3.1.3 Initialization

  • Article

The initialization MUST be triggered with the following argument:

  • iProvisioning: A Boolean value that indicates whether the initialization is part of the queue manager provisioning. If yes, the value is TRUE; otherwise, the value is FALSE. More details about system initialization are given in [MS-MQSO] section 6.6.

The queue manager MUST perform the following actions to initialize the abstract data model.

  • The queue manager MUST call the LsarOpenPolicy2 ([MS-LSAD] section 3.1.4.4.1) method with the following parameter values:

    • SystemName := an empty string

    • DesiredAccess := POLICY_VIEW_LOCAL_INFORMATION ([MS-LSAD] section 2.2.1.1.2)

    • Other parameters as specified in [MS-LSAD] section 3.1.4.4.1

  • If the return value is not STATUS_SUCCESS (0x00000000), take no further action.

  • Let StoredPolicyHandle be a pointer to an LSAPR_HANDLE ([MS-LSAD] section 2.2.2.1) initialized to the handle pointer returned in the PolicyHandle parameter by the preceding call to LsarOpenPolicy2.

  • The queue manager MUST call the LsarQueryInformationPolicy2 ([MS-LSAD] section 3.1.4.4.3) method with the following parameter values:

    • PolicyHandle := StoredPolicyHandle

    • InformationClass := PolicyDnsDomainInformation ([MS-LSAD] section 2.2.4.1)

    • Other parameters, as specified in [MS-LSAD] section 3.1.4.4.3

  • If the return value is not STATUS_SUCCESS (0x00000000), take no further action.

  • Set LocalQueueManager.MachineDomainId to the DomainGuid field of the LSAPR_POLICY_DNS_DOMAIN_INFO ([MS-LSAD] section 2.2.4.14) structure returned.

  • Let FQDNDomain be a Unicode string initialized to the DnsDomainName field of the LSAPR_POLICY_DNS_DOMAIN_INFO structure returned.

  • The queue manager MUST call the LsarQueryInformationPolicy2 method with the following parameter values:

    • PolicyHandle := StoredPolicyHandle

    • InformationClass := PolicyLocalAccountDomainInformation ([MS-LSAD] section 2.2.4.1)

    • Other parameters, as specified in [MS-LSAD] section 3.1.4.4.3

  • If the return value is not STATUS_SUCCESS (0x00000000), take no further action.

  • Set LocalQueueManager.ComputerName to the DomainName field of the LSAPR_POLICY_ACCOUNT_DOM_INFO ([MS-LSAD] section 2.2.4.6) structure returned.

  • Concatenate LocalQueueManager.ComputerName, a period ("."), and FQDNDomain to form the fully-qualified computer name, and set LocalQueueManager.QualifiedComputerName to that value.

  • The queue manager MUST call the LsarClose ([MS-LSAD] section 3.1.4.9.4) method with the following parameter value:

    • PolicyHandle := StoredPolicyHandle

  • If LocalQueueManager.DirectoryIntegrated is True:

    • If the iProvisioning argument is TRUE:

      • Set LocalQueueManager.InitializationRetryTimerDuration to 120.

      • Add a user-configured GUID as the Identifier ADM attribute of a Site (section 3.1.1.7) ADM element instance to LocalQueueManager.SiteIdentifierList.

      • The queue manager SHOULD<17> retrieve the computer names of the Active Directory domain controllers for the domain to which the queue manager computer belongs by performing a DNS query ([RFC1035]) for the SRV record _ldap._tcp.dc._msdcs.N, as defined in [MS-ADTS] section 6.3.6.1, where N is the fully-qualified domain name FQDNDomain obtained in a preceding step. The machine names in the received query results are added to LocalQueueManager.DirectoryServerList.

      • The queue manager MUST start the Directory Server List Update Timer ([MS-MQSO] section 6.4.1.2).

      • The queue manager MUST initialize LocalQueueManager.PublicEncryptionKeyList with an MQDSPUBLICKEYS ([MS-MQMQ] section 2.2.2) structure that contains multiple MQDSPUBLICKEY ([MS-MQMQ] section 2.2.1) structures. There SHOULD be one MQDSPUBLICKEY structure for each cryptographic service provider (CSP) in the following list:<18>

        • Microsoft Base Cryptographic Provider v1.0

        • Microsoft Enhanced Cryptographic Provider v1.0

        • Microsoft Enhanced RSA and AES Cryptographic Provider

      • The fields of each MQDSPUBLICKEY structure are initialized as specified in [MS-MQMQ] section 2.2.1 with these additional steps:

        • sProviderName is the CSP's name from the list, expressed as a null-terminated 16-bit Unicode string.

        • aBuf is populated with a key generated for use with the RSA key exchange algorithm ([RFC8017]), which MUST meet the validity condition in [RFC8017] section 3.1. The key has a bit length of 512 if sProviderName is "Microsoft Base Cryptographic Provider v1.0" or 1024 if sProviderName is "Microsoft Enhanced Cryptographic Provider v1.0" or "Microsoft Enhanced RSA and AES Cryptographic Provider".

