3.2.4.13.1 Common Message Processing

  • Article

The following statements pertain to all message processing:

  • The server (2) MUST ignore any flags set in the Options parameter that it does not support.<67><68><69>

  • Unless otherwise noted, if the server encounters an error during message processing, the following actions are specified:

    • The server SHOULD revert any state changes made.

    • The server MUST stop message processing.

    • The server MUST return the error to the caller.

The following ordered statements specify the sequence of message processing operations:

  1. The server MUST retrieve the RPC protocol sequence used for the current call ([MS-RPCE] section 3.1.3.4.1), specifying the server binding handle maintained by the RPC runtime ([C706] section 6.2.1). If that RPC protocol sequence is not NCACN_NP, the server SHOULD return RPC_S_PROTSEQ_NOT_SUPPORTED.<70>

  2. The server MUST check that the caller has been granted access rights using the algorithm in the Access Control Abstract Data Model (section 3.2.1.1), with Access Request mask initialized to WKSTA_NETAPI_CHANGE_CONFIG; if not, the server MUST return ERROR_ACCESS_DENIED.

  3. If Password is NULL, PasswordString MUST be NULL. Otherwise, the server MUST decrypt and decode the Password (section 2.2.5.18). PasswordString MUST be equal to the decrypted and decoded value. The decrypted buffer is represented as JOINPR_USER_PASSWORD (section 2.2.5.17). The value of the Length member MUST be less than 513; otherwise, message processing is stopped, and the server MUST return ERROR_INVALID_PASSWORD.

  4. The server MUST impersonate the client by invoking the StartImpersonatingClient task (section 3.2.4.29.6). If this operation fails, the server MUST return an error.

  5. If the value of the DomainNameParam parameter is NULL, the server MUST stop message processing and return ERROR_INVALID_PARAMETER. Otherwise, message processing continues.

  6. The server SHOULD return ERROR_NOT_SUPPORTED if the server does not support processing of this message.<71>

  7. If the server that is processing the message is a domain controller, the server MUST stop message processing and return NERR_SetupDomainController. Otherwise, message processing continues.

  8. If Options does not have the NETSETUP_JOIN_DOMAIN bit set, the server MUST continue processing this message (section 3.2.4.13.4); otherwise, the server MUST process the message (section 3.2.4.13.3).