3.1.3 Initialization
The initialization MUST be triggered with the following argument:
iProvisioning: A Boolean value that indicates whether the initialization is part of the queue manager provisioning. If yes, the value is TRUE; otherwise, the value is FALSE. More details about system initialization are given in [MS-MQSO] section 6.6.
The queue manager MUST perform the following actions to initialize the abstract data model.
The queue manager MUST call the LsarOpenPolicy2 ([MS-LSAD] section 3.1.4.4.1) method with the following parameter values:
SystemName := an empty string
DesiredAccess := POLICY_VIEW_LOCAL_INFORMATION ([MS-LSAD] section 2.2.1.1.2)
Other parameters as specified in [MS-LSAD] section 3.1.4.4.1
If the return value is not STATUS_SUCCESS (0x00000000), take no further action.
Let StoredPolicyHandle be a pointer to an LSAPR_HANDLE ([MS-LSAD] section 2.2.2.1) initialized to the handle pointer returned in the PolicyHandle parameter by the preceding call to LsarOpenPolicy2.
The queue manager MUST call the LsarQueryInformationPolicy2 ([MS-LSAD] section 3.1.4.4.3) method with the following parameter values:
PolicyHandle := StoredPolicyHandle
InformationClass := PolicyDnsDomainInformation ([MS-LSAD] section 2.2.4.1)
Other parameters, as specified in [MS-LSAD] section 3.1.4.4.3
If the return value is not STATUS_SUCCESS (0x00000000), take no further action.
Set LocalQueueManager.MachineDomainId to the DomainGuid field of the LSAPR_POLICY_DNS_DOMAIN_INFO ([MS-LSAD] section 2.2.4.14) structure returned.
Let FQDNDomain be a Unicode string initialized to the DnsDomainName field of the LSAPR_POLICY_DNS_DOMAIN_INFO structure returned.
The queue manager MUST call the LsarQueryInformationPolicy2 method with the following parameter values:
PolicyHandle := StoredPolicyHandle
InformationClass := PolicyLocalAccountDomainInformation ([MS-LSAD] section 2.2.4.1)
Other parameters, as specified in [MS-LSAD] section 3.1.4.4.3
If the return value is not STATUS_SUCCESS (0x00000000), take no further action.
Set LocalQueueManager.ComputerName to the DomainName field of the LSAPR_POLICY_ACCOUNT_DOM_INFO ([MS-LSAD] section 2.2.4.6) structure returned.
Concatenate LocalQueueManager.ComputerName, a period ("."), and FQDNDomain to form the fully-qualified computer name, and set LocalQueueManager.QualifiedComputerName to that value.
The queue manager MUST call the LsarClose ([MS-LSAD] section 3.1.4.9.4) method with the following parameter value:
PolicyHandle := StoredPolicyHandle
If LocalQueueManager.DirectoryIntegrated is True:
If the iProvisioning argument is TRUE:
Set LocalQueueManager.InitializationRetryTimerDuration to 120.
Add a user-configured GUID as the Identifier ADM attribute of a Site (section 3.1.1.7) ADM element instance to LocalQueueManager.SiteIdentifierList.
The queue manager SHOULD<17> retrieve the computer names of the Active Directory domain controllers for the domain to which the queue manager computer belongs by performing a DNS query ([RFC1035]) for the SRV record _ldap._tcp.dc._msdcs.N, as defined in [MS-ADTS] section 6.3.6.1, where N is the fully-qualified domain name FQDNDomain obtained in a preceding step. The machine names in the received query results are added to LocalQueueManager.DirectoryServerList.
The queue manager MUST start the Directory Server List Update Timer ([MS-MQSO] section 6.4.1.2).
The queue manager MUST initialize LocalQueueManager.PublicEncryptionKeyList with an MQDSPUBLICKEYS ([MS-MQMQ] section 2.2.2) structure that contains multiple MQDSPUBLICKEY ([MS-MQMQ] section 2.2.1) structures. There SHOULD be one MQDSPUBLICKEY structure for each cryptographic service provider (CSP) in the following list:<18>
Microsoft Base Cryptographic Provider v1.0
Microsoft Enhanced Cryptographic Provider v1.0
Microsoft Enhanced RSA and AES Cryptographic Provider
The fields of each MQDSPUBLICKEY structure are initialized as specified in [MS-MQMQ] section 2.2.1 with these additional steps:
sProviderName is the CSP's name from the list, expressed as a null-terminated 16-bit Unicode string.
aBuf is populated with a key generated for use with the RSA key exchange algorithm ([RFC8017]), which MUST meet the validity condition in [RFC8017] section 3.1. The key has a bit length of 512 if sProviderName is "Microsoft Base Cryptographic Provider v1.0" or 1024 if sProviderName is "Microsoft Enhanced Cryptographic Provider v1.0" or "Microsoft Enhanced RSA and AES Cryptographic Provider".
