4.1.10.5.8 AddObjToResponse
-
procedure AddObjToResponse( hDrs: DRS_HANDLE, o: ObjAtts, ncRoot: DSName, ulFlags: set of integer, ulExtendedOp: DWORD, clientDSA: DSName, var msgOut: DRS_MSG_GETCHGREPLY_NATIVE) : ULONG
Informative summary of behavior: The AddObjToResponse procedure constructs a REPLENTINFLIST structure for a changed object and appends it to the response.
-
err: ULONG re: REPLENTINFLIST pAttr: ADDRESS OF ATTR attribute: ATTRTYP attrObj: DSName attrVals: sequence of attribute values i: DWORD j: DWORD err := 0 /* Construct a REPLENTINFLIST to represent the changes. */ re := all zeros re.fIsNcPrefix := (o.obj = ncRoot) if name in o.atts and not re.fIsNcPrefix then re.pParentGuid := ADR(o.obj!parent) endif re.EntInf.pName := ADR(o.obj) re.EntInf.AttrBlock.pAttrs := array of ATTR of size o.atts.length re.EntInf.AttrBlock.attrCount := o.atts.length re.pMetaDataExt := PROPERTY_META_DATA_EXT_VECTOR with rgMetaData of size o.atts.length re.pMetaDataExt^.cNumProps := o.atts.length for i := 0 to o.atts.length - 1 attribute := o.atts[i] attrObj := SchemaObj(attribute) re.pMetaDataExt^.rgMetaData[i] = AttrStamp(o.obj, attribute) pAttr := ADR(re.EntInf.AttrBlock.pAttrs[i]) pAttr^.attrTyp := attribute pAttr^.AttrVal.valCount := 0 if AmILHServer() and DRS_SPECIAL_SECRET_PROCESSING in ulFlags and IsSecretAttribute(attribute) then /* secret attribute, send a null value */ pAttr^.AttrVal.pAVal = null re.pMetaDataExt^.rgMetaData[i].timeChanged = 0 else if AmILHServer() and LDAP_DIRSYNC_OBJECT_SECURITY in ulFlags and fCONFIDENTIAL is SET and not AccessCheckAttr(o, attribute, RIGHT_DS_READ_PROPERTY) then /* confidential attribute, send a null value */ pAttr^.AttrVal.pAVal = null else if not AmILHServer() and /* W2K3 or lower */ not DRS_WRIT_REP in ulFlags and /* partial replication */ IsSecretAttribute(attribute) then /* secret attribute in W2K3 or lower servers, send a null value */ pAttr^.AttrVal.pAVal = null re.pMetaDataExt^.rgMetaData[i].timeChanged = 0 else /* not special processing */ attrVals := GetAttrVals(o, attribute, false) pAttr^.AttrVal.pAVal := ARRAY OF ATTRVAL WITH SIZE attrVals.length for j := 0 to attrVals.length - 1 /* If attribute is a link value attribute, then add it to the * response here only if it does not have a LinkValueStamp * associated with it. This can happen if the current forest * functional level is DS_BEHAVIOR_WIN2000 or the attribute * value attrVals[j] was last updated when the forest * functional level was DS_BEHAVIOR_WIN2000. If the * attribute value has a LinkValueStamp associated with it, * then it will be sent in the response packet by method * AddLinkToResponse. Forest functional levels are listed * in [MS-ADTS] section 6.1.4.4, * "msDS-Behavior-Version: Forest Functional Level". */ if (attrObj!linkID = null) or ((attrObj!linkID ≠ null) and (LinkStamp(o.obj, attribute, attrVals[j]) = null) then pAttr^.AttrVal.pAVal[j] := ATTRVALFromValue( attrVals[j], Syntax(attribute), dc.prefixTable) pAttr^.AttrVal.valCount := pAttr^.AttrVal.valCount + 1 endif endfor /* j := */ endif err := EncryptValuesIfNecessary(hDrs, pAttr^) if err ≠ 0 then return err endif /* if secrets are being sent to RODC then log it to revealed * list */ if (EXOP_REPL_SECRETS in ulExtendedOp) then UpdateRevealedList(clientDSA, o.obj, attribute) endif endfor /* i := */ /* Add re to the response. */ Add re to the end of the linked list msgOut.pObjects msgOut.cNumObjects := msgOut.cNumObjects + 1 return err