[cifs-protocol] [REG:115022012423941] [REG: 115022012423941] connecting MS-DRSR 4.1.23.2 IDL_DRSReplicaSync and ReplicateNCRequestMsg

Obaid Farooqi obaidf at microsoft.com
Wed Mar 25 18:36:57 MDT 2015 

Hi Andrew:
The flag SPECIAL_SECRET_PROCESSING is set in ulReplicaFlags in attribute REPS_FROM (MS-DRSR 5.167). This is mentioned in section 5.167 as follows:

"ulReplicaFlags (4 bytes):  A ULONG. This field contains a set of DRS_OPTIONS that are applicable when replicating from the source DC"

The client sets it explicitly from the above attribute.
On my RODC, the value of ulReplicaFlags is 00402060. 

Please let me know it does not answer your question.


Regards,
Obaid Farooqi
Escalation Engineer | Microsoft

Exceeding your expectations is my highest priority.  If you would like to provide feedback on your case you may contact my manager at nkang at Microsoft dot com

-----Original Message-----
From: "Obaid Farooqi" <obaidf at microsoft.com> 
Sent: Thursday, March 19, 2015 7:28 PM
To: "Andrew Bartlett" <abartlet at samba.org>
Cc: "cifs-protocol at lists.samba.org" <cifs-protocol at lists.samba.org>; "MSSolve Case Email" <casemail at microsoft.com>
Subject: [REG:115022012423941] [REG: 115022012423941] connecting MS-DRSR 4.1.23.2 IDL_DRSReplicaSync and ReplicateNCRequestMsg

Hi Andrew,
As mentioned in the document MS-DRSR in section " 4.1.19.2 Server Behavior of the IDL_DRSReplicaAdd Method", client explicitly sets this flag. I have only seen it to be set in case of an RODC client when it calls IDL_DRSReplicaAdd.

What I have also seen is that in some occasions, even when an RODC calls IDL_DRSReplicaAdd, this flag is not set. I'll look more into that and update you and if needed, will file a bug on MS-DRSR.

Regards,
Obaid Farooqi
Escalation Engineer | Microsoft 

Exceeding your expectations is my highest priority.  If you would like to provide feedback on your case you may contact my manager at nkang at Microsoft dot com

-----Original Message-----
From: "Obaid Farooqi" <obaidf at microsoft.com>
Sent: Tuesday, March 3, 2015 4:21 PM
To: "Andrew Bartlett" <abartlet at samba.org>
Cc: "cifs-protocol at lists.samba.org" <cifs-protocol at lists.samba.org>; "MSSolve Case Email" <casemail at microsoft.com>
Subject: [REG:115022012423941] [REG: 115022012423941] connecting MS-DRSR 4.1.23.2 IDL_DRSReplicaSync and ReplicateNCRequestMsg

Hi Andrew: 
I'll help you with this issue and will be in touch as soon as I have an answer. 

Regards,
Obaid Farooqi
Escalation Engineer | Microsoft 

Exceeding your expectations is my highest priority.  If you would like to provide feedback on your case you may contact my manager at nkang at Microsoft dot com

-----Original Message-----
From: "Edgar Olougouna" <edgaro at microsoft.com>
Sent: Monday, March 2, 2015 12:09 PM
To: "Andrew Bartlett" <abartlet at samba.org>; "Obaid Farooqi" 
<obaidf at microsoft.com>
Cc: "cifs-protocol at lists.samba.org" <cifs-protocol at lists.samba.org>; "MSSolve Case Email" <casemail at microsoft.com>
Subject: [REG:115022012423941] [REG: 115022012423941] connecting MS-DRSR 4.1.23.2 IDL_DRSReplicaSync and ReplicateNCRequestMsg

Andrew,
I transferred this case to my colleague Obaid in cc. He'll will investigate this and follow-up. 

Thanks,
Edgar 

-----Original Message-----
From: Edgar Olougouna
Sent: Friday, February 20, 2015 4:24 PM
To: Andrew Bartlett
Cc: cifs-protocol at lists.samba.org; MSSolve Case Email
Subject: RE: [REG: 115022012423941] connecting MS-DRSR 4.1.23.2 IDL_DRSReplicaSync and ReplicateNCRequestMsg 

Andrew,
I will research this and follow-up. 

Thanks,
Edgar 

-----Original Message-----
From: Matt Weber
Sent: Thursday, February 19, 2015 10:55 PM
To: Andrew Bartlett
Cc: cifs-protocol at lists.samba.org; MSSolve Case Email
Subject: [REG: 115022012423941] connecting MS-DRSR 4.1.23.2 IDL_DRSReplicaSync and ReplicateNCRequestMsg 

[Case number in subject]
[Casemail to cc]
[Dochelp to bcc] 

Hello Andrew, 

Thank you for your request. Case number 115022012423941 has been created for this inquiry. One of our team members will follow up with you soon.

Best regards,
Matt Weber | Microsoft Open Specifications Team 

-----Original Message-----
From: Andrew Bartlett [mailto:abartlet at samba.org]
Sent: Thursday, February 19, 2015 10:19 PM
To: Interoperability Documentation Help
Cc: cifs-protocol at lists.samba.org
Subject: connecting MS-DRSR 4.1.23.2 IDL_DRSReplicaSync and ReplicateNCRequestMsg 

MS-DRSR 4.1.23 IDL_DRSReplicaSync has some great pseudo-code in
4.1.23.2 Server Behavior of the IDL_DRSReplicaSync Method.  However, it finishes with this text statement: 

Perform a replication cycle as a client of IDL_DRSGetNCChanges. 
4.1.10.4.1) to form the first request and send it. If not DRS_MAIL_REP in r.options, then wait for the response, process it, send the next request (section 4.1.10.6), etc., until the replication cycle is complete.

This is great, but I need to know what parameters are passed in to
4.1.10.4.1 ReplicateNCRequestMsg 

In particular, I'm trying to chase down an issue in our RODC case, where the SPECIAL_SECRETS_PROCESSING flag isn't being sent by our RODC to GetNCChanges.  I know how I *could* force it, but I don't know if it should always be forced, for example.  For example, should the server sending DsReplicaSync tell the RODC to request it, or should the RODC add it (and remove WRIT_REP) on it's own?

Thanks, 

Andrew Bartlett 

--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba

More information about the cifs-protocol mailing list