The queue manager MUST initialize the PublicSigningKeyList ADM attribute of the LocalQueueManager ADM element with an MQDSPUBLICKEYS ([MS-MQMQ] section 2.2.2) structure that contains multiple MQDSPUBLICKEY ([MS-MQMQ] section 2.2.1) structures. There SHOULD be one MQDSPUBLICKEY structure for each CSP in the following list:<19>
Microsoft Base Cryptographic Provider v1.0
Microsoft Enhanced Cryptographic Provider v1.0
Microsoft Enhanced RSA and AES Cryptographic Provider
The fields of each MQDSPUBLICKEY structure are initialized as specified in [MS-MQMQ] section 2.2.1 with these additional steps:
sProviderName is the CSP's name from the list, expressed as a null-terminated 16-bit Unicode string.
aBuf is populated with a key generated for use with the RSA signature algorithm ([RFC8017]), which MUST meet the validity condition in [RFC8017] section 3.1. The key has a bit length of 512 if sProviderName is "Microsoft Base Cryptographic Provider v1.0" or 1024 if sProviderName is "Microsoft Enhanced Cryptographic Provider v1.0" or "Microsoft Enhanced RSA and AES Cryptographic Provider".
Synchronize the directory attributes of the LocalQueueManager ADM element instance with the directory through the following steps:
Generate a Read Directory (section 3.1.7.1.20) event with the following arguments:
iDirectoryObjectType := "QueueManager"
iFilter := An array of the following attribute-filter expressions:
"Identifier" EQUALS LocalQueueManager.Identifier
iAttributeList := NULL
If the rStatus returned by the Read Directory event is set to DirectoryOperationResult.Success:
Update the ADM attributes of the LocalQueueManager ADM element instance with the corresponding ADM attributes of the returned QueueManager (section 3.1.1.1) ADM element instance.
For each identifier in the local LocalQueueManager.SiteIdentifierList, referred to as siteIdentifier, do the following:
Generate a Read Directory event with the following arguments:
iDirectoryObjectType := "Site"
iFilter := An array of the following attribute-filter expressions:
"Identifier" EQUALS siteIdentifier
iAttributeList := NULL
If rStatus from the Read Directory event is DirectoryOperationResult.Success:
Add the returned Site ADM element instance to LocalQueueManager.SiteCollection.
Else if the rStatus returned by Read Directory event is set to DirectoryOperationResult.ObjectNotFound and iProvisioning is TRUE:
Continue with the following steps.
Generate a Read Directory event with the following arguments:
iDirectoryObjectType := "Enterprise"
iFilter := NULL
iAttributeList := "NonLDAPCapableQueueManagerNotification"
If the rStatus returned by the Read Directory event is set to DirectoryOperationResult.Success:
Set LocalQueueManager.EnterpriseReference to the returned Enterprise (section 3.1.1.6) ADM element instance.
Else if the rStatus returned by the Read Directory event is set to DirectoryOperationResult.AttributeNotFound:
Create an Enterprise ADM element instance referred to as newEnterpriseObject and set newEnterpriseObject.NonLDAPCapableQueueManagerNotification to True.
Set LocalQueueManager.EnterpriseReference to newEnterpriseObject.
Start the Directory Sites Update Timer (section 3.1.2.1) and the Directory Site Gates Update Timer (section 3.1.2.2).
Create Queue (section 3.1.1.2) ADM element instances with the QueueType ADM attributes set to System that represent the three system queues specified following:
LocalQueueManager.SystemDeadletterQueue
LocalQueueManager.TransactionalDeadletterQueue
LocalQueueManager.SystemJournalQueue
Create Queue ADM element instances with the QueueType ADM attributes set to System that represent two system queues that MUST NOT be accessed by the message queuing applications directly:
Change notification queue
For each Queue ADM element instance, referred to as iQueue, in the QueueCollection ADM attribute of the LocalQueueManager ADM element, if iQueue is an OutgoingQueue (section 3.1.1.3), do the following:
If iQueue.State is Locked and the HardenedSecurity ADM attribute of the LocalQueueManager ADM element is False:
Set iQueue.State := Waiting
Else if iQueue.DestinationFormatName specifies a non-HTTP format name and the HardenedSecurity ADM attribute of the LocalQueueManager ADM element is True:
Set iQueue.State := Locked
The queue manager initializes itself as a Resource Manager ([MS-DTCO] section 3.5). During Initialization ([MS-DTCO] section 3.5.3), the resource manager initiates recovery of transactions and notifies the queue manager regarding the outcome of reenlistment. The following sections specify processing rules for these operations:
The queue manager performs the following processing steps to abort all non-DTC transactions:
For each Transaction (section 3.1.1.14) ADM element instance, referred to as iTransaction, in the LocalQueueManager.TransactionCollection, if iTransaction.SinglePhase is True, do the following:
Generate a Transaction Abort (section 3.1.4.5) event with the following argument value:
iTransactionIdentifier := iTransaction.Identifier.
If any error occurs and is not handled as specified in the preceding processing rules, the queue manager MUST raise the error so that it can be handled by the caller.