[MS-DFSRH]: DFS Replication Helper Protocol Specification

More documents

Recommendations

Info

[in] BSTR distinguishedName,[in] SAFEARRAY(_AdAttributeData)* attributes,[in] BSTR verifyNameDomainControllerName,[in] BSTR networkNameResourceName);domainControllerName: MUST be the FQDN of the domain controller to which the methodsends the LDAP request. The format of the distinguished name MUST be as specified in[RFC2251] section 4.1.3.distinguishedName: MUST be the distinguished name of the Active Directory object that isbeing created. The distinguished name of any object in Active Directory MAY be used. Theformat of the distinguished name is specified in [RFC2251] section 4.1.3.attributes: MUST be the safe array of attributes that are to be created for the new object.verifyNameDomainControllerName: If the attributes of the object refer to an object inanother domain, the client MUST specify the domain controller in that domain that will be usedto verify the reference. The LDAP_SERVER_VERIFY_NAME_OID control MUST be added to theLDAP command. The LDAP_SERVER_VERIFY_NAME_OID control is specified in [MS-ADTS]section 3.1.1.3.4.1.16. If this parameter does not specify a domain controller that can becontacted to validate these references, the method MUST fail and return an LDAP protocolfailure.networkNameResourceName: MUST be the name of the cluster resource (the resource typeMUST be "Network Name"). If this parameter is a non-empty string, the server MUST executethe LDAP command under the account that corresponds to this network name. There are noconstraints regarding the format of the network name except the requirement that its lengthMUST NOT be longer than 32,767 characters. Otherwise, if this parameter is NULL or anempty string, the server MUST use the machine account to execute the LDAP command.Return Values: Return Values: The method MUST return:• 0 on success.• For LDAP protocol failures:• If the LDAP error is LDAP_OPERATIONS_ERROR, dfsrHelperLdapErrorBase + the serversideerror code.• For all other LDAP errors, dfsrHelperLdapErrorBase + the LDAP return code. For moreinformation, see [LDAP-ERR].• For all other failures, an implementation-specific nonzero HRESULT error code, as specifiedin [MS-ERREF] section 2.1, between 0x80000000 and 0xFFFFFFFF. For protocol purposes,all nonzero values MUST be treated as equivalent failures.The server MUST handle this message by using the same sequence of steps as forIADProxy::CreateObject (as specified in section 3.1.5.2.1), with the following additional step:• The server MUST execute the LDAP command under the credentials that correspond to thenetwork resource name that is supplied in the networkNameResourceName parameter.[MS-DFSRH] – v20080207DFS Replication Helper Protocol SpecificationCopyright © 2008 Microsoft Corporation.Release: Thursday, February 7, 200858 / 81
3.1.5.3.2 DeleteObject Method (Opnum 7)The DeleteObject method executes an LDAP command to delete an Active Directory object with aspecified distinguished name and attributes. The command MUST be executed under the machinesecurity credentials, or for a cluster, under the specified network name credentials.HRESULT DeleteObject([in] BSTR domainControllerName,[in] BSTR distinguishedName,[in] BSTR networkNameResourceName);domainControllerName: MUST be the FQDN of the domain controller to which the methodsends the LDAP request.distinguishedName: MUST be the distinguished name of the Active Directory object that isbeing deleted. The distinguished name of any object in Active Directory MAY be used. Theformat of the distinguished name is specified in [RFC2251] section 4.1.3.networkNameResourceName: MUST be the name of the cluster resource (the resource typeMUST be "Network Name"). If this parameter is a non-empty string, the server MUST executethe LDAP command under the account that corresponds to this network name. There are noconstraints regarding the format of the network name except the requirement that its lengthbe no more than 32,767 characters. Otherwise, if this parameter is NULL or an empty string,the server MUST use the machine account to execute the LDAP command.Return Values: The method MUST return:• 0 on success.