The Security Account Manager (SAM) Remote Protocol (Client-to-Server) provides management functionality for an account store or directory containing users and groups. The goal of this protocol is to enable IT administrators and end users to manage users, groups, and computers.
SAM Remote Protocol specifies the behavior for both local and remote domains by using the Active Directory data model as a common data model for both scenarios. SAM Remote Protocol also specifies the differences in behavior between these two scenarios.
Sections 1.5, 1.8, 1.9, 2, and 3 of this specification are normative. All other sections and examples in this specification are informative.