| Directory Services |
The DsBindWithSpn function enables the client to specify the service principal name (SPN) to use for mutual authentication against the destination server. This function is provided for those situations where complete control is required over mutual authentication. Do not use this function if you expect DsBind to find a server for you, because SPNs are machine-specific, and it is unlikely that the SPN you provide will match the server that DsBind finds for you. Providing a NULL ServicePrincipalName argument results in behavior that is identical to DsBindWithCred.
DWORD DsBindWithSpn( LPCTSTR DomainControllerName, LPCTSTR DnsDomainName, RPC_AUTH_IDENTITY_HANDLE AuthIdentity, LPCTSTR ServicePrincipalName, HANDLE* phDS );
If this parameter is NULL and DnsDomainName is NULL, DsBindWithSpn attempts to find and use a global catalog server in the forest of the local computer.
If this parameter is NULL and DomainController is not NULL, DsBindWithSpn uses the domain name of the primary domain of the local computer.
Passing NULL in AuthIdentity is equivalent to a call to DsBind.
When the function succeeds, NO_ERROR is returned.
If the function fails, the return value is either an RPC error code or one of the following.
| Return Code | Description |
|---|---|
| ERROR_NO_SUCH_DOMAIN | No domain controller (DC) is available for the specified domain or the domain does not exist. |
| ERROR_INVALID_DOMAINNAME | The format of the specified DnsDomainName is invalid. |
| ERROR_NOT_ENOUGH_MEMORY | Insufficient memory available. |
Client: Included in Windows XP and
Windows 2000 Professional.
Server: Included in Windows Server 2003 and
Windows 2000 Server.
Redistributable: Requires Active Directory Client Extension
on Windows NT 4.0 SP6a and Windows 95/98/Me.
Unicode: Implemented as Unicode and ANSI versions on Windows
NT/2000/XP.
Header: Declared in Ntdsapi.h.
Library: Use Ntdsapi.lib.
DsBind, DsBindWithCred, DsUnBind, Domain Controller and Replication Management Functions