3.2.6.3.7 User
The MQDS client MUST perform the following actions:
The arguments supplied to the Read Directory (section 3.2.6.3) event MUST meet the following conditions. If any of these conditions is violated, rStatus MUST be set to DirectoryOperationResult.GenericError, and processing of the event MUST end.
The iDirectoryObject.CertificateDigestList attribute MUST be populated with exactly one digest.
If iAttributeList was not provided as an argument, an iAttributeList MUST be constructed that MUST contain the names of all directory attributes of the User ([MS-MQDMPR] section 3.1.1.15) ADM element.
The aProp parameter for the S_DSGetPropsGuid (section 3.1.4.8) method MUST be computed. For each User ADM element attribute listed in the following table that appears in iAttributeList, add the corresponding property identifier to aProp. User ADM element attributes that appear in iAttributeList but that are not listed in the following table MUST be ignored.
User ADM element attribute
Property Identifier
Attribute value computation
SecurityIdentifier
Certificates
PROPID_U_SIGN_CERT ([MS-MQMQ] section 2.3.6.4)
MQUSERSIGNCERTS structure ([MS-MQMQ] 2.2.21) copied from property.
CertificateDigestList
PROPID_U_DIGEST ([MS-MQMQ] section 2.3.6.5)
List of GUIDs copied from property.
Identifier
PROPID_U_ID ([MS-MQMQ] section 2.3.6.6)
GUID copied from property.
Other input parameters for the S_DSGetPropsGuid method MUST be computed:
dwObjectType MUST be MQDS_USER.
Other parameters MUST be set up as specified in section 3.1.4.8.
The common steps for the Read Directory event ensure that these steps are performed only if the attribute-filter expression ([MS-MQDMPR] section 3.1.7.1.20) in iFilter is of the form "CertificateDigestList" EQUALS someGuid, and the S_DSGetPropsGuid method MUST be called with the pGuid parameter set to point to a buffer that contains someGuid and the other given arguments.
If the return value is MQDS_OBJECT_NOT_FOUND, rStatus MUST be set to DirectoryOperationResult.ObjectNotFound, rDirectoryObject is undefined, and processing MUST end.
If the return value is not MQ_OK, rStatus MUST be set to DirectoryOperationResult.GenericError, rDirectoryObject is undefined, and processing MUST end.
A User ADM element instance MUST be created. rDirectoryObject MUST be set to this new User ADM element instance. The attributes listed in iAttributeList MUST be computed according to the preceding table and MUST be set on rDirectoryObject.
rStatus MUST be set to DirectoryOperationResult.Success. Processing MUST end.