_DENIED, the client SHOULD<96> re-establish the secure channel with the DC.

Show: