2.2.6.2.11 DNS_RPC_SKD_STATE_EX
The DNS_RPC_SKD_STATE_EX structure <52> represents the collection of extended dynamic configuration information of a signing key descriptor state.
-
typedef struct _DnsRpcSigningKeyDescriptorStateEx { DWORD dwRpcStructureVersion; DWORD dwReserved0; GUID Guid; DWORD dwCurrentRollState; DWORD fManualTrigger; DWORD dwPreRollEventFired; FILETIME ftNextKeyGenerationTime; DWORD dwRevokedOrSwappedDnskeysLength; PBYTE pRevokedOrSwappedDnskeysBuffer; DWORD dwFinalDnskeysLength; PBYTE pFinalDnskeys; KeySignScope eActiveKeyScope; KeySignScope eStandByKeyScope; KeySignScope eNextKeyScope; } DNS_RPC_SKD_STATE_EX, *PDNS_RPC_SKD_STATE_EX;
dwRpcStructureVersion: The structure version number; this MUST be set to 0x00000001.
dwReserved0: This MUST be set to zero when sent and MUST be ignored on receipt.
Guid: A unique identifier for this signing key descriptor.
dwCurrentRollState: The current rollover status of this signing key descriptor. Note that these are DNS Server Management Protocol implementations of the protocol specified rollover states of SKDs in DNS_RPC_SKD_STATE.
-
Value
Mapping in DNS_RPC_SKD_STATE
DNS_SKD_ROLL_STATE_NOT_STARTED
0x00000000
DNS_SKD_STATUS_NOT_ROLLING
DNS_SKD_ROLL_STATE_ZSK_SWAP_ACTIVE_WITH_ROLLOVER
0x00000001
DNS_SKD_STATUS_ZSK_WAITING_FOR_DNSKEY_TTL
DNS_SKD_ROLL_STATE_ZSK_FINISH
0x00000002
DNS_SKD_STATUS_ZSK_WAITING_FOR_MAXZONE_TTL
DNS_SKD_ROLL_STATE_KSK_WAITING_FOR_DS
0x00000003
DNS_SKD_STATUS_KSK_WAITING_FOR_DS_UPDATE
DNS_SKD_ROLL_STATE_KSK_REVOKE
0x00000004
DNS_SKD_STATUS_KSK_WAITING_FOR_DS_TTL
The key is revoked once the rollover is completed.
DNS_SKD_ROLL_STATE_KSK_FINISH
0x00000005
DNS_SKD_STATUS_KSK_WAITING_FOR_DS_TTL
The key is not revoked and is used with the rolled over key-set.
DNS_SKD_ROLL_STATE_MAX
0x00000005
DNS_SKD_STATUS_KSK_WAITING_FOR_DS_TTL
DNS_SKD_STATUS_ROLL_ERROR
0x00000009
This signing key descriptor experienced an unrecoverable error during the key rollover.
fManualTrigger: TRUE if the rollover was triggered manually.
dwPreRollEventFired: Specifies which prerollover event has been fired.
ftNextKeyGenerationTime: The time at which the next key was added to the zone.
dwRevokedOrSwappedDnskeysLength: The length of the revoked or swapped DNSKEY RRSet.
pRevokedOrSwappedDnskeysBuffer: Presigned DNSKEY RRSet for ZSK swap. This is a pointer to a pointer that points to a buffer containing the enumerated records. The buffer is a series of structures beginning with a DNS_RPC_NODE structure (section 2.2.2.2.3). The records for the node will be represented by a series of DNS_RPC_RECORD structures (section 2.2.2.2.5). The number of DNS_RPC_RECORD structures following a DNS_RPC_NODE structure is given by the wRecordCount member of DNS_RPC_NODE.
dwFinalDnskeysLength: Length of presigned DNSKEY RRSet.
pFinalDnskeys: Presigned DNSKEY RRSet Post Rollover. This is a pointer to a pointer that points to a buffer containing the enumerated records. The buffer is a series of structures beginning with a DNS_RPC_NODE structure. The records for the node will be represented by a series of DNS_RPC_RECORD structures. The number of DNS_RPC_RECORD structures following a DNS_RPC_NODE structure is given by the wRecordCount member of DNS_RPC_NODE.
eActiveKeyScope: Signing key scope for the SKD's active key. The signing key scope is defined in KeySignScope (section 2.2.6.1.2).
eStandByKeyScope: Signing key scope for the SKD's standby key. The signing key scope is defined in KeySignScope.
eNextKeyScope: Signing key scope for the SKD's next key. The signing key scope is defined in KeySignScope.