Hi Andrew: The flag SPECIAL_SECRET_PROCESSING is set in ulReplicaFlags in attribute REPS_FROM (MS-DRSR 5.167). This is mentioned in section 5.167 as follows:
"ulReplicaFlags (4 bytes): A ULONG. This field contains a set of DRS_OPTIONS that are applicable when replicating from the source DC" The client sets it explicitly from the above attribute. On my RODC, the value of ulReplicaFlags is 00402060. Please let me know it does not answer your question. Regards, Obaid Farooqi Escalation Engineer | Microsoft Exceeding your expectations is my highest priority. If you would like to provide feedback on your case you may contact my manager at nkang at Microsoft dot com -----Original Message----- From: "Obaid Farooqi" <[email protected]> Sent: Thursday, March 19, 2015 7:28 PM To: "Andrew Bartlett" <[email protected]> Cc: "[email protected]" <[email protected]>; "MSSolve Case Email" <[email protected]> Subject: [REG:115022012423941] [REG: 115022012423941] connecting MS-DRSR 4.1.23.2 IDL_DRSReplicaSync and ReplicateNCRequestMsg Hi Andrew, As mentioned in the document MS-DRSR in section " 4.1.19.2 Server Behavior of the IDL_DRSReplicaAdd Method", client explicitly sets this flag. I have only seen it to be set in case of an RODC client when it calls IDL_DRSReplicaAdd. What I have also seen is that in some occasions, even when an RODC calls IDL_DRSReplicaAdd, this flag is not set. I'll look more into that and update you and if needed, will file a bug on MS-DRSR. Regards, Obaid Farooqi Escalation Engineer | Microsoft Exceeding your expectations is my highest priority. If you would like to provide feedback on your case you may contact my manager at nkang at Microsoft dot com -----Original Message----- From: "Obaid Farooqi" <[email protected]> Sent: Tuesday, March 3, 2015 4:21 PM To: "Andrew Bartlett" <[email protected]> Cc: "[email protected]" <[email protected]>; "MSSolve Case Email" <[email protected]> Subject: [REG:115022012423941] [REG: 115022012423941] connecting MS-DRSR 4.1.23.2 IDL_DRSReplicaSync and ReplicateNCRequestMsg Hi Andrew: I'll help you with this issue and will be in touch as soon as I have an answer. Regards, Obaid Farooqi Escalation Engineer | Microsoft Exceeding your expectations is my highest priority. If you would like to provide feedback on your case you may contact my manager at nkang at Microsoft dot com -----Original Message----- From: "Edgar Olougouna" <[email protected]> Sent: Monday, March 2, 2015 12:09 PM To: "Andrew Bartlett" <[email protected]>; "Obaid Farooqi" <[email protected]> Cc: "[email protected]" <[email protected]>; "MSSolve Case Email" <[email protected]> Subject: [REG:115022012423941] [REG: 115022012423941] connecting MS-DRSR 4.1.23.2 IDL_DRSReplicaSync and ReplicateNCRequestMsg Andrew, I transferred this case to my colleague Obaid in cc. He'll will investigate this and follow-up. Thanks, Edgar -----Original Message----- From: Edgar Olougouna Sent: Friday, February 20, 2015 4:24 PM To: Andrew Bartlett Cc: [email protected]; MSSolve Case Email Subject: RE: [REG: 115022012423941] connecting MS-DRSR 4.1.23.2 IDL_DRSReplicaSync and ReplicateNCRequestMsg Andrew, I will research this and follow-up. Thanks, Edgar -----Original Message----- From: Matt Weber Sent: Thursday, February 19, 2015 10:55 PM To: Andrew Bartlett Cc: [email protected]; MSSolve Case Email Subject: [REG: 115022012423941] connecting MS-DRSR 4.1.23.2 IDL_DRSReplicaSync and ReplicateNCRequestMsg [Case number in subject] [Casemail to cc] [Dochelp to bcc] Hello Andrew, Thank you for your request. Case number 115022012423941 has been created for this inquiry. One of our team members will follow up with you soon. Best regards, Matt Weber | Microsoft Open Specifications Team -----Original Message----- From: Andrew Bartlett [mailto:[email protected]] Sent: Thursday, February 19, 2015 10:19 PM To: Interoperability Documentation Help Cc: [email protected] Subject: connecting MS-DRSR 4.1.23.2 IDL_DRSReplicaSync and ReplicateNCRequestMsg MS-DRSR 4.1.23 IDL_DRSReplicaSync has some great pseudo-code in 4.1.23.2 Server Behavior of the IDL_DRSReplicaSync Method. However, it finishes with this text statement: Perform a replication cycle as a client of IDL_DRSGetNCChanges. 4.1.10.4.1) to form the first request and send it. If not DRS_MAIL_REP in r.options, then wait for the response, process it, send the next request (section 4.1.10.6), etc., until the replication cycle is complete. This is great, but I need to know what parameters are passed in to 4.1.10.4.1 ReplicateNCRequestMsg In particular, I'm trying to chase down an issue in our RODC case, where the SPECIAL_SECRETS_PROCESSING flag isn't being sent by our RODC to GetNCChanges. I know how I *could* force it, but I don't know if it should always be forced, for example. For example, should the server sending DsReplicaSync tell the RODC to request it, or should the RODC add it (and remove WRIT_REP) on it's own? Thanks, Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba _______________________________________________ cifs-protocol mailing list [email protected] https://lists.samba.org/mailman/listinfo/cifs-protocol
