3.1.9 Domain Controller Time Source Initialization
The client initializes the Trusted Domain abstract data model element by calling the NetrLogonGetTimeServiceParentDomain method (as specified in [MS-NRPC] section 3.5.4.8.6) with the following input parameters:
ServerName MUST be set to NULL.
Upon successful completion, the output parameter DomainName contains the name of a trusted domain in which a secure connection can be established between the client and server.
The client initializes the RID element by calling the NetrLogonGetTrustRid method (as specified in [MS-NRPC] section 3.5.4.8.1) with the following input parameters:
ServerName MUST be set to NULL.
DomainName MUST be set to the value of the Trusted Domain element.
Upon successful completion, the output parameter Rid contains the RID that uniquely identifies a trusted account.
The client initializes the IsLastIncomingResponseAuthenticated abstract data model element to true and initializes the Key Selector abstract data model element to zero. If the selected DC has a DC functional level of DS_BEHAVIOR_WIN2012 or greater (as specified in [MS-ADTS] section 6.1.4.2), then the ExtendedAuthenticatorSupported ADM element MUST be set to true; otherwise it MUST be set to false.<17>