DOMAIN_CONTROLLER_INFO flags attribute
本文关键字:attribute flags CONTROLLER DOMAIN INFO | 更新日期: 2023-09-27 18:11:19
当我使用函数DsGetDcName
时,我得到一个指向对象的指针,之后我转换为结构"DOMAIN_CONTROLLER_INFO"(使用Marshal.PtrToStructure)。
当我调用函数DSGetDCName
时,我的DC是RODC,我在DOMAIN_CONTROLLER_INFO中得到以下标志值:3758156028。
当我调用函数DSGetDCName
时,我的DC是可写的,我在DOMAIN_CONTROLLER_INFO中得到以下标志值:3758158717。
谁能告诉我3758156028和3758158717值之间的区别是什么?
这些标志在头文件DsGetDC.h中定义,该文件可以在Windows SDK中找到。
以下值来自V7.1A SDK:
#define DS_PDC_FLAG 0x00000001 // DC is PDC of Domain
#define DS_GC_FLAG 0x00000004 // DC is a GC of forest
#define DS_LDAP_FLAG 0x00000008 // Server supports an LDAP server
#define DS_DS_FLAG 0x00000010 // DC supports a DS and is a Domain Controller
#define DS_KDC_FLAG 0x00000020 // DC is running KDC service
#define DS_TIMESERV_FLAG 0x00000040 // DC is running time service
#define DS_CLOSEST_FLAG 0x00000080 // DC is in closest site to client
#define DS_WRITABLE_FLAG 0x00000100 // DC has a writable DS
#define DS_GOOD_TIMESERV_FLAG 0x00000200 // DC is running time service (and has clock hardware)
#define DS_NDNC_FLAG 0x00000400 // DomainName is non-domain NC serviced by the LDAP server
#define DS_SELECT_SECRET_DOMAIN_6_FLAG 0x00000800 // DC has some secrets
#define DS_FULL_SECRET_DOMAIN_6_FLAG 0x00001000 // DC has all secrets
#define DS_WS_FLAG 0x00002000 // DC is running web service
#define DS_PING_FLAGS 0x000FFFFF // Flags returned on ping
#define DS_DNS_CONTROLLER_FLAG 0x20000000 // DomainControllerName is a DNS name
#define DS_DNS_DOMAIN_FLAG 0x40000000 // DomainName is a DNS name
#define DS_DNS_FOREST_FLAG 0x80000000 // DnsForestName is a DNS name
您的数字3758156028
是十六进制:E000E8FC
您的号码3758158717
是十六进制:E000F37D
不同之处在于标记如下表所示,其中x表示该位已设置:
flag | E000E8FC | E000F37D |
-------------------------------------------------------------------------------------------------------
DS_PDC_FLAG 0x00000001 | | x | // DC is PDC of Domain
DS_GC_FLAG 0x00000004 | x | x | // DC is a GC of forest
DS_LDAP_FLAG 0x00000008 | x | x | // Server supports an LDAP server
DS_DS_FLAG 0x00000010 | x | x | // DC supports a DS and is a Domain Controller
DS_KDC_FLAG 0x00000020 | x | x | // DC is running KDC service
DS_TIMESERV_FLAG 0x00000040 | x | x | // DC is running time service
DS_CLOSEST_FLAG 0x00000080 | x | | // DC is in closest site to client
DS_WRITABLE_FLAG 0x00000100 | | x | // DC has a writable DS
DS_GOOD_TIMESERV_FLAG 0x00000200 | | x | // DC is running time service (and has clock hardware)
DS_NDNC_FLAG 0x00000400 | | | // DomainName is non-domain NC serviced by the LDAP server
DS_SELECT_SECRET_6 0x00000800 | x | | // DC has some secrets
DS_FULL_SECRET_6 0x00001000 | | x | // DC has all secrets
DS_WS_FLAG 0x00002000 | x | x | // DC is running web service
?????????? 0x00004000 | x | x | // ?
?????????? 0x00008000 | x | x | // ?
DS_PING_FLAGS 0x000FFFFF | | | // Flags returned on ping
DS_DNS_CONTROLLER_FLAG 0x20000000 | x | x | // DomainControllerName is a DNS name
DS_DNS_DOMAIN_FLAG 0x40000000 | x | x | // DomainName is a DNS name
DS_DNS_FOREST_FLAG 0x80000000 | x | x | // DnsForestName is a DNS name
测试你的域名标志是否可写,你可以这样做:
const uint DS_WRITABLE_FLAG = 0x00000100;
uint flag = 3758158717;
bool isWriteable = ((flag & DS_WRITABLE_FLAG) == DS_WRITABLE_FLAG);
isWriteable.Dump();
在LINQPad