DsClientMakeSpnForTargetServerA function (ntdsapi.h)
The DsClientMakeSpnForTargetServer function constructs a service principal name (SPN) that identifies a specific server to use for authentication.
Syntax
NTDSAPI DWORD DsClientMakeSpnForTargetServerA(
[in] LPCSTR ServiceClass,
[in] LPCSTR ServiceName,
[in, out] DWORD *pcSpnLength,
[out] LPSTR pszSpn
);
Parameters
[in] ServiceClass
Pointer to a null-terminated string that contains the class of the service as defined by the service. This can be any string unique to the service.
[in] ServiceName
Pointer to a null-terminated string that contains the distinguished name service (DNS) host name. This can either be a fully qualified name or an IP address in the Internet standard format.
Use of an IP address for ServiceName is not recommended because this can create a security issue. Before the SPN is constructed, the IP address must be translated to a computer name through DNS name resolution. It is possible for the DNS name resolution to be spoofed, replacing the intended computer name with an unauthorized computer name.
[in, out] pcSpnLength
Pointer to a DWORD value that, on entry, contains the size of the pszSpn buffer, in characters. On output, this parameter receives the number of characters copied to the pszSpn buffer, including the terminating NULL.
[out] pszSpn
Pointer to a string buffer that receives the SPN.
Return value
This function returns standard Windows error codes.
Remarks
When using this function, supply the service class and part of a DNS host name.
This function is a simplified version of the DsMakeSpn function. The ServiceName is made canonical by resolving through DNS.
GUID-based DNS names are not supported. When constructed, the simplified SPN is as follows:
ServiceClass / ServiceName / ServiceName
The instance name portion (second position) is always set to default. The port and referrer fields are not used.
Note
The ntdsapi.h header defines DsClientMakeSpnForTargetServer as an alias which automatically selects the ANSI or Unicode version of this function based on the definition of the UNICODE preprocessor constant. Mixing usage of the encoding-neutral alias with code that not encoding-neutral can lead to mismatches that result in compilation or runtime errors. For more information, see Conventions for Function Prototypes.
Requirements
Requirement | Value |
---|---|
Minimum supported client | Windows Vista |
Minimum supported server | Windows Server 2008 |
Target Platform | Windows |
Header | ntdsapi.h |
Library | Ntdsapi.lib |
DLL | Ntdsapi.dll |