4.9.4. drsuapi interface
Prev 4.9. Windows core MSRPC interfaces Next

4.9.4. drsuapi interface

The drsuapi interface is used between Active Directory domain controllers for replication: 

Active Directory replication interface: e3514235-4b06-11d1-ab04-00c04fc2dcd2 v4.0

IDL (Interface Definition Language) for the drsuapi interface is available in Samba 4 [80].

It supports the following operations:

Table 4.18. drsuapi operations

InterfaceOperation numberOperation nameWindows API
e3514235-4b06-11d1-ab04-00c04fc2dcd2 v4.0: drsuapi   
 0x00DRSBindDsBind
 0x01DRSUnbindDsUnBind
 0x02DRSReplicaSyncDsReplicaSync
 0x03DRSGetNCChanges 
 0x04DRSUpdateRefs 
 0x05DRSReplicaAddDsReplicaAdd
 0x06DRSReplicaDelDsReplicaDel
 0x07DRSReplicaModifyDsReplicaModify
 0x08DRSVerifyNames 
 0x09DRSGetMemberships 
 0x0aDRSInterDomainMove 
 0x0bDRSGetNT4ChangeLog 
 0x0cDRSCrackNamesDsCrackNames
 0x0dDRSWriteSPNDsWriteAccountSpn
 0x0eDRSRemoveDsServer 
 0x0fDRSRemoveDsDomain 
 0x10DRSDomainControllerInfo 
 0x11DRSAddEntry 
 0x12DRSExecuteKCC 
 0x13DRSGetReplInfo 
 0x14DRSAddSidHistoryDsAddSidHistory
> Windows Server 2003 and >0x15DRSGetMemberships2 
-0x16DRSReplicaVerifyObjects 
-0x17DRSGetObjectExistence 
-0x18DRSQuerySitesByCostDsQuerySitesByCost

Ethereal has a dissector for this interface [83]. It is particularly useful when used with the Kerberos decryption feature: in that case, encrypted operations are dissected.

Prev Up Next
4.9.3. netlogon interface Home 4.9.5. dssetup interface