Export (0) Print
Expand All

4.1.1.2.2 CreateCrossRef

procedure CreateCrossRef(
  hDrs: DRS_HANDLE,
  e: ENTINF,
  pmsgOut: ADDRESS OF DRS_MSG_ADDENTRYREPLY,
  ver: DWORD,
  info: ADDRESS OF ADDENTRY_REPLY_INFO): boolean

Informative summary of behavior: This procedure creates a crossRefobject. If the crossRef object exists already in a disabled state, it will mark the crossRef object as enabled.

ulSysFlags, err: DWORD
ncNameV: DSName
trustParentV, rootTrustV, dnsRootV: unicodestring
cr: DSName
prefixTable: PrefixTable

/* Only attributes and classes in the base schema may be specified.*/
prefixTable := NewPrefixTable()

ulSysFlags := ENTINF_GetValue(e, systemFlags, prefixTable)
ncNameV := ENTINF_GetValue(e, ncName, prefixTable)

/* Check whether the crossRef object for the given ncName exists. */
cr := select one v from subtree ConfigNC() 
    where v!ncName = ncNameV and crossRef in v!objectClass

if (cr = null) or not (FLAG_CR_NTDS_DOMAIN in ulSysFlags) then
  if FLAG_CR_NTDS_NC in ulSysFlags then
    SetErrorData(SV_PROBLEM_WILL_NOT_PERFORM, serviceError, 
                 ERROR_DS_MISSING_EXPECTED_ATT, pmsgOut, ver)
    return false
  endif

  /* Add the crossRef object as a regular operation; this is subject
   * to an access check and will succeed only if the server is the
   * Partition Naming Master FSMO role owner. */
  err := PerformAddOperation(e, cr, dc.prefixTable, TRUE)
  if err ≠ 0 then
    /* Pick up the error information from the previous call. */
    SetErrorData(0, 0, 0, pmsgOut, ver)
    return false
  endif

  /* Set the systemFlags because PerformAddOperation does not set it.
   */
  cr!systemFlags := ulSysFlags

  /* Return the objectGUID of the new crossRef object. */
  info^.objGuid := cr.guid;
else 
  /* crossRef already exists; enable it. */

  /* The crossRef is expected to be disabled. */
  if cr!enabled = null or cr!enabled = true then
    SetErrorData(SV_PROBLEM_DIR_ERROR,
                 serviceError,
                 ERROR_DUP_DOMAINNAME,
                 pmsgOut, ver)
    return false
  endif

  /* Only allow certain client IP to make the change. */
  if not (ClientIpMatch(hDrs, cr!dnsRoot)) then
    SetErrorData(SE_PROBLEM_INAPPROPRIATE_AUTH, securityError, 
        ERROR_DS_INTERNAL_FAILURE, pmsgOut, ver)
    return false
  endif
      
  /* dnsRoot must be set in the given ENTINF. */
  dnsRootV := ENTINF_GetValue(e, dnsRoot, prefixTable)
  if dnsRootV = null then
    SetErrorData(PR_PROBLEM_NO_ATTRIBUTE_OR_VAL, attributeError,
        ERROR_DS_MISSING_REQUIRED_ATT, pmsgOut, ver)
    return false
  endif

  cr!dnsRoot := dnsRootV

  /* Two more attributes can be set; the rest are ignored. */
  trustParentV := ENTINF_GetValue(e, trustParent, prefixTable)
  if trustParentV ≠ null then
    cr!trustParent := trustParentV
  endif
  rootTrustV := ENTINF_GetValue(e, rootTrust, prefixTable)
  if rootTrustV ≠ null then
    cr!rootTrust := rootTrustV
  endif

  /* Update the systemFlags and enable the crossRef. */
  cr!systemFlags := {FLAG_CR_NTDS_NC, FLAG_CR_NTDS_DOMAIN}
  cr!enabled := null

  /* return the guid of the crossRef object */
  info^.objGuid := cr.guid
endif

/*The cross ref was created/enabled. Ensure that the respective
  sub-ref object is created */
AddSubRef(cr!ncName)

return true
 
Show:
© 2015 Microsoft