3.2.2.4.1 Updating a Server Entry

  • Article

Parameters:

  • Server Entry [in]: An rpcServer class in Active Directory to be modified or deleted.

  • Action [in]: Indicates if the Server Entry is to be modified or deleted.

  • Status [out]: Indicates to the caller if the Server Entry update was successful or if it failed with a specific status code.

Server entries MUST be represented by using the rpcServer class in Active Directory. If Server Entry is set to NULL or not provided, the server MUST fail the method and return RPC_S_ENTRY_NOT_FOUND. When a server entry is modified by adding or removing an interface, interface binding, or an object UUID, the following actions MUST be taken:

The server MUST locate a writable domain controller for the domain in which the RPC locator server is joined, by invoking the DsrGetDcNameEx2 method on the local Netlogon server [MS-NRPC] and specifying the following parameters:

  • ComputerName = NULL

  • AccountName = NULL

  • AllowableAccountControlBits = 0

  • DomainName = NULL

  • DomainGuid = NULL

  • SiteName = NULL

  • Flags = (DS_WRITABLE_FLAG | DS_DS_FLAG) ([MS-ADTS] (section 6.3.1.2)).

Upon success, the server uses the domain controller specified in the DomainControllerName field of the returned DomainControllerInfo parameter of the subsequent operations. If the DsrGetDcNameEx2 method fails, the server MUST fail this method and return the status code to the caller.

The server uses a default timeout value for LDAP operations, and no retries are required.

  1. The server locator MUST form the entry FQDN from the Server Entry, as specified in section 3.1.1.1, and issue an LDAP query (see LDAP Operation Details, section 2.2.6) to read the corresponding Active Directory object ([MS-ADTS] section 3.1.1.4).

  2. The server locator MUST create or modify the Active Directory object as follows:

    1. If an Active Directory object exists with the entry FQDN, the server locator MUST verify that the object represents a server entry by verifying that the Active Directory object is of class rpcServer.

    2. If the Active Directory object represents a server entry, and if the description attribute on the Active Directory object is Created Entry, the Active Directory object MUST be treated as an empty name service entry, as specified in section 3.2.2.4.4. The server locator MUST modify the description to an implementation-specific value other than Created Entry.

    3. If no Active Directory object exists for the entry FQDN, the server locator MUST create a new Active Directory object of class rpcServer to represent the server entry.

      Any error codes returned from procedures used to interact with Active Directory are returned to the caller.

  3. The server locator MUST compare information in this RPC name service modification with the data already in Active Directory. If there are any differences, the server locator MUST modify the new or preexisting server entry as follows:

    1. The server locator MUST update the object UUIDs of the server entry to match the data in the export.

    2. The server locator MUST create or modify the corresponding child Active Directory object of type rpcServerElement (section 2.2.5.6) to update its interface information.

      1. The server locator MUST generate the RDN attribute of the rpcServerElement as specified in section 2.2.5.6.

      2. The server locator MUST modify the rpcNsBindings attribute with bindings in this export.

      3. The server locator MUST modify the rpcNsInterfaceID attribute with the interface identifier and version.

      4. The server locator MUST modify the rpcNsTransferSyntax attribute with the transfer syntax of the interface.

  4. If the Action parameter indicates that the server entry is to be deleted, the server locator MUST delete the Active Directory object retrieved in step 1 above ([MS-ADTS] section 3.1.1.5.5 "Delete Operation"). If the Server Entry is not found, the server MUST return error RPC_S_ENTRY_NOT_FOUND.