Share via

2.2.1 DN Discovery

  • Article

DN Discovery uses the DRS Remote Protocol, as specified in [MS-DRSR]. The message syntax of the traffic the query generates is specified in [MS-DRSR] section 4.1.4 for the remote procedure call (RPC) method, DRSCrackNames. The Group Policy client makes the call to the Group Policy server with the dwInVersion set to 1 with a DRS_MSG_CRACKREQ pMsgIn structure parameter that passes in the specified account name in the format DS_NT4_ACCOUNT_NAME, as specified in [MS-DRSR] section 4.1.4.1.3. As specified in [MS-DRSR], the method returns a code of 0 if it is successful with a DRS_MSG_CRACKREPLY structure that contains a DS_NAME_RESULTW structure, which in turn contains an array of DS_NAME_RESULT_ITEMW structures, each of which corresponds to a requested name. Inside each DS_NAME_RESULT_ITEMW structure is a pName field that contains the fully qualified distinguished name in Unicode format for the corresponding requested account.

The detailed specification of the pMsgIn parameter is as follows.

 Field

 Value

CodePage

MUST be set to 0.

LocaleId

MUST be set to 0.

dwFlags

MUST be set to 0.

formatOffered

2

Note In this DRS_MSG_CRACKREQ structure sent by the client to the Group Policy server, one of the elements in the rpNames parameter MUST be of the form DS_NT4_ACCOUNT_NAME, as specified in [MS-DRSR] section 4.1.4.1.3. Any or all other formats specified in [MS-DRSR] section 4.1.4.1.3 can also be included. These other optional formats can be ignored by Group Policy: Core Protocol implementations.

formatDesired

1

Note According to the syntax specified in [MS-DRSR] section 4.1.4.1.3, if one of the elements in the rpNames parameter is a valid account name of the form DS_NT4_ACCOUNT_NAME, then the implementation of DRSCrackNames MUST return a fully qualified distinguished name in the corresponding DS_NAME_RESULT_ITEMW structure inside the DS_NAME_RESULTW structure that this method returns when it completes successfully. If, however, formatDesired is set to a value other than 1, the implementation MUST return DS_NAME_ERROR_NO_MAPPING in every DS_NAME_RESULT_ITEMW structure in rItems.<1>

cNames

MUST be greater than or equal to 1.

rpNames

At least one of the names in the rpNames array MUST contain the account name to be cracked, in the DS_NT4_ACCOUNT_NAME format.

Protocol details of this RPC method are specified in [MS-DRSR] section 4.1.4.

Note The DSR Remote Protocol, as specified in [MS-DRSR], itself supports caching the results of this message, so this message might not always appear in the protocol sequence for policy application.