3.5.4.3.10 DsrDeregisterDnsHostRecords (Opnum 41)

  • Article

The DsrDeregisterDnsHostRecords method SHOULD<169> delete all of the DNS SRV records registered by a specified domain controller. For the list of SRV records that a domain registers, see [MS-ADTS] section 6.3.2.3, "SRV Records Registered by DC". 

 NET_API_STATUS DsrDeregisterDnsHostRecords(
   [in, unique, string] LOGONSRV_HANDLE ServerName,
   [in, unique, string] wchar_t* DnsDomainName,
   [in, unique] GUID* DomainGuid,
   [in, unique] GUID* DsaGuid,
   [in, string] wchar_t* DnsHostName
 );

ServerName: The custom binding handle, as defined in section 3.5.4.1, that represents the connection to the DC.

DnsDomainName: A null-terminated Unicode string that specifies the FQDN.

DomainGuid: A pointer to the domain GUID. If the value is not NULL, the DNS SRV record of type _ldap._tcp.DomainGuid.domains._msdcs.DnsDomainName is also deregistered.

DsaGuid: A pointer to the objectGUID of the DC's NTDSDSA object. For details about the NTDSDSA object, see [MS-ADTS] section 6.1.1.2.2.1.2.1.1. If the value is not NULL, the CNAME [RFC1035] record of the domain in the form of DsaGuid._msdcs.DnsDomainName is also deregistered.

DnsHostName: A null-terminated Unicode string that specifies the FQDN of the DC whose records are being deregistered.

Return Values: The method returns 0x00000000 on success; otherwise, it SHOULD return the following error code.

Return Value/Code

Description

0x00000032

ERROR_NOT_SUPPORTED

The request is not supported. This error value is returned when DsrDeregisterDnsHostRecords is called on a machine that is not a DC.

The server determines if the client has sufficient privileges (as specified in section 3.5.4.2) with the Access Request mask set to the NETLOGON_CONTROL_ACCESS mask.

If the client does not have sufficient privilege, the server MUST return ERROR_ACCESS_DENIED.

If the DnsHostName parameter is not null, the server MUST attempt to delete the DNS SRV records registered for the DC DnsHostName, as specified in [MS-ADTS] section 6.3.2.3.

If the DomainGuid parameter is not null, then the server MUST attempt to delete the domain-GUID-based SRV record.

If the DsaGuid parameter is not null, then the server MUST attempt to delete the domain CNAME record.

The deletion of site-specific records MUST be attempted for every site in the enterprise of the DC on which the method is executed.

Unless stated otherwise, if the attempt to delete any records documented previously fails for any reason, then the server MUST ignore the error and continue message processing.

It is possible that this method call will create a time-consuming run that generates significant network traffic for enterprises with many sites.