2.2.1.6.2 DS_DOMAIN_TRUSTSW
The DS_DOMAIN_TRUSTSW structure defines information about a domain trust. It is part of the NETLOGON_TRUSTED_DOMAIN_ARRAY structure, as specified in section 2.2.1.6.3, returned by the DsrEnumerateDomainTrusts method, as specified in section 3.5.4.7.1. This structure SHOULD<54> contain naming information and trust-related information for a specific trusted domain.
-
typedef struct _DS_DOMAIN_TRUSTSW { [string] wchar_t* NetbiosDomainName; [string] wchar_t* DnsDomainName; ULONG Flags; ULONG ParentIndex; ULONG TrustType; ULONG TrustAttributes; PRPC_SID DomainSid; GUID DomainGuid; } DS_DOMAIN_TRUSTSW, *PDS_DOMAIN_TRUSTSW;
NetbiosDomainName: A pointer to a null-terminated Unicode string that contains the NetBIOS name of the trusted domain.
DnsDomainName: A pointer to a null-terminated Unicode string that contains the FQDN of the trusted domain.
Flags: A set of bit flags that defines the domain trust attributes. A flag is TRUE (or set) if its value is equal to 1. The value is constructed from zero or more bit flags from the following table.
-
0
1
2
3
4
5
6
7
8
91
0
1
2
3
4
5
6
7
8
92
0
1
2
3
4
5
6
7
8
93
0
10
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
F
E
D
C
B
A
-
Where the bits are defined as:
-
Value
Description
A
Domain is a member of a forest.
B
Domain is directly trusted by the current domain.
C
Domain is the root of a forests.
D
Domain is the primary domain of the queried server.
E
Primary domain is running in native mode.
F
Domain directly trusts the current domain.
-
All other bits MUST be set to zero and MUST be ignored on receipt.
ParentIndex: An integer value that contains the index in the NETLOGON_TRUSTED_DOMAIN_ARRAY array (returned by DsrEnumerateDomainTrusts method) that corresponds to the parent domain of the domain represented by this structure. This field is set if all of the following conditions are met:
The A flag is specified in the Flags parameter of the DsrEnumerateDomainTrusts method.
The Flags field of DS_DOMAIN_TRUSTSW structure does not contain the C flag.
-
Otherwise, it MUST be set to zero and MUST be ignored.
TrustType: An integer value that describes the type of domain with which the trust is associated. TrustType is one of the following values.
-
Value
Meaning
0x00000001
Trust is with a domain.<55>
0x00000002
Trust is with an Active Directory domain.<56>
0x00000003
Trust is with an MIT Kerberos realm.
0x00000004
Trust is with a Distributed Computing Environment (DCE) realm.
-
All other values MUST be ignored on receipt.
TrustAttributes: A set of bit flags describing trust link attributes. A flag is true (or set) if its value is equal to 1. The value is constructed from zero or more bit flags from the following table, with the exception that bit F cannot be combined with E or D.
-
0
1
2
3
4
5
6
7
8
91
0
1
2
3
4
5
6
7
8
92
0
1
2
3
4
5
6
7
8
93
0
10
0
0
0
0
0
0
0
I
H
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
G
F
E
D
C
B
A
-
Where the bits are defined as:
-
Value
Description
A
Trust link MUST NOT allow transitivity.
B
Trust link MAY<57> be valid.
C
Trust link MUST be set for SID filtering of the client domain. For details about SID filtering, see [MS-PAC].
D
Trust link can contain forest trust information.
E
Trust link is to either a domain or a forest that is not part of the enterprise network.
F
Trust link is internal to the forest.
G
Trust is to be treated as external for trust boundary purposes.
H
Domain is parent domain.
I
Domain is root of another forest.
-
All other bits MUST be set to zero and MUST be ignored on receipt.
DomainSid: A pointer to a SID structure ([MS-DTYP] section 2.4.2.3) that identifies the current domain. If the TrustAttributes field is set to C or D, the value is 0.
DomainGuid: A GUID structure ([MS-DTYP] section 2.3.4.1) that identifies the current domain.