4.1.21.3 Server Behavior of the IDL_DRSReplicaDemotion Method

Informative summary of behavior: For a given NC, the IDL_DRSReplicaDemotion method replicates out any changes that had not previously been replicated out. It also abandons any NC-specific FSMO roles that are owned by this DC. This function accomplishes nothing when the DC being demoted is the last DC in the forest.

 ULONG
 IDL_DRSReplicaDemotion(
     [in, ref] DRS_HANDLE hDrs,
     [in] DWORD dwInVersion,
     [in, ref, switch_is(dwInVersion)] 
         DRS_MSG_REPLICA_DEMOTIONREQ* pmsgIn,
     [out, ref] DWORD *pdwOutVersion,
     [out, ref, switch_is(*pdwOutVersion)] 
         DRS_MSG_REPLICA_DEMOTIONREPLY* pmsgOut
     )
  
 msgIn: DRS_MSG_REPLICA_DEMOTIONREQ_V1
 ret: DWORD
 nc: DSNAME
  
 ValidateDRSInput(hDrs, 26)
  
 pdwOutVersion^ := 1
 pmsgOut^.V1.dwOpError := ERROR_DS_CODE_INCONSISTENCY
  
 if dwInVersion ≠ 1 then
   return ERROR_INVALID_PARAMETER
 endif
 msgIn := pmsgIn^.V1
 if  msgIn.pNC = null or
     msgIn.dwFlags ≠ DS_REPLICA_DEMOTE_TRY_ALL_SRCS then
   return ERROR_INVALID_PARAMETER
 endif
  
 if not IsMemberOfBuiltinAdminGroup() then
   /* only BA is allowed to demote an AD LDS service */
   return ERROR_DS_DRA_ACCESS_DENIED
 endif
  
 nc := msgIn.pNC^
 ret := AbandonAllFSMORoles(nc)
 if ret = ERROR_SUCCESS then
   ret := ReplicateOffChanges(nc)
 endif
  
 if ret = ERROR_SUCCESS then
   /* mark instanceType as going and not coming */
   nc!instanceType := nc!instanceType + {IT_NC_GOING} - {IT_NC_COMING}
   /* remove any repsFrom */
   nc!repsFrom := null
 endif
  
 pmsgOut^.V1.dwOpError := ret
 pdwMsgOut^ := 1
 return ERROR_SUCCESS
Show: