1.7 Versioning and Capability Negotiation

Supported Transports

The client locator communicates with the master locator using the RPC over Server Message Block (SMB) Protocol sequence (ncacn_np). For more information, see section 2.1.

The client locator uses the Remote Mailslot Protocol [MS-MAIL] to discover master locators. For more information, see section 3.3.1.4.3.

The master locator uses the Remote Mailslot Protocol [MS-MAIL] to broadcast requests to server locators and receive their responses. For more information, see section 3.4.1.5.

When operating on a domain-joined computer, the locator uses the LDAP protocol to issue queries and updates to Active Directory in its domain. For more information, see sections 3.2.2.4 and 3.3.2.4.

Capability Negotiation<1>

Protocol version: This protocol's RPC interface has a single version number of 1.0. The RPC versioning and capability negotiation in this situation is as specified in [C706] and in [MS-RPCE] section 1.7.

Security and Authentication Methods

RPC interfaces: The RPC interfaces defined by these extensions use the default security settings for RPC over SMB and do not register any additional security providers ([MS-RPCE] section 3.3.3.3). Default security is used for the RPC interfaces of these extensions. More information on security used by the RPC is specified in [MS-RPCE].

LDAP: When binding through LDAP, the Generic Security Services-Simple and Protected Generic Security Service Application Program Interface Negotiation Mechanism (GSS-SPNEGO) profile for Simple Authentication and Security Layer (SASL) is selected. The GSS-SPNEGO profile uses an implementation specified in [RFC4178] and will result in an actual security mechanism being selected. Typically, this mechanism is Kerberos [RFC4120], but others are possible. If the GSS-Kerberos profile is selected, then Kerberos is used. If Kerberos is used, then the name passed in for authentication is "LDAP/hostname-of-ldap-server". For more information on LDAP, see [MS-ADTS].