Directory Services

DsEnumerateDomainTrusts

The DsEnumerateDomainTrusts function obtains domain trust data for a specified domain.

DWORD DsEnumerateDomainTrusts(
  LPTSTR ServerName,
  ULONG Flags,
  PDS_DOMAIN_TRUSTS* Domains,
  PULONG DomainCount
);

Parameters

ServerName
[in, optional] Pointer to a null-terminated string that specifies the name of the remote server to process this function. This must be a domain controller or a domain member computer running the Windows 2000 or later operating system.

If this parameter is NULL, the local computer is used. If the local computer is a domain controller, this function returns the trust data immediately. If the local computer is not a domain controller, this function obtains the trust data from cached data if the cached data is not expired. The cached data expires after five minutes. If the cached data is expired, this function obtains the trust data from a domain controller in the domain that the local computer is a member of and updates the cache.

Flags
[in] Contains a set of flags that determines which domains to enumerate. This can be zero or a combination of one or more of the following values.
Value Meaning
DS_DOMAIN_DIRECT_INBOUND Enumerate domains that are directly trusting the domain which has ServerName as a member.
DS_DOMAIN_DIRECT_OUTBOUND Enumerate directly trusted domains.
DS_DOMAIN_IN_FOREST Enumerate domains that are a member of the same forest which has ServerName as a member.
DS_DOMAIN_NATIVE_MODE Enumerate domains where the primary domain is running in Windows 2000® native mode.
DS_DOMAIN_PRIMARY Enumerate domains that are the primary domain of the queried server.
DS_DOMAIN_TREE_ROOT Enumerate domains that are the root of a tree and member of the same forest which has ServerName as a member.
Domains
[out] Pointer to a PDS_DOMAIN_TRUSTS value that receives an array of DS_DOMAIN_TRUSTS structures. Each structure in this array contains trust data about a domain. The caller must free this memory when it is no longer required by calling NetApiBufferFree.
DomainCount
[out] Pointer to a ULONG value that receives the number of elements returned in the Domains array.

Return Values

Returns ERROR_SUCCESS if successful or a WIn32 error code otherwise. Possible error codes include the following.
Return Code Description
ERROR_INVALID_FLAGS The Flags parameter contains one or more invalid flags.
ERROR_NO_LOGON_SERVERS No cached data is available and no domain controller could be located.
ERROR_NO_TRUST_LSA_SECRET The client side of the trust relationship is broken and no cached data is available.
ERROR_NO_TRUST_SAM_ACCOUNT The server side of the trust relationship is broken or the password is invalid and no cached data is available.
ERROR_NOT_SUPPORTED The computer identified by ServerName does not support this function call. In particular, this error is returned if ServerName is an Windows NT® 3.51 computer or if ServerName is an Windows NT 4.0 computer and DS_DOMAIN_DIRECT_INBOUND is specified.

Requirements

Client: Included in Windows XP and Windows 2000 Professional.
Server: Included in Windows Server 2003 and Windows 2000 Server.
Unicode: Implemented as Unicode and ANSI versions.
Header: Declared in Dsgetdc.h.
Library: Use Netapi32.lib.

See Also

DS_DOMAIN_TRUSTS, NetApiBufferFree, Directory Service Functions