Overview#

DS_FLAG are Options Bits presented in Big-Endian byte order and are returned as part of the Netlogon attribute when using the LDAP ping SearchRequest

DS_FLAG Options bits:

• DS_PDC_FLAG, 0x00000001: The server holds the PDC FSMO role (PdcEmulationMasterRole)
• DS_GC_FLAG, 0x00000004: The server is a Global Catalog Domain Controller and will accept and process messages directed to it on the Global Catalog ports
• DS_LDAP_FLAG, 0x00000008: The server is an LDAP server
• DS_DS_FLAG, 0x00000010: The server is a Domain Controller
• DS_KDC_FLAG, 0x00000020: The server is running the Kerberos Key Distribution Center service.
• DS_TIMESERV_FLAG, 0x00000040: The Win32 Windows Time service, as specified in W32Time, is present on the server.
• DS_CLOSEST_FLAG, 0x00000080: The DcSiteName and ClientSiteName are the same and is a hint to the client that it is well-connected to the server in terms of speed.
• DS_WRITABLE_FLAG, 0x00000100: Indicates that the server is not an RODC. As described in section 3.1.1.1.9, all NC replicas hosted on an RODC do not accept originating updates.
• DS_GOOD_TIMESERV_FLAG, 0x00000200: The server is a reliable time server.
• DS_NDNC_FLAG, 0x00000400: The NamingContext is an application NamingContext.
• DS_SELECT_SECRET_DOMAIN_6_FLAG, 0x00000800): The server is an RODC.
• DS_FULL_SECRET_DOMAIN_6_FLAG, 0x00001000: The server is a writable DC, not running Windows Server 2000 Operating System through Windows Server 2003 R2 Operating System.
• DS_WS_FLAG, 0x00002000: The Active Directory Web Service, as specified in MS-ADDM, is present on the server.
• DS_DS_8_FLAG, 0x00004000: The server is not running Windows Server 2000 Operating System through Windows Server 2008 R2 Operating System.
• DS_DS_9_FLAG, 0x00008000: The server is not running Windows Server 2000 through Windows Server 2012 Operating System.
• DS_DNS_CONTROLLER_FLAG, 0x20000000: The server has a DNS Domain name.
• DS_DNS_DOMAIN_FLAG, 0x40000000: The NamingContext is a DefaultNamingContext
• DS_DNS_FOREST_FLAG, 0x80000000: The NamingContext is the Forest Root Domain

More Information#

There might be more information for this subject on one of the following:

• Netlogon attribute

---

• [#1] - https://msdn.microsoft.com/en-us/library/cc717362.aspx - based on information obtained 2016-05-19-
• [#2] - 6.3.1.9 NETLOGON_SAM_LOGON_RESPONSE_EX - based on information obtained 2020-02-02
• [#3] - 6.3.1.2 DS_FLAG Options Bits - based on information obtained 2020-02-02