3.2.2.3 Abstract Data Model

In addition to the tables specified in section 3.2.1 and maintained by the server, the enterprise CA maintains the data detailed in the following sections.

Server_Current_Version: An unsigned integer with values between 0 and 15. This ADM element is used to determine whether the current template is supported by the server. If CT_FLAG_REQUIRE_SAME_KEY_RENEWAL is implemented (see section 3.2.2.6.2.1.4.5.7 for more details), then this ADM element MUST be set to 4; otherwise, it MUST be set to 15.

Collection_Of_End_Entity_Object_Query_AD_Connections: A collection of ADConnection handles whose maximum size SHOULD be set to Config_Max_Number_Of_AD_Connections.<111> Each element of this collection can be used each time the CA establishes an Active Directory connection. This collection is initialized with no element. In order to support multiple simultaneous requests, the CA SHOULD enforce mutual exclusion on read and write operations on the elements of this ADM.

CertificateTemplatesAndEnrollmentServices_AD_Connection: An ADConnection handle initialized to NULL. In order to support multiple simultaneous requests, the CA SHOULD serialize the access to this ADM element. All Windows Client Certificate Enrollment server implementations serialize access to the ADconnection handle. Other implementations are not required to do this.

Collection_of_Certificates_Publication_AD_Connections: A collection of ADConnection handles. Each element of this collection can be used each time the CA establishes an Active Directory connection to publish issued certificates. This collection is initialized with no element.

See [MS-ADTS] section 7.2 for more information about ADConnection.