Edit

I_NetLogonControl2 function (lmaccess.h)

  • Article

The I_NetLogonControl2 function controls various aspects of the Netlogon service.

Syntax

NET_API_STATUS NET_API_FUNCTION I_NetLogonControl2(
  [in, optional] LPCWSTR ServerName,
  [in]           DWORD   FunctionCode,
  [in]           DWORD   QueryLevel,
  [in]           LPBYTE  Data,
  [out]          LPBYTE  *Buffer
);

Parameters

[in, optional] ServerName

The name of the remote server.

[in] FunctionCode

The operation to be performed. This value can be one of the following.

Value Meaning
NETLOGON_CONTROL_QUERY
1
 No operation. Returns only the requested information.
NETLOGON_CONTROL_REPLICATE
2
 Forces the security account manager (SAM) database on a backup domain controller (BDC) to be brought in sync with the copy on the primary domain controller (PDC). This operation does not imply a full synchronize. The Netlogon service replicates any outstanding differences if possible.
NETLOGON_CONTROL_SYNCHRONIZE
3
 Forces a BDC to get a new copy of the SAM database from the PDC. This operation performs a full synchronize.
NETLOGON_CONTROL_PDC_REPLICATE
4
 Forces a PDC to ask for each BDC to replicate now.
NETLOGON_CONTROL_REDISCOVER
5
 Forces a domain controller (DC) to rediscover the specified trusted domain DC.
NETLOGON_CONTROL_TC_QUERY
6
 Queries the secure channel, requesting a status update about its last usage.
NETLOGON_CONTROL_TC_VERIFY
10
 Verifies the current status of the specified trusted domain secure channel. If the status indicates success, the domain controller is pinged. If the status or the ping indicates failure, a new trusted domain controller is rediscovered.
NETLOGON_CONTROL_CHANGE_PASSWORD
9
 Forces a password change on a secure channel to a trusted domain.
NETLOGON_CONTROL_FORCE_DNS_REG
11
 Forces the domain controller to re-register all of its DNS records. The QueryLevel parameter must be set to 1.
NETLOGON_CONTROL_QUERY_DNS_REG
12
 Issues a query requesting the status of DNS updates performed by the Netlogon service. If any DNS registration or deregistration errors occurred on the last update, the result is negative. The QueryLevel parameter must be set to 1.

[in] QueryLevel

Indicates what information should be returned from the Netlogon service. This value can be any of the following structures.

NETLOGON_INFO_1 (1)

NETLOGON_INFO_2 (2)

NETLOGON_INFO_3 (3)

NETLOGON_INFO_4 (4)

[in] Data

Carries input data that depends on the value specified in the FunctionCode parameter. The NETLOGON_CONTROL_REDISCOVER and NETLOGON_CONTROL_TC_QUERY function codes specify the trusted domain name (the data type is LPWSTR *).

[out] Buffer

Returns a pointer to a buffer that contains the requested information in the structure passed in the QueryLevel parameter.

The buffer must be freed using NetApiBufferFree.

Return value

The method returns 0x00000000 (NERR_Success) on success; otherwise, it returns a nonzero error code defined in Lmerr.h or Winerror.h. NET_API_STATUS error codes begin with the value 0x00000834. For more information about network management error codes, see Network_Management_Error_Codes. The following table describes possible return values.

Return code/value Description
NERR_Success
0x00000000
 The method call completed without errors.
ERROR_ACCESS_DENIED
0x00000005
 Access validation on the caller returns false. Access is denied.
ERROR_NOT_ENOUGH_MEMORY
0x00000008
 Not enough storage is available to process this command.
ERROR_NOT_SUPPORTED
0x00000032
 A function code is not valid on the specified server. For example, NETLOGON_CONTROL_REPLICATE might have been passed to a primary domain controller (PDC).
ERROR_INVALID_PARAMETER
0x00000057
 A parameter is incorrect.
ERROR_INVALID_LEVEL
0x0000007C
 The query call level is not correct.
ERROR_SERVICE_NOT_ACTIVE
0x000004261210121
 The service has not been started.
ERROR_INVALID_COMPUTERNAME
0x000004BA
 The format of the specified computer name is invalid.
ERROR_NO_LOGON_SERVERS
0x0000051F
 There are currently no logon servers available to service the logon request.
ERROR_INVALID_DOMAIN_ROLE
0x0000054A
 Password change for an interdomain trust account was attempted on a backup domain controller (BDC). This operation is only allowed for the PDC of the domain.
ERROR_NO_SUCH_DOMAIN
0x0000054B
 The specified domain either does not exist or could not be contacted.
NERR_UserNotFound
0x000008AD
 The user name could not be found.

Remarks

This function can be used to request that a BDC ensure that its copy of the SAM database is brought up-to-date. It can also be used to determine if a BDC currently has a secure channel open to the PDC.

Requirements

Requirement Value
Target Platform Windows
Header lmaccess.h
Library Netapi32.lib
DLL Netapi32.dll

See also

NETLOGON_INFO_1

NETLOGON_INFO_2

NETLOGON_INFO_3

NETLOGON_INFO_4