Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The client calling this method MUST be a backup ___domain controller (BDC). The client MUST do the following:
Have a secure channel established with a ___domain controller in the ___domain identified by ___domain-name and pass its name as the ServerName parameter.
Pass a valid client Netlogon authenticator as the Authenticator parameter.
The client MUST decrypt the EncryptedNtOwfPassword return parameter that was encrypted (as specified in [MS-SAMR] section 2.2.11.1.1) with the Session-Key for the secure channel as the specified key.
After the method returns, the client MUST verify the ReturnAuthenticator, as defined in section 3.1.4.5.
On receiving STATUS_ACCESS_DENIED, the client SHOULD<104> reestablish the secure channel with the ___domain controller.