3.5.4.8.6 NetrLogonGetTimeServiceParentDomain (Opnum 35)

The NetrLogonGetTimeServiceParentDomain method SHOULD<244> return the name of the parent domain of the current domain. The domain name returned by this method is suitable for passing into the NetrLogonGetTrustRid method and NetrLogonComputeClientDigest method.

 NET_API_STATUS NetrLogonGetTimeServiceParentDomain(
   [in, unique, string] LOGONSRV_HANDLE ServerName,
   [out, string] wchar_t** DomainName,
   [out] int* PdcSameSite
 );

ServerName: The custom binding handle, as defined in section 3.5.4.1.

DomainName: A pointer to the buffer that receives the null-terminated Unicode string that contains the name of the parent domain. If the DNS domain name is available, it is returned through this parameter; otherwise, the NetBIOS domain name is returned.

PdcSameSite: A pointer to the integer that receives the value that indicates whether the PDC for the domain DomainName is in the same site as the server specified by ServerName. The Netlogon client ignores this value if ServerName is not a domain controller.

Value

Meaning

False

0

The PDC is not in the same site as the server specified by ServerName.

True

1

The PDC is in the same site as the server specified by ServerName.

Return Values: The method returns 0x00000000 on success; otherwise, it returns a nonzero error code.

The server SHOULD<245> return ERROR_ACCESS_DENIED if the caller is not local.

If the client does not have sufficient privilege, the server MUST return ERROR_ACCESS_DENIED.

The domain name returned MUST be determined according to the following rules:

  • On a non-DC machine, the returned domain name is the name of the domain of which the ServerName is a member. If ServerName is not valid, the server MUST return ERROR_INVALID_COMPUTERNAME.

  • On a DC that is at the root of the forest, rootDomainNamingContext ([MS-ADTS] section 3.1.1.3.2.16) is equal to defaultNamingContext ([MS-ADTS] section 3.1.1.3.2.3). In this case, ERROR_NO_SUCH_DOMAIN is returned.

  • On a DC that is at the root of a domain tree in the forest, the name of a trusted domain that is also at the root of a domain tree in the forest is returned.

On any other DC, the name of the domain that is directly the parent domain is returned.

The domain's information MUST be retrieved from an implementation-specific directory. Based on this retrieved information, if the domain has a DNS domain name, it MUST be returned; otherwise, the NetBIOS domain name MUST be returned. This behavior is functionally equivalent to locally invoking LsarQueryTrustedDomainInfo ([MS-LSAD] section 3.1.4.7.2) for the domain, where TrustedDomainSid is the domain SID corresponding to the appropriate domain name retrieved from a cached list, and InformationClass is TrustedDomainInformationEx (policy handle is not needed locally), to return the TrustedDomainInformationEx.Name string (DNS name) if it is present or TrustedDomainInformationEx.Flat Name string (NetBIOS name) otherwise.

The PdcSameSite returned MUST be determined according to the following rules:

  • On a non-DC machine, the value of PdcSameSite is set to TRUE.

  • On a DC machine, the server determines the PDC as specified in [MS-ADTS] section 3.1.1.1.11. Then the server determines the sites of both the server and PDC as specified in [MS-ADTS] section 3.1.1.4.5.29. The server MUST compare the PDC site with its own site, and if the two match, the PdcSameSite output parameter MUST be set to TRUE; otherwise, it MUST be set to FALSE.