当我使用函数DsGetDcName时,我得到一个指向对象的指针,之后我转换为结构“DOMAIN_CONTROLLER_INFO”(使用Marshal.PtrToStructure)。
当我的DC是RODC时,当我调用函数DSGetDCName时,我在DOMAIN_CONTROLLER_INFO中得到以下标志值:3758156028。
当我的DC可写时,当我调用函数DSGetDCName时,我在DOMAIN_CONTROLLER_INFO中得到以下标志值:3758158717。
任何人都可以解释一下3758156028和3758158717之间的区别是什么?
答案 0 :(得分:1)
这些标志在头文件DsGetDC.h中定义,可以在Windows SDK中找到。
以下值来自V7.1A SDK:
#define DS_PDC_FLAG 0x00000001 // DC is PDC of Domain
#define DS_GC_FLAG 0x00000004 // DC is a GC of forest
#define DS_LDAP_FLAG 0x00000008 // Server supports an LDAP server
#define DS_DS_FLAG 0x00000010 // DC supports a DS and is a Domain Controller
#define DS_KDC_FLAG 0x00000020 // DC is running KDC service
#define DS_TIMESERV_FLAG 0x00000040 // DC is running time service
#define DS_CLOSEST_FLAG 0x00000080 // DC is in closest site to client
#define DS_WRITABLE_FLAG 0x00000100 // DC has a writable DS
#define DS_GOOD_TIMESERV_FLAG 0x00000200 // DC is running time service (and has clock hardware)
#define DS_NDNC_FLAG 0x00000400 // DomainName is non-domain NC serviced by the LDAP server
#define DS_SELECT_SECRET_DOMAIN_6_FLAG 0x00000800 // DC has some secrets
#define DS_FULL_SECRET_DOMAIN_6_FLAG 0x00001000 // DC has all secrets
#define DS_WS_FLAG 0x00002000 // DC is running web service
#define DS_PING_FLAGS 0x000FFFFF // Flags returned on ping
#define DS_DNS_CONTROLLER_FLAG 0x20000000 // DomainControllerName is a DNS name
#define DS_DNS_DOMAIN_FLAG 0x40000000 // DomainName is a DNS name
#define DS_DNS_FOREST_FLAG 0x80000000 // DnsForestName is a DNS name
您的号码3758156028为十六进制:E000E8FC
您的号码3758158717为十六进制:E000F37D
下表中显示了标志中的差异,其中x表示该位已设置:
flag | E000E8FC | E000F37D |
-------------------------------------------------------------------------------------------------------
DS_PDC_FLAG 0x00000001 | | x | // DC is PDC of Domain
DS_GC_FLAG 0x00000004 | x | x | // DC is a GC of forest
DS_LDAP_FLAG 0x00000008 | x | x | // Server supports an LDAP server
DS_DS_FLAG 0x00000010 | x | x | // DC supports a DS and is a Domain Controller
DS_KDC_FLAG 0x00000020 | x | x | // DC is running KDC service
DS_TIMESERV_FLAG 0x00000040 | x | x | // DC is running time service
DS_CLOSEST_FLAG 0x00000080 | x | | // DC is in closest site to client
DS_WRITABLE_FLAG 0x00000100 | | x | // DC has a writable DS
DS_GOOD_TIMESERV_FLAG 0x00000200 | | x | // DC is running time service (and has clock hardware)
DS_NDNC_FLAG 0x00000400 | | | // DomainName is non-domain NC serviced by the LDAP server
DS_SELECT_SECRET_6 0x00000800 | x | | // DC has some secrets
DS_FULL_SECRET_6 0x00001000 | | x | // DC has all secrets
DS_WS_FLAG 0x00002000 | x | x | // DC is running web service
?????????? 0x00004000 | x | x | // ?
?????????? 0x00008000 | x | x | // ?
DS_PING_FLAGS 0x000FFFFF | | | // Flags returned on ping
DS_DNS_CONTROLLER_FLAG 0x20000000 | x | x | // DomainControllerName is a DNS name
DS_DNS_DOMAIN_FLAG 0x40000000 | x | x | // DomainName is a DNS name
DS_DNS_FOREST_FLAG 0x80000000 | x | x | // DnsForestName is a DNS name
要测试您的域名是否可写,您可以这样做:
const uint DS_WRITABLE_FLAG = 0x00000100;
uint flag = 3758158717;
bool isWriteable = ((flag & DS_WRITABLE_FLAG) == DS_WRITABLE_FLAG);
isWriteable.Dump();
将在LINQPad中输出 True