Freigeben über


4.1.10.5.9 UpdateRevealedList

 procedure UpdateRevealedList(
   rodcDSA: DSName,
   revealedObject: DSName,
   attribute: ATTRTYP)

Informative summary of behavior: The UpdateRevealedList procedure adds or updates an entry for the attribute attribute of the object revealedObject on the msDS-RevealedUsers attribute of the computer object that corresponds to the nTDSDSA object rodcDSA. The msDS-RevealedUsers attribute is of type DNBinary. The binary portion of the attribute value contains a PROPERTY_META_DATA structure in its binary form. The DN portion of attribute value contains revealedObject.

  
 serverObj: DSName
 computerObj: DSName
 attrSchemaObj: DSName
 revealedObjectsNew: set of DNBinary
 obj: DNBinary
 propMetadata: PROPERTY_META_DATA
 propMetadataCurrent: PROPERTY_META_DATA
 newRevealedObjectVal: DNBinary
  
  
 /* Revealed list has entries only for secret attributes */
 if not IsSecretAttribute(attribute) then
   return 
 endif
  
  
 /* Get the computer object corresponding to nTDSDSA object rodcDSA */
 serverObj := rodcDSA!parent
 computerObj := serverObj!serverReference
  
  
 /* filter superseded entries from the msDS-RevealedUsers set */
 revealedObjectsNew := {}
 foreach obj in computerObj!msDS-RevealedUsers
   propMetadata := loophole(obj.binary, PROPERTY_META_DATA)
   if (obj.object_dn ≠ revealedObject) or
      (propMetaData.attrType ≠ attribute) or 
      (StampCompare(propMetaData.propMetadataExt, 
                    AttrStamp(revealedObject, attribute) > 0) then
     revealedObjectsNew := revealedObjectsNew + { obj }
   endif
 endfor
  
  
 /* add the new entry to the set */
 propMetadataCurrent.attrType := attribute
 propMetadataCurrent.propMetadataExt :=
     AttrStamp(revealedObject, attribute)
 propMetadataCurrent.llUnused := An implementation-specific value
     that is of no significance to the protocol.
 newRevealedObjectVal.binary :=
     loophole(propMetadataCurrent, sequence of byte)
 newRevealedObjectVal.object_dn:= revealedObject
 revealedObjectsNew := revealedObjectsNew + { newRevealedObjectVal }
  
  
 /* set attribute value to new set */
 computerObj!msDS-RevealedUsers := revealedObjectsNew