1.7 Versioning and Capability Negotiation
Supported Transports: This protocol uses the mailslot datagram delivery service, RPC over named pipes ([PIPE]), and RPC over TCP/IP as its only transports. Also see Transport (section 2.1).
Security and Authentication Methods: As specified in section 3.2 and [MS-RPCE] section 1.7.
Protocol Version: This protocol's RPC interface has a single version number of 1.0. Microsoft can extend this protocol by adding RPC methods to the interface with opnums lying numerically beyond those defined in this document. A client determines whether such methods are supported by attempting to invoke the method. If the version of the interface does not implement the method being invoked, it is required that the RPC server return an opnum out of range error. RPC versioning and capability negotiation for this situation is specified in [C706] and [MS-RPCE] section 2.1.
For methods with multiple definitions (for example, NetrServerAuthenticate (section 3.5.4.4.5), NetrServerAuthenticate2 (section 3.5.4.4.4), and NetrServerAuthenticate3 (section 3.5.4.4.2)), the Netlogon Remote Protocol first tries the most recent definition of the method for which it has code. If that fails, this protocol tries the next most recent definition, and so on. Using the NetrServerAuthenticate example, this protocol tries NetrServerAuthenticate3 first, NetrServerAuthenticate2 second, and finally NetrServerAuthenticate.
Capability Negotiation: When a secure channel is established, the NegotiateFlags parameter of the NetrServerAuthenticate2 and NetrServerAuthenticate3 is used to negotiate a common set of capabilities that each of the participants in the negotiation can support. See section 3.1.4.2.