Share via

3.2.2.4.4 Creating a New Entry

  • Article

Parameters:

  • Server Entry [in]: The name of the server, group, or profile entry to create. All entries are initially created as class rpcServer.

  • Status [out]: Indicates to the caller if the server entry creation was successful or if it failed with a specific error code.

The server locator MUST take the following actions to create an Active Directory object representing a name service entry.

The server MUST locate a writable domain controller for the domain in which the RPC locator server is joined by invoking the DsrGetDcNameEx2 method on the local Netlogon server [MS-NRPC] and specifying the following parameters:

  • ComputerName = NULL

  • AccountName = NULL

  • AllowableAccountControlBits = 0

  • DomainName = NULL

  • DomainGuid = NULL

  • SiteName = NULL

  • Flags = (DS_WRITABLE_FLAG | DS_DS_FLAG) ([MS-ADTS] (section 6.3.1.2)).

Upon success, the server uses the domain controller specified in the DomainControllerName field of the returned DomainControllerInfo parameter for the subsequent operations. If the DsrGetDcNameEx2 method fails, the server MUST fail this method and return the status code to the caller.

The server uses a default timeout value for LDAP operations and no retries are required.

  1. The server locator forms the entry FQDN for the Server Entry, as specified in section 3.1.1.1, and issues an LDAP query ([MS-ADTS] section 3.1.1.4).

  2. If an Active Directory object exists with the entry FQDN, whether or not the object is class rpcServer, the server locator MUST make no further modifications and return the status RPC_S_ENTRY_ALREADY_EXISTS.

  3. If no Active Directory object exists for the entry FQDN, the server locator MUST create a new object of class rpcServer to represent an empty name service entry. The server locator MUST update the description of the entry to be "Created Entry" ([MS-ADTS] section 3.1.1.5.2). If any LDAP errors are encountered creating the new object in Active Directory, they are returned to the caller in Status.

  4. If the new object was successfully created with no LDAP or other errors, indicate success to the caller by returning RPC_S_OK.