DsBindWithSpnA function (ntdsapi.h)
The DsBindWithSpn function binds to a domain controller using the specified credentials and a specific service principal name (SPN) for mutual authentication.
This function is provided for where complete control is required for mutual authentication. Do not use this function if you expect DsBind to find a server for you, because SPNs are computer-specific, and it is unlikely that the SPN you provide will match the server that DsBind finds for you. Providing a NULLServicePrincipalName argument results in behavior that is identical to DsBindWithCred.
Syntax
NTDSAPI DWORD DsBindWithSpnA(
[in, optional] LPCSTR DomainControllerName,
[in, optional] LPCSTR DnsDomainName,
[in, optional] RPC_AUTH_IDENTITY_HANDLE AuthIdentity,
[in, optional] LPCSTR ServicePrincipalName,
[out] HANDLE *phDS
);
Parameters
[in, optional] DomainControllerName
Pointer to a null-terminated string that contains the fully qualified DNS name of the domain to bind to. For more information, see the DomainControllerName description in the DsBind topic.
[in, optional] DnsDomainName
Pointer to a null-terminated string that contains the fully qualified DNS name of the domain to bind to. For more information, see the DnsDomainName description in the DsBind topic.
[in, optional] AuthIdentity
Contains an RPC_AUTH_IDENTITY_HANDLE value that represents the credentials to be used for the bind. The
DsMakePasswordCredentials function is used to obtain this value. If this parameter is NULL, the credentials of the calling thread are used.
DsUnBind must be called before freeing this handle with the DsFreePasswordCredentials function.
[in, optional] ServicePrincipalName
Pointer to a null-terminated string that specifies the Service Principal Name to assign to the client. Passing NULL in ServicePrincipalName is equivalent to a call to the DsBindWithCred function.
[out] phDS
Address of a HANDLE value that receives the binding handle. To close this handle, pass it to the DsUnBind function.
Return value
Returns ERROR_SUCCESS if successful or a Windows or RPC error code otherwise. The following are the most common error codes.
Remarks
Note
The ntdsapi.h header defines DsBindWithSpn as an alias which automatically selects the ANSI or Unicode version of this function based on the definition of the UNICODE preprocessor constant. Mixing usage of the encoding-neutral alias with code that not encoding-neutral can lead to mismatches that result in compilation or runtime errors. For more information, see Conventions for Function Prototypes.
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows Vista |
| Minimum supported server | Windows Server 2008 |
| Target Platform | Windows |
| Header | ntdsapi.h |
| Library | Ntdsapi.lib |
| DLL | Ntdsapi.dll |
See also
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for