procedure RevealSecretsForUserAllowed(
     rodcObj: DSName, userObj: DSName): boolean

Informative summary of behavior: The RevealSecretsForUserAllowed procedure returns true if a server that holds secrets of the user object userObj is allowed to send those secrets to the RODC identified by RODC object rodcObj.

 policy: RevealSecretsPolicy
 allowed: boolean
 policy = GetRevealSecretsPolicyForUser(rodcObj, userObj)
 if (policy = RevealSecretsDeny) then
   allowed := false
 else if (policy = RevealSecretsAllow) then
   allowed := true
   allowed := false
 return allowed