Share via


LDAP_SERVER_CROSSDOM_MOVE_TARGET_OID control code

The LDAP_SERVER_CROSSDOM_MOVE_TARGET_OID control is used with an extended LDAP rename function to move an LDAP object from one domain to another. The control specifies the DNS hostname of the domain controller in the destination domain.

To use this control, set the members of the LDAPControl structure as follows:

PWCHAR ldctl_oid = LDAP_SERVER_CROSSDOM_MOVE_TARGET_OID;
struct berval ldctl_value;
BOOLEAN ldctl_iscritical;

Members

ldctl_oid

Pointer to a wide, null-terminated string, LDAP_SERVER_CROSSDOM_MOVE_TARGET_OID, defined as "1.2.840.113556.1.4.521".

ldctl_value

Specifies the DNS name of the destination DC. In the berval structure, set bv_val to a pointer to an UTF-8 string that contains the DNS name, and set bv_len to the length of the string.

ldctl_iscritical

Can be TRUE or FALSE depending on whether the results of the move is critical to your application.

Remarks

The following code example shows how to use the cross-domain control with the ldap_rename_ext_s function.

ULONG LDAPCrossDom (
    LDAP *ldapConnection,
    PWCHAR  pszOldDN,       // source object DN in Unicode
    PWCHAR  pszNewRDN,      // destination object DN in Unicode
    PWCHAR  pszNewParent,   // destination object parent DN in Unicode
    PWCHAR  pszDestDomain)  // destination domain DNS name in Unicode
{
ULONG ulErr;
LDAPControl CrossDomControl;
PLDAPControl controlArray[] = { &CrossDomControl, NULL };
LPSTR pszDestDomainUTF8 = NULL;
int iDDSrclen = 0;
int iDDlen;
berval bvValue;

// Verify input parameters.
if (pszOldDN == NULL || pszNewRDN == NULL 
                     || pszNewParent == NULL
                     || pszDestDomain == NULL )
    return LDAP_PARAM_ERROR;

// Get required length of UTF-8 string buffer.
iDDSrclen = wcslen(pszDestDomain);
iDDlen = LdapUnicodeToUTF8(pszDestDomain,iDDSrclen,NULL,0);

// Check for zero length string
if (0 == iDDlen)
    return LDAP_PARAM_ERROR;

// Allocate buffer for UTF-8 string.
pszDestDomainUTF8 = (LPSTR) malloc(iDDlen+1);
if (pszDestDomainUTF8 == NULL)
    return LDAP_NO_MEMORY;

// Convert Unicode to UTF-8.
LdapUnicodeToUTF8(pszDestDomain,iDDSrclen,pszDestDomainUTF8,iDDlen+1);
pszDestDomainUTF8[iDDlen] = '\0';

// Setup control data.
bvValue.bv_val = (PCHAR) pszDestDomainUTF8;
bvValue.bv_len = iDDlen;
    
// Setup control.
CrossDomControl.ldctl_oid = LDAP_SERVER_CROSSDOM_MOVE_TARGET_OID_W;
CrossDomControl.ldctl_value = bvValue;
CrossDomControl.ldctl_iscritical = TRUE;
    
controlArray[0] = &CrossDomControl;
controlArray[1] = NULL;
    
// Rename object across domains.
ulErr = ldap_rename_ext_s(ldapConnection, 
                           pszOldDN,  
                           pszNewRDN,
                           pszNewParent,
                           TRUE,
                           controlArray, 
                           NULL);
if (LDAP_SUCCESS == ulErr)
    wprintf(L"Successful move\n");
if (NULL != pszDestDomainUTF8)
    free(pszDestDomainUTF8);

return ulErr;
}

Note

The user application must have the proper directory service access rights to successfully use this control. The user application must have permission to delete objects in the source domain and create objects in the destination domain.

Requirements

Minimum supported client
Windows Vista
Minimum supported server
Windows Server 2008
Header
Ntldap.h

See also

ldap_rename_ext_s

Using Controls