      • The queue manager MUST initialize the PublicSigningKeyList ADM attribute of the LocalQueueManager ADM element with an MQDSPUBLICKEYS ([MS-MQMQ] section 2.2.2) structure that contains multiple MQDSPUBLICKEY ([MS-MQMQ] section 2.2.1) structures. There SHOULD be one MQDSPUBLICKEY structure for each CSP in the following list:<19>

        • Microsoft Base Cryptographic Provider v1.0

        • Microsoft Enhanced Cryptographic Provider v1.0

        • Microsoft Enhanced RSA and AES Cryptographic Provider

      • The fields of each MQDSPUBLICKEY structure are initialized as specified in [MS-MQMQ] section 2.2.1 with these additional steps:

        • sProviderName is the CSP's name from the list, expressed as a null-terminated 16-bit Unicode string.

        • aBuf is populated with a key generated for use with the RSA signature algorithm ([RFC8017]), which MUST meet the validity condition in [RFC8017] section 3.1. The key has a bit length of 512 if sProviderName is "Microsoft Base Cryptographic Provider v1.0" or 1024 if sProviderName is "Microsoft Enhanced Cryptographic Provider v1.0" or "Microsoft Enhanced RSA and AES Cryptographic Provider".

    • Synchronize the directory attributes of the LocalQueueManager ADM element instance with the directory through the following steps:

      • Generate a Read Directory (section 3.1.7.1.20) event with the following arguments:

        • iDirectoryObjectType := "QueueManager"

        • iFilter := An array of the following attribute-filter expressions:

          • "Identifier" EQUALS LocalQueueManager.Identifier

        • iAttributeList := NULL

      • If the rStatus returned by the Read Directory event is set to DirectoryOperationResult.Success:

        • Update the ADM attributes of the LocalQueueManager ADM element instance with the corresponding ADM attributes of the returned QueueManager (section 3.1.1.1) ADM element instance.

        • For each identifier in the local LocalQueueManager.SiteIdentifierList, referred to as siteIdentifier, do the following:

          • Generate a Read Directory event with the following arguments:

            • iDirectoryObjectType := "Site"

            • iFilter := An array of the following attribute-filter expressions:

              • "Identifier" EQUALS siteIdentifier

            • iAttributeList := NULL

          • If rStatus from the Read Directory event is DirectoryOperationResult.Success:

            • Add the returned Site ADM element instance to LocalQueueManager.SiteCollection.

      • Else if the rStatus returned by Read Directory event is set to DirectoryOperationResult.ObjectNotFound and iProvisioning is TRUE:

        • Continue with the following steps.

    • Generate a Read Directory event with the following arguments:

      • iDirectoryObjectType := "Enterprise"

      • iFilter := NULL

      • iAttributeList := "NonLDAPCapableQueueManagerNotification"

      • If the rStatus returned by the Read Directory event is set to DirectoryOperationResult.Success:

      • Else if the rStatus returned by the Read Directory event is set to DirectoryOperationResult.AttributeNotFound:

        • Create an Enterprise ADM element instance referred to as newEnterpriseObject and set newEnterpriseObject.NonLDAPCapableQueueManagerNotification to True.

        • Set LocalQueueManager.EnterpriseReference to newEnterpriseObject.

    • Start the Directory Sites Update Timer (section 3.1.2.1) and the Directory Site Gates Update Timer (section 3.1.2.2).

  • Create Queue (section 3.1.1.2) ADM element instances with the QueueType ADM attributes set to System that represent the three system queues specified following:

    • LocalQueueManager.SystemDeadletterQueue

    • LocalQueueManager.TransactionalDeadletterQueue

    • LocalQueueManager.SystemJournalQueue

  • Create Queue ADM element instances with the QueueType ADM attributes set to System that represent two system queues that MUST NOT be accessed by the message queuing applications directly:

  • For each Queue ADM element instance, referred to as iQueue, in the QueueCollection ADM attribute of the LocalQueueManager ADM element, if iQueue is an OutgoingQueue (section 3.1.1.3), do the following:

    • If iQueue.State is Locked and the HardenedSecurity ADM attribute of the LocalQueueManager ADM element is False:

      • Set iQueue.State := Waiting

    • Else if iQueue.DestinationFormatName specifies a non-HTTP format name and the HardenedSecurity ADM attribute of the LocalQueueManager ADM element is True:

      • Set iQueue.State := Locked

  • The queue manager initializes itself as a Resource Manager ([MS-DTCO] section 3.5). During Initialization ([MS-DTCO] section 3.5.3), the resource manager initiates recovery of transactions and notifies the queue manager regarding the outcome of reenlistment. The following sections specify processing rules for these operations:

  • The queue manager performs the following processing steps to abort all non-DTC transactions:

    • For each Transaction (section 3.1.1.14) ADM element instance, referred to as iTransaction, in the LocalQueueManager.TransactionCollection, if iTransaction.SinglePhase is True, do the following:

If any error occurs and is not handled as specified in the preceding processing rules, the queue manager MUST raise the error so that it can be handled by the caller.