The LDAP_SERVER_CROSSDOM_MOVE_TARGET_OID control is used with an extended LDAP rename function to move an LDAP object from one ___domain to another. The control specifies the DNS hostname of the ___domain controller in the destination ___domain.
To use this control, set the members of the LDAPControl structure as follows:
PWCHAR ldctl_oid = LDAP_SERVER_CROSSDOM_MOVE_TARGET_OID;
struct berval ldctl_value;
BOOLEAN ldctl_iscritical;
Members
-
ldctl_oid
-
Pointer to a wide, null-terminated string, LDAP_SERVER_CROSSDOM_MOVE_TARGET_OID, defined as "1.2.840.113556.1.4.521".
-
ldctl_value
-
Specifies the DNS name of the destination DC. In the berval structure, set bv_val to a pointer to an UTF-8 string that contains the DNS name, and set bv_len to the length of the string.
-
ldctl_iscritical
-
Can be TRUE or FALSE depending on whether the results of the move is critical to your application.
Remarks
The following code example shows how to use the cross-___domain control with the ldap_rename_ext_s function.
ULONG LDAPCrossDom (
LDAP *ldapConnection,
PWCHAR pszOldDN, // source object DN in Unicode
PWCHAR pszNewRDN, // destination object DN in Unicode
PWCHAR pszNewParent, // destination object parent DN in Unicode
PWCHAR pszDestDomain) // destination ___domain DNS name in Unicode
{
ULONG ulErr;
LDAPControl CrossDomControl;
PLDAPControl controlArray[] = { &CrossDomControl, NULL };
LPSTR pszDestDomainUTF8 = NULL;
int iDDSrclen = 0;
int iDDlen;
berval bvValue;
// Verify input parameters.
if (pszOldDN == NULL || pszNewRDN == NULL
|| pszNewParent == NULL
|| pszDestDomain == NULL )
return LDAP_PARAM_ERROR;
// Get required length of UTF-8 string buffer.
iDDSrclen = wcslen(pszDestDomain);
iDDlen = LdapUnicodeToUTF8(pszDestDomain,iDDSrclen,NULL,0);
// Check for zero length string
if (0 == iDDlen)
return LDAP_PARAM_ERROR;
// Allocate buffer for UTF-8 string.
pszDestDomainUTF8 = (LPSTR) malloc(iDDlen+1);
if (pszDestDomainUTF8 == NULL)
return LDAP_NO_MEMORY;
// Convert Unicode to UTF-8.
LdapUnicodeToUTF8(pszDestDomain,iDDSrclen,pszDestDomainUTF8,iDDlen+1);
pszDestDomainUTF8[iDDlen] = '\0';
// Setup control data.
bvValue.bv_val = (PCHAR) pszDestDomainUTF8;
bvValue.bv_len = iDDlen;
// Setup control.
CrossDomControl.ldctl_oid = LDAP_SERVER_CROSSDOM_MOVE_TARGET_OID_W;
CrossDomControl.ldctl_value = bvValue;
CrossDomControl.ldctl_iscritical = TRUE;
controlArray[0] = &CrossDomControl;
controlArray[1] = NULL;
// Rename object across domains.
ulErr = ldap_rename_ext_s(ldapConnection,
pszOldDN,
pszNewRDN,
pszNewParent,
TRUE,
controlArray,
NULL);
if (LDAP_SUCCESS == ulErr)
wprintf(L"Successful move\n");
if (NULL != pszDestDomainUTF8)
free(pszDestDomainUTF8);
return ulErr;
}
Note
The user application must have the proper directory service access rights to successfully use this control. The user application must have permission to delete objects in the source ___domain and create objects in the destination ___domain.
Requirements
| Minimum supported client |
Windows Vista |
| Minimum supported server |
Windows Server 2008 |
| Header |
|