3.1.1.7.2.2 Directory Updates
Entries are added to the pdcChangeLog on select directory updates, specified here. The pdcChangeLog is maintained as a circular buffer—once an implementation-specific size limit (64K bytes) is exceeded, the least-recently-added entries are removed to make room for new entries.
If the following condition is TRUE during a directory update, then the following action occurs:
Condition
The update, create, or delete occurs within the domain NC (both for an originating and replicated update).
The AD DS domain is in mixed mode.
A condition listed in the Trigger Condition Tables (below) matches the update.
Action
An entry is added to pdcChangeLog with the associated fields in the Trigger Condition Tables that satisfied condition (1.3). The remaining fields in the pdcChangeLog entry are as follows:
If the objectSid attribute value of the object being updated has a domain prefix of the built-in domain SID, then DbIndex is 0x1; otherwise, DbIndex is 0x0.
The SerialNumber field is set as follows:
If DbIndex is 0x0, SamNT4ReplicationUSN is incremented by one and the resulting value is used for the SerialNumber field.
If DbIndex is 0x1, BuiltinNT4ReplicationUSN is incremented by one and the resulting value is used for the SerialNumber field.
The SID field is not specified.
Trigger Condition Tables: Database triggers for pdcChangeLog update.
Trigger Condition: An update occurs to one or more of the attributes specified in Table A on a domain object or built-in domain object.
pdcChangeLog entry
Field
Value
RelativeId
0x0
Flags
CHANGELOG_SID
DeltaType
AddOrChangeDomain
Trigger Condition: A group object creation or update to one or more of the attributes specified in Table B occurs when the groupType attribute is GROUP_TYPE_ACCOUNT_GROUP.
pdcChangeLog entry
Field
Value
RelativeId
RelativeId of the objectSid attribute value
Flags
CHANGELOG_SID
DeltaType
AddOrChangeGroup
Name
sAMAccountName attribute value
Trigger Condition: A group object creation or update to one or more of the attributes specified in Table B occurs when the groupType attribute is GROUP_TYPE_RESOURCE_GROUP.
pdcChangeLog entry
Field
Value
RelativeId
RelativeId of the objectSid attribute value
Flags
CHANGELOG_SID
DeltaType
AddOrChangeAlias
Name
sAMAccountName attribute value
Trigger Condition: A user object creation or update to one of more of the attribute specified in Table C occurs.
pdcChangeLog entry
Field
Value
RelativeId
RelativeId of the objectSid attribute value
Flags
CHANGELOG_SID
DeltaType
AddOrChangeUser
Name
sAMAccountName attribute value
Trigger Condition: A group object deletion whose groupType attribute value is GROUP_TYPE_ACCOUNT_GROUP occurs.
pdcChangeLog entry
Field
Value
RelativeId
RelativeId of the objectSid attribute value
Flags
0x8
DbType
DeleteGroup
Name
sAMAccountName attribute value
Trigger Condition: A group object deletion whose groupType attribute value is GROUP_TYPE_RESOURCE_GROUP occurs.
pdcChangeLog entry
Field
Value
RelativeId
RelativeId of the objectSid attribute value
Flags
CHANGELOG_SID
DeltaType
DeleteAlias
Name
sAMAccountName attribute value
Trigger Condition: A user object deletion occurs.
pdcChangeLog entry
Field
Value
RelativeId
RelativeId of the objectSid attribute value
Flags
CHANGELOG_SID
DeltaType
DeleteUser
Name
sAMAccountName attribute value
Table A: Domain Attributes for NT4 Replication
-
Attributes
Table B: Group Attributes for NT4 Replication
-
Attributes
nTSecurityDescriptor
sAMAccountName
Table C: User Attributes for NT4 Replication
-
Attributes
sAMAccountName
description
nTSecurityDescriptor
groupType