Share via

4.1.24.3 Server Behavior of the IDL_DRSReplicaVerifyObjects Method

  • Article

Informative summary of behavior: Let N be the NC pNC^, and let the reference DC be the DC corresponding to the nTDSDSA object uuidDsaSrc.

For the purposes of this method, an object exists within an NC replica if it is either an object or a tombstone.

Let S be the set of objects that exists in N at the server running IDL_DRSReplicaVerifyObjects at the time IDL_DRSReplicaVerifyObjects begins processing. Let the set S' be S minus the members of S that have never existed in N at the reference DC when IDL_DRSReplicaVerifyObjects begins processing. The members of (S - S') are objects recently added to N on the server, since otherwise they would have replicated to the reference DC. The set S' is computable using the replUpToDateVector for N at the server and at the reference DC.

For each object o in S' that does not exist in N at the reference DC while IDL_DRSReplicaVerifyObjects is processing, either expunge o at the server (if ulOptions = 0) or log an administrator-visible event at the server (if ulOptions = 1).

If an object goes out of existence in N at the reference DC during processing of IDL_DRSReplicaVerifyObjects, then there is no requirement on whether IDL_DRSReplicaVerifyObjects should or should not expunge or log the object at the server.

 ULONG IDL_DRSReplicaVerifyObjects(
   [in, ref] DRS_HANDLE hDrs,
   [in] DWORD dwVersion,
   [in, ref, switch_is(dwVersion)]
       DRS_MSG_REPVERIFYOBJ *pmsgVerify)
  
 err: ULONG
 msgIn: DRS_MSG_REPVERIFYOBJ_V1
 nc, refDsa, o: DSName
 uTDServer, uTDRef, uTDMerge: UPTODATE_VECTOR_V1_EXT 
 sPrime: set of DSName
  
 ValidateDRSInput(hDrs, 22)
  
 /* Perform input validation and access check */
 if dwVersion ≠ 0x1 then
   return ERROR_DS_DRA_INVALID_PARAMETER
 endif
 msgIn := pmsgVerify^.V1
 if msgIn.pNC = null or 
    msgIn.uuidDsaSrc = NULLGUID then
   return ERROR_DS_DRA_INVALID_PARAMETER
 endif
 nc := msgIn.pNC^
 if not FullReplicaExists(nc) and 
     not PartialGCReplicaExists(nc) then
   return ERROR_DS_DRA_BAD_NC
 endif
 if not AccessCheckCAR(nc, DS-Replication-Manage-Topology) then
   return ERROR_DS_DRA_ACCESS_DENIED
 endif
 refDsa := select one object o from subtree ConfigNC() where 
     o!objectGUID = msgIn.uuidDsaSrc and nTDSDSA in o!objectClass
 if refDsa = null then
   return  ERROR_DS_DRA_INVALID_PARAMETER
 endif
  
 /* Compute the set S' */
 uTDServer := nc!replUpToDateVector
 err := GetRemoteUTD(refDsa, nc, uTDRef)
 if err ≠ 0 then
   return err
 endif
 uTDMerge := MergeUTD(uTDServer, uTDRef)
  
 sPrime := select all objects o from subtree-ts-included nc where
     StampLessThanOrEqualUTD(AttrStamp(o, whenCreated), uTDMerge)
  
 /* Process the set S' */
 for each o in sPrime
   if not ObjectExistsAtDC(o, refDSA) then
     if msgIn.ulOptions = 0 then
       Expunge(o)
     else if msgIn.ulOptions = 1 then
       Log a message: o exists on server but does not exist on refDsa
     endif
 endfor
  
 return 0

Windows behavior about the for loop is specified in the following citation:<37>