diff options
| author | Nadezhda Ivanova <nadezhda.ivanova@postpath.com> | 2010-01-13 12:02:31 +0200 |
|---|---|---|
| committer | Nadezhda Ivanova <nadezhda.ivanova@postpath.com> | 2010-01-13 12:02:31 +0200 |
| commit | 9b3871ed293f76e770e572cd6b59f59670f1f6f8 (patch) | |
| tree | 2b79286e3a6f7af9e26466393a0b26075a238be8 /source4 | |
| parent | 309473f938d18b9993c2c4f120eeff7b4641985a (diff) | |
| parent | ca847952054f5bbde1d40ad4260589b6fcc9721d (diff) | |
| download | samba-9b3871ed293f76e770e572cd6b59f59670f1f6f8.tar.gz samba-9b3871ed293f76e770e572cd6b59f59670f1f6f8.tar.bz2 samba-9b3871ed293f76e770e572cd6b59f59670f1f6f8.zip | |
Merge branch 'master' of git://git.samba.org/samba
Diffstat (limited to 'source4')
84 files changed, 23775 insertions, 1602 deletions
diff --git a/source4/VERSION b/source4/VERSION index ed8d2b0350..76e66da6bd 100644 --- a/source4/VERSION +++ b/source4/VERSION @@ -57,7 +57,7 @@ SAMBA_VERSION_TP_RELEASE= # e.g. SAMBA_VERSION_ALPHA_RELEASE=1 # # -> "4.0.0alpha1" # ######################################################## -SAMBA_VERSION_ALPHA_RELEASE=11 +SAMBA_VERSION_ALPHA_RELEASE=12 ######################################################## # For 'pre' releases the version will be # diff --git a/source4/auth/auth.h b/source4/auth/auth.h index fa2329df32..827b441478 100644 --- a/source4/auth/auth.h +++ b/source4/auth/auth.h @@ -1,19 +1,19 @@ -/* +/* Unix SMB/CIFS implementation. Standardised Authentication types Copyright (C) Andrew Bartlett 2001 Copyright (C) Stefan Metzmacher 2005 - + This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ @@ -79,13 +79,13 @@ struct auth_usersupplied_info struct samr_Password *lanman; struct samr_Password *nt; } hash; - + char *plaintext; } password; uint32_t flags; }; -struct auth_serversupplied_info +struct auth_serversupplied_info { struct dom_sid *account_sid; struct dom_sid *primary_group_sid; @@ -105,7 +105,7 @@ struct auth_serversupplied_info const char *home_directory; const char *home_drive; const char *logon_server; - + NTTIME last_logon; NTTIME last_logoff; NTTIME acct_expiry; @@ -149,7 +149,7 @@ struct auth_operations { struct auth_serversupplied_info **server_info); /* Lookup a 'server info' return based only on the principal */ - NTSTATUS (*get_server_info_principal)(TALLOC_CTX *mem_ctx, + NTSTATUS (*get_server_info_principal)(TALLOC_CTX *mem_ctx, struct auth_context *auth_context, const char *principal, struct auth_serversupplied_info **server_info); @@ -165,12 +165,12 @@ struct auth_method_context { struct auth_context { struct { - /* Who set this up in the first place? */ + /* Who set this up in the first place? */ const char *set_by; bool may_be_modified; - DATA_BLOB data; + DATA_BLOB data; } challenge; /* methods, in the order they should be called */ @@ -187,16 +187,16 @@ struct auth_context { NTSTATUS (*check_password)(struct auth_context *auth_ctx, TALLOC_CTX *mem_ctx, - const struct auth_usersupplied_info *user_info, + const struct auth_usersupplied_info *user_info, struct auth_serversupplied_info **server_info); - + NTSTATUS (*get_challenge)(struct auth_context *auth_ctx, uint8_t chal[8]); bool (*challenge_may_be_modified)(struct auth_context *auth_ctx); NTSTATUS (*set_challenge)(struct auth_context *auth_ctx, const uint8_t chal[8], const char *set_by); - - NTSTATUS (*get_server_info_principal)(TALLOC_CTX *mem_ctx, + + NTSTATUS (*get_server_info_principal)(TALLOC_CTX *mem_ctx, struct auth_context *auth_context, const char *principal, struct auth_serversupplied_info **server_info); @@ -213,7 +213,7 @@ struct auth_critical_sizes { int