• For LDAP protocol failures:• If the LDAP error is LDAP_OPERATIONS_ERROR, dfsrHelperLdapErrorBase + the serversideerror code.• For all other LDAP errors, dfsrHelperLdapErrorBase + the LDAP return code. For moreinformation, see [LDAP-ERR].• For all other failures, an implementation-specific nonzero error code.The server MUST handle this message by using the same sequence of steps as forIADProxy::DeleteObject (as specified in section 3.1.5.2.2), with the following additional step:• The server MUST execute the LDAP command under the credentials that correspond to thenetwork resource name that is supplied in the networkNameResourceName parameter.3.1.5.3.3 ModifyObject Method (Opnum 8)The ModifyObject method executes an LDAP command to add, delete, or modify attributes of aspecified Active Directory object. The command MUST be executed under machine securitycredentials, or for a cluster, under the specified network name credentials in order to create anActive Directory object with a specific distinguished name and attributes.HRESULT ModifyObject([in] BSTR domainControllerName,[MS-DFSRH] – v20080207DFS Replication Helper Protocol SpecificationCopyright © 2008 Microsoft Corporation.Release: Thursday, February 7, 200859 / 81
Page 2 and 3:
DateRevisionHistoryRevisionClassCom
Page 4 and 5:
2.2.1.5.17.11 EVENT_DFSR_VOLUME_JOU
Page 6 and 7:
1 IntroductionThe Distributed File
Page 8 and 9: [UNICODE4.0] The Unicode Consortium
Page 10 and 11: • IServerHealthReportThe IADProxy
Page 12 and 13: For more information about this LDA
Page 14 and 15: versionVector: MUST be the version
Page 16 and 17: Child ElementsElement Type Descript
Page 18 and 19: Element Type DescriptionbacklogInbo
Page 20 and 21: Child ElementsElement Type Descript
Page 22 and 23: Element Type DescriptionfileFilter
Page 24 and 25: 24 / 81[MS-DFSRH] - v20080207DFS Re
Page 26 and 27: Element Type Descriptionerror error
Page 28 and 29: Element Type Descriptionimplementat
Page 30 and 31: 2.2.1.5.15 errorReferences ElementT
Page 32 and 33: When the server detects any of the
Page 34 and 35: Error parameters:Ref IDMeaning1312.
Page 36 and 37: 2.2.1.5.17.13 EVENT_DFSR_CS_ERROR M
Page 38 and 39: Ref IDMeaning4206.8 The name of the
Page 40 and 41: Ref IDMeaning4304.2 The file path.4
Page 42 and 43: Ref IDMeaning4502.4 The name of the
Page 44 and 45: Ref IDMeaning5102.1 The replicated
Page 46 and 47: Ref IDMeaning6008.1 The configurati
Page 48 and 49: Ref IDMeaning6402.8 The member GUID
Page 50 and 51: Ref IDMeaning6410.3 The overlapped
Page 52 and 53: 3 Protocol Details3.1 Server Role D
Page 54 and 55: If the user does not have sufficien
Page 56 and 57: 3.1.5.2.3 ModifyObject Method (Opnu
Page 60 and 61: [in] BSTR distinguishedName,[in] SA
Page 62 and 63: flags: Any values of the DfsrReport
Page 64 and 65: and 0xFFFFFFFF on failure. For prot
Page 66 and 67: 3.1.5.4.6 GetReferenceBacklogCount
Page 68 and 69: 4 Protocol Examples4.1 Example of M
Page 70 and 71: 0127727764510000000Monday, October
Page 72 and 73: 6 Appendix A: Full IDLThe DFS-R Hel
Page 74 and 75: [in] long flags,[out] SAFEARRAY(_Ve
Page 76 and 77: The IADProxy2 interface is availabl
Page 78 and 79: Section 2.2.1.5.17.22: This error i
Page 80 and 81: GlossaryHHealth report XML exampleH
show all

[MS-DFSRH]: DFS Replication Helper Protocol Specification

Create successful ePaper yourself

Delete template?

Save as template?