net logon operations

  • Thread starter Thread starter fhm2zaman
  • Start date Start date
F

fhm2zaman

i am working on net logon, To complete my work i need all net logon
operations given at

http://www.hsc.fr/ressources/articles/win_net_srv/msrpc_netlogon.html

i have arranged an environment to get netlog on packets with a domain
controller A.com
with its additional domain controller AA.com
and an other domain controller B.com in the same forest.

All three machines are windows 2000 server

can any body tell that what operations i have to perform to get all the
given operations of net logon service given at above address.

Actulay i am able to get only 5 operations that is when i logon from a
windows xp machine to domian i get 0x04, 0xla,0xld

i can get these operations by writing my own programm but problem is
that the API's against all the operations are not available.

Is there is any tools or any environment arrangement that i can get
packets which contains
all the operations using ethereal
 
Your post is confusing but I expect you want to go look at the SAMBA
stuff. Barring that, that there is a book out there about DCE/RPC that
you probably want to pick up and read which I believe was written by the
SAMBA folks.

--
Joe Richards Microsoft MVP Windows Server Directory Services
Author of O'Reilly Active Directory Third Edition
www.joeware.net


---O'Reilly Active Directory Third Edition now available---

http://www.joeware.net/win/ad3e.htm
 
Thank you sir for your kind attentions to my problem related to rpc netlogon ,
i am really greatful to you, but actualy its not what i want.
At your point that my question is confusing i am posting it again by
elaborating up to full.
waiting anxiously for your kind response.
Thanks.


i am working on rpc netlogon which is a windows service and is used to make
a secure channel between client and a domain controller.

At the following link i come to know that there are 48 interfaces or
operations to rpc netlogon service.

http://www.hsc.fr/ressources/articles/win_net_srv/msrpc_netlogon.html
containing list of all the operations performed by rpc netlogon.

Now my task is to arrange such an environment of domain contrlloers and
clients
that when a client communicate with a domain controller or when a domain
controller communicate with an additional domain controller

in a particular domian i might capture the packets and these packets
should contain the rpc netlogon operations given ay above.

now when a clinet boot up against a domain controller a secure channel is
built and clinet is authenticated using rpc netlogon serivce.
and against this operation when i make analysis of packets i get three
operations
and they are
NetrServerReqChallenge
NetrServerAuthenticate3
NetrLogonGetDomainInfo

now when i make trust relationship between two domain in a forest and access
their accounts packet should contain trust related

operations like
DsrEnumerateDomain trusts etc
when data is replicated packets should contain replication related operations
but it does not.

Can anybody tell me the operations or interfaces give at above link are just
specification and microsoft just implemented three of four of

them
and for other operations like sysncing , replication and making trusts
some other services are used like
DRSUAPI and samr etc.
because while replication i get DRSUAPI packets .

or these operations were used only in windows NT and in windows 2000 server
and following operating systems of microsoft not use

these operations

and if they are still supported then what kind of environment i have to
arrange or what type of operations i have to perform so that i can

get packets which contains all the interfaces or operations give at above link

Thanks,
 
Back
Top