Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The client calling this method MUST be a backup ___domain controller (BDC) or read-only ___domain controller (RODC). The client MUST do the following:
Have a secure channel established with a ___domain controller in the ___domain identified by ___domain-name and pass its name as the PrimaryName parameter.
Encrypt the OpaqueBuffer parameter using the negotiated encryption algorithm (determined by bits C, O, or W, respectively, in the NegotiateFlags member of the ServerSessionInfo table entry for PrimaryName) and the session key established as the encryption key.
Pass a valid client Netlogon authenticator as the Authenticator parameter.
After the method returns, the client SHOULD<126> verify the ReturnAuthenticator, as defined in section 3.1.4.5.
For details about how the OpaqueBuffer parameter is used, see [MS-SAMS].