Export (0) Print
Expand All UpdateRevealedList

procedure UpdateRevealedList(
  rodcDSA: DSName,
  revealedObject: DSName,
  attribute: ATTRTYP)

Informative summary of behavior: The UpdateRevealedList procedure adds or updates an entry for the attributeattribute of the object revealedObject on the msDS-RevealedUsers attribute of the computer object that corresponds to the nTDSDSA object rodcDSA. The msDS-RevealedUsers attribute is of type DNBinary. The binary portion of the attribute value contains a PROPERTY_META_DATA structure in its binary form. The DN portion of attribute value contains revealedObject.

serverObj: DSName
computerObj: DSName
attrSchemaObj: DSName
revealedObjectsNew: set of DNBinary
obj: DNBinary
propMetadataCurrent: PROPERTY_META_DATA
newRevealedObjectVal: DNBinary

/* Revealed list has entries only for secret attributes */
if not IsSecretAttribute(attribute) then

/* Get the computer object corresponding to nTDSDSA object rodcDSA */
serverObj := rodcDSA!parent
computerObj := serverObj!serverReference

/* filter superseded entries from the msDS-RevealedUsers set */
revealedObjectsNew := {}
foreach obj in computerObj!msDS-RevealedUsers
  propMetadata := loophole(obj.binary, PROPERTY_META_DATA)
  if (obj.object_dn ≠ revealedObject) or
     (propMetaData.attrType ≠ attribute) or 
                   AttrStamp(revealedObject, attribute) > 0) then
    revealedObjectsNew := revealedObjectsNew + { obj }

/* add the new entry to the set */
propMetadataCurrent.attrType := attribute
propMetadataCurrent.propMetadataExt :=
    AttrStamp(revealedObject, attribute)
newRevealedObjectVal.binary :=
    loophole(propMetadataCurrent, sequence of byte)
newRevealedObjectVal.object_dn:= revealedObject
revealedObjectsNew := revealedObjectsNew + { newRevealedObjectVal }

/* set attribute value to new set */
computerObj!msDS-RevealedUsers := revealedObjectsNew
© 2014 Microsoft