Export (0) Print
Expand All

3.1.1.6.2 Reference Update

References

  • Variable: dsname

  • LDAP attributes: dNReferenceUpdate.

  • LDAP classes: infrastructureUpdate.

  • Glossary: dsname, Infrastructure FSMO master, NC replica, tombstone, GC.

  • IDL_DRSVerifyNames method: see [MS-DRSR] section 4.1.27.

  • Well-known Objects

In AD DS, attributes of attribute syntax Object (DS-DN), Object(DN-String), Object(DN-Binary), Object(Access-Point) and Object(OR-Name) can have attribute values that reference objects in an NC for which no NC replica is present on the server. The server does not get a replicated update when an object in the NC replica not present on the server is modified or deleted. In such a case, references to such objects will remain to an old dsname on the server. In order to update these kinds of references, a background task called reference update is run at regular intervals. By default, each reference is examined every two days.

The reference update task is not run on a Global Catalog.

If the Recycle Bin optional feature is not enabled and the Infrastructure FSMO master is not a global catalog, then the reference update task is run only on the Infrastructure FSMO master.

If the Recycle Bin optional feature is enabled, every DC that is not also a global catalog runs the reference update task.

The reference update task does processing as follows:

For each object P in each NC replica on the server do the following:

  • Let S be the set of all attributes of P with attribute syntax Object(DS-DN), Object(DN-String), Object(DN-Binary), Object(OR-Name) and Object(Access-Point).

  • For each attribute A in set S and for each value V of A do the following:

    • If there exists an object with dsname V in any NC replica on this DC, then skip this value V.

    • If attribute syntax of A is Object(DS-DN) then let G be P.A.V.guid_value. Let D be P.A.V.dn.

    • Otherwise, let G be P.A.V.object_DN.guid_value. Let D be P.A.object_DN.dn.

    • If the Recycle Bin optional feature is not enabled:

    • If the Recycle Bin optional feature is enabled:

      • Retrieve the dsname N and the value Vgc of the isRecycled attribute of object with objectGUIDG from a GC by calling method IDL_DRSVerifyNames. IDL_DRSVerifyNames is explained in [MS-DRSR] section 4.1.27.

      • If Vgc is true and attribute A is a linked attribute, remove value V from attribute A. This removal is not replicated to any other DCs.

      • If N!nameD then replace value V of attribute A with N!name. This replacement is not replicated to any other DCs.

      • If attribute A is a link value and the RDN of N!name is a delete-mangled RDN (see section 3.1.1.5.5), the value V is to be treated as a linked value to or from a deleted-object. That is, the value is not generally visible to LDAP clients unless the LDAP_SHOW_DEACTIVATED_LINK_OID control is used.

      • If attribute A is a link value and the RDN of N!name is not a delete-mangled RDN (see section 3.1.1.5.5), the value V is to be treated as a normal linked value. That is, the value is generally visible to LDAP clients.

 
Show:
© 2014 Microsoft