sizeof_auth_serversupplied_info; }; - NTSTATUS encrypt_user_info(TALLOC_CTX *mem_ctx, struct auth_context *auth_context, + NTSTATUS encrypt_user_info(TALLOC_CTX *mem_ctx, struct auth_context *auth_context, enum auth_password_state to_state, const struct auth_usersupplied_info *user_info_in, const struct auth_usersupplied_info **user_info_encrypted); @@ -240,22 +240,22 @@ struct auth_session_info *system_session(struct loadparm_context *lp_ctx); NTSTATUS authsam_make_server_info(TALLOC_CTX *mem_ctx, struct ldb_context *sam_ctx, const char *netbios_name, const char *domain_name, - struct ldb_dn *domain_dn, + struct ldb_dn *domain_dn, struct ldb_message *msg, DATA_BLOB user_sess_key, DATA_BLOB lm_sess_key, struct auth_serversupplied_info **_server_info); -NTSTATUS auth_system_session_info(TALLOC_CTX *parent_ctx, +NTSTATUS auth_system_session_info(TALLOC_CTX *parent_ctx, struct loadparm_context *lp_ctx, struct auth_session_info **_session_info) ; NTSTATUS auth_nt_status_squash(NTSTATUS nt_status); -NTSTATUS auth_context_create_methods(TALLOC_CTX *mem_ctx, const char **methods, +NTSTATUS auth_context_create_methods(TALLOC_CTX *mem_ctx, const char **methods, struct tevent_context *ev, struct messaging_context *msg, struct loadparm_context *lp_ctx, struct auth_context **auth_ctx); -NTSTATUS auth_context_create(TALLOC_CTX *mem_ctx, +NTSTATUS auth_context_create(TALLOC_CTX *mem_ctx, struct tevent_context *ev, struct messaging_context *msg, struct loadparm_context *lp_ctx, @@ -263,7 +263,7 @@ NTSTATUS auth_context_create(TALLOC_CTX *mem_ctx, NTSTATUS auth_check_password(struct auth_context *auth_ctx, TALLOC_CTX *mem_ctx, - const struct auth_usersupplied_info *user_info, + const struct auth_usersupplied_info *user_info, struct auth_serversupplied_info **server_info); NTSTATUS auth_init(void); NTSTATUS auth_register(const struct auth_operations *ops); diff --git a/source4/auth/kerberos/kerberos_pac.c b/source4/auth/kerberos/kerberos_pac.c index 7a6d008562..ecd35f3dfa 100644 --- a/source4/auth/kerberos/kerberos_pac.c +++ b/source4/auth/kerberos/kerberos_pac.c @@ -1,8 +1,8 @@ -/* +/* Unix SMB/CIFS implementation. Create and parse the krb5 PAC - + Copyright (C) Andrew Bartlett <abartlet@samba.org> 2004-2005,2008 Copyright (C) Andrew Tridgell 2001 Copyright (C) Luke Howard 2002-2003 @@ -12,13 +12,13 @@ it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ @@ -31,7 +31,7 @@ #include "lib/ldb/include/ldb.h" #include "auth/auth_sam_reply.h" -krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx, +krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx, DATA_BLOB pac_data, struct PAC_SIGNATURE_DATA *sig, krb5_context context, @@ -50,7 +50,7 @@ krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx, 0, &crypto); if (ret) { - DEBUG(0,("krb5_crypto_init() failed: %s\n", + DEBUG(0,("krb5_crypto_init() failed: %s\n", smb_get_krb5_error_message(context, ret, mem_ctx))); return ret; } @@ -113,7 +113,7 @@ krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx, return NT_STATUS_NO_MEMORY; } - ndr_err = ndr_pull_struct_blob(&blob, pac_data, + ndr_err = ndr_pull_struct_blob(&blob, pac_data, iconv_convenience, pac_data, (ndr_pull_flags_fn_t)ndr_pull_PAC_DATA); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { @@ -129,7 +129,7 @@ krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx, return NT_STATUS_INVALID_PARAMETER; } - ndr_err = ndr_pull_struct_blob(&blob, pac_data_raw, + ndr_err = ndr_pull_struct_blob(&blob, pac_data_raw, iconv_convenience, pac_data_raw, (ndr_pull_flags_fn_t)ndr_pull_PAC_DATA_RAW); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { @@ -210,7 +210,7 @@ krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx, /* Find and zero out the signatures, as required by the signing algorithm */ /* We find the data blobs above, now we parse them to get at the exact portion we should zero */ - ndr_err = ndr_pull_struct_blob(kdc_sig_blob, kdc_sig_wipe, + ndr_err = ndr_pull_struct_blob(kdc_sig_blob, kdc_sig_wipe, iconv_convenience, kdc_sig_wipe, (ndr_pull_flags_fn_t)ndr_pull_PAC_SIGNATURE_DATA); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { @@ -219,8 +219,8 @@ krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx, nt_errstr(status))); return status; } - - ndr_err = ndr_pull_struct_blob(srv_sig_blob, srv_sig_wipe, + + ndr_err = ndr_pull_struct_blob(srv_sig_blob, srv_sig_wipe, iconv_convenience, srv_sig_wipe, (ndr_pull_flags_fn_t)ndr_pull_PAC_SIGNATURE_DATA); if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { @@ -233,9 +233,9 @@ krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx, /* Now zero the decoded structure */ memset(kdc_sig_wipe->signature.data, '\0', kdc_sig_wipe->signature.length); memset(srv_sig_wipe->signature.data, '\0', srv_sig_wipe->signature.length); - + /* and reencode, back into the same place it came from */ - ndr_err = ndr_push_struct_blob(kdc_sig_blob, pac_data_raw, + ndr_err = ndr_push_struct_blob(kdc_sig_blob, pac_data_raw, iconv_convenience, kdc_sig_wipe, (ndr_push_flags_fn_t)ndr_push_PAC_SIGNATURE_DATA); @@ -245,7 +245,7 @@ krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx, nt_errstr(status))); return status; } - ndr_err = ndr_push_struct_blob(srv_sig_blob, pac_data_raw, + ndr_err = ndr_push_struct_blob(srv_sig_blob, pac_data_raw, iconv_convenience, srv_sig_wipe, (ndr_push_flags_fn_t)ndr_push_PAC_SIGNATURE_DATA); @@ -257,7 +257,7 @@ krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx, } /* push out the whole structure, but now with zero'ed signatures */ - ndr_err = ndr_push_struct_blob(&modified_pac_blob, pac_data_raw, + ndr_err = ndr_push_struct_blob(&modified_pac_blob, pac_data_raw, iconv_convenience, pac_data_raw, (ndr_push_flags_fn_t)ndr_push_PAC_DATA_RAW); @@ -269,9 +269,9 @@ krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx, } /* verify by service_key */ - ret = check_pac_checksum(mem_ctx, - modified_pac_blob, srv_sig_ptr, - context, + ret = check_pac_checksum(mem_ctx, + modified_pac_blob, srv_sig_ptr, + context, service_keyblock); if (ret) { DEBUG(1, ("PAC Decode: Failed to verify the service signature: %s\n", @@ -283,8 +283,8 @@ krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx, } if (krbtgt_keyblock) { - ret = check_pac_checksum(mem_ctx, - srv_sig_ptr->signature, kdc_sig_ptr, + ret = check_pac_checksum(mem_ctx, + srv_sig_ptr->signature, kdc_sig_ptr, context, krbtgt_keyblock); if (ret) { DEBUG(1, ("PAC Decode: Failed to verify the KDC signature: %s\n", @@ -306,11 +306,11 @@ krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx, return NT_STATUS_ACCESS_DENIED; } - ret = krb5_parse_name_flags(context, logon_name->account_name, KRB5_PRINCIPAL_PARSE_NO_REALM, + ret = krb5_parse_name_flags(context, logon_name->account_name, KRB5_PRINCIPAL_PARSE_NO_REALM, &client_principal_pac); if (ret) { - DEBUG(2, ("Could not parse name from incoming PAC: [%s]: %s\n", - logon_name->account_name, + DEBUG(2, ("Could not parse name from incoming PAC: [%s]: %s\n", + logon_name->account_name, smb_get_krb5_error_message(context, ret, mem_ctx))); if (k5ret) { *k5ret = ret; @@ -319,20 +319,20 @@ krb5_error_code check_pac_checksum(TALLOC_CTX *mem_ctx, } if (!krb5_principal_compare_any_realm(context, client_principal, client_principal_pac)) { - DEBUG(2, ("Name in PAC [%s] does not match principal name in ticket\n", + DEBUG(2, ("Name in PAC [%s] does not match principal name in ticket\n", logon_name->account_name)); return NT_STATUS_ACCESS_DENIED; } - + #if 0 - if (strcasecmp(logon_info->info3.base.account_name.string, + if (strcasecmp(logon_info->info3.base.account_name.string, "Administrator")== 0) { file_save("tmp_pac_data-admin.dat",blob.data,blob.length); } #endif DEBUG(3,("Found account name from PAC: %s [%s]\n", - logon_info->info3.base.account_name.string, + logon_info->info3.base.account_name.string, logon_info->info3.base.full_name.string)); *pac_data_out = pac_data; @@ -347,20 +347,20 @@ _PUBLIC_ NTSTATUS kerberos_pac_logon_info(TALLOC_CTX *mem_ctx, const krb5_keyblock *krbtgt_keyblock, const krb5_keyblock *service_keyblock, krb5_const_principal client_principal, - time_t tgs_authtime, + time_t tgs_authtime, krb5_error_code *k5ret) { NTSTATUS nt_status; struct PAC_DATA *pac_data; int i; - nt_status = kerberos_decode_pac(mem_ctx, + nt_status = kerberos_decode_pac(mem_ctx, iconv_convenience, &pac_data, blob, context, krbtgt_keyblock, service_keyblock, - client_principal, + client_principal, tgs_authtime, k5ret); if (!NT_STATUS_IS_OK(nt_status)) { @@ -372,7 +372,7 @@ _PUBLIC_ NTSTATUS kerberos_pac_logon_info(TALLOC_CTX *mem_ctx, if (pac_data->buffers[i].type != PAC_TYPE_LOGON_INFO) { continue; } - *logon_info = pac_data->buffers[i].info->logon_info.info; + *logon_info = pac_data->buffers[i].info->logon_info.info; } if (!*logon_info) { return NT_STATUS_INVALID_PARAMETER; @@ -380,7 +380,7 @@ _PUBLIC_ NTSTATUS kerberos_pac_logon_info(TALLOC_CTX *mem_ctx, return NT_STATUS_OK; } -static krb5_error_code make_pac_checksum(TALLOC_CTX *mem_ctx, +static krb5_error_code make_pac_checksum(TALLOC_CTX *mem_ctx, DATA_BLOB *pac_data, struct PAC_SIGNATURE_DATA *sig, krb5_context context, @@ -408,7 +408,7 @@ static krb5_error_code make_pac_checksum(TALLOC_CTX *mem_ctx, pac_data->length, &cksum); if (ret) { - DEBUG(2, ("PAC Verification failed: %s\n", + DEBUG(2, ("PAC Verification failed: %s\n", smb_get_krb5_error_message(context, ret, mem_ctx))); } @@ -431,7 +431,7 @@ static krb5_error_code make_pac_checksum(TALLOC_CTX *mem_ctx, krb5_context context, const krb5_keyblock *krbtgt_keyblock, const krb5_keyblock *service_keyblock, - DATA_BLOB *pac) + DATA_BLOB *pac) { NTSTATUS nt_status; krb5_error_code ret; @@ -447,28 +447,28 @@ static krb5_error_code make_pac_checksum(TALLOC_CTX *mem_ctx, if (pac_data->buffers[i].type != PAC_TYPE_KDC_CHECKSUM) { continue; } - kdc_checksum = &pac_data->buffers[i].info->kdc_cksum, + kdc_checksum = &pac_data->buffers[i].info->kdc_cksum, ret = make_pac_checksum(mem_ctx, &zero_blob, - kdc_checksum, + kdc_checksum, context, krbtgt_keyblock); if (ret) { - DEBUG(2, ("making krbtgt PAC checksum failed: %s\n", + DEBUG(2, ("making krbtgt PAC checksum failed: %s\n", smb_get_krb5_error_message(context, ret, mem_ctx))); talloc_free(pac_data); return ret; } } - + for (i=0; i < pac_data->num_buffers; i++) { if (pac_data->buffers[i].type != PAC_TYPE_SRV_CHECKSUM) { continue; } - srv_checksum = &pac_data->buffers[i].info->srv_cksum; - ret = make_pac_checksum(mem_ctx, &zero_blob, - srv_checksum, + srv_checksum = &pac_data->buffers[i].info->srv_cksum; + ret = make_pac_checksum(mem_ctx, &zero_blob, + srv_checksum, context, service_keyblock); if (ret) { - DEBUG(2, ("making service PAC checksum failed: %s\n", + DEBUG(2, ("making service PAC checksum failed: %s\n", smb_get_krb5_error_message(context, ret, mem_ctx))); talloc_free(pac_data); return ret; @@ -488,7 +488,7 @@ static krb5_error_code make_pac_checksum(TALLOC_CTX *mem_ctx, memset(kdc_checksum->signature.data, '\0', kdc_checksum->signature.length); memset(srv_checksum->signature.data, '\0', srv_checksum->signature.length); - ndr_err = ndr_push_struct_blob(&tmp_blob, mem_ctx, + ndr_err = ndr_push_struct_blob(&tmp_blob, mem_ctx, iconv_convenience, pac_data, (ndr_push_flags_fn_t)ndr_push_PAC_DATA); @@ -506,14 +506,14 @@ static krb5_error_code make_pac_checksum(TALLOC_CTX *mem_ctx, /* Then sign Server checksum */ ret = make_pac_checksum(mem_ctx, &srv_checksum->signature, kdc_checksum, context, krbtgt_keyblock); if (ret) { - DEBUG(2, ("making krbtgt PAC checksum failed: %s\n", + DEBUG(2, ("making krbtgt PAC checksum failed: %s\n", smb_get_krb5_error_message(context, ret, mem_ctx))); talloc_free(pac_data); return ret; } /* And push it out again, this time to the world. This relies on determanistic pointer values */ - ndr_err = ndr_push_struct_blob(&tmp_blob, mem_ctx, + ndr_err = ndr_push_struct_blob(&tmp_blob, mem_ctx, iconv_convenience, pac_data, (ndr_push_flags_fn_t)ndr_push_PAC_DATA); @@ -552,7 +552,7 @@ static krb5_error_code make_pac_checksum(TALLOC_CTX *mem_ctx, union PAC_INFO *u_SRV_CHECKSUM; char *name; - + enum { PAC_BUF_LOGON_INFO = 0, PAC_BUF_LOGON_NAME = 1, @@ -568,7 +568,7 @@ static krb5_error_code make_pac_checksum(TALLOC_CTX *mem_ctx, pac_data->num_buffers = PAC_BUF_NUM_BUFFERS; pac_data->version = 0; - pac_data->buffers = talloc_array(pac_data, + pac_data->buffers = talloc_array(pac_data, struct PAC_BUFFER, pac_data->num_buffers); if (!pac_data->buffers) { @@ -630,7 +630,7 @@ static krb5_error_code make_pac_checksum(TALLOC_CTX *mem_ctx, u_LOGON_INFO->logon_info.info = LOGON_INFO; LOGON_INFO->info3 = *sam3; - ret = krb5_unparse_name_flags(context, client_principal, + ret = krb5_unparse_name_flags(context, client_principal, KRB5_PRINCIPAL_UNPARSE_NO_REALM, &name); if (ret) { return ret; @@ -643,9 +643,9 @@ static krb5_error_code make_pac_checksum(TALLOC_CTX *mem_ctx, */ unix_to_nt_time(&LOGON_NAME->logon_time, tgs_authtime); - ret = kerberos_encode_pac(mem_ctx, + ret = kerberos_encode_pac(mem_ctx, iconv_convenience, - pac_data, + pac_data, context, krbtgt_keyblock, service_keyblock, @@ -658,7 +658,7 @@ krb5_error_code kerberos_pac_to_server_info(TALLOC_CTX *mem_ctx, struct smb_iconv_convenience *iconv_convenience, krb5_pac pac, krb5_context context, - struct auth_serversupplied_info **server_info) + struct auth_serversupplied_info **server_info) { NTSTATUS nt_status; enum ndr_err_code ndr_err; @@ -701,12 +701,12 @@ krb5_error_code kerberos_pac_to_server_info(TALLOC_CTX *mem_ctx, nt_status = make_server_info_netlogon_validation(mem_ctx, "", 3, &validation, - &server_info_out); + &server_info_out); if (!NT_STATUS_IS_OK(nt_status)) { talloc_free(tmp_ctx); return EINVAL; } - + ret = krb5_pac_get_buffer(context, pac, PAC_TYPE_SRV_CHECKSUM, &k5pac_srv_checksum_in); if (ret != 0) { talloc_free(tmp_ctx); @@ -714,8 +714,8 @@ krb5_error_code kerberos_pac_to_server_info(TALLOC_CTX *mem_ctx, } pac_srv_checksum_in = data_blob_const(k5pac_srv_checksum_in.data, k5pac_srv_checksum_in.length); - - ndr_err = ndr_pull_struct_blob(&pac_srv_checksum_in, server_info_out, + + ndr_err = ndr_pull_struct_blob(&pac_srv_checksum_in, server_info_out, iconv_convenience, &server_info_out->pac_srv_sig, (ndr_pull_flags_fn_t)ndr_pull_PAC_SIGNATURE_DATA); krb5_data_free(&k5pac_srv_checksum_in); @@ -733,8 +733,8 @@ krb5_error_code kerberos_pac_to_server_info(TALLOC_CTX *mem_ctx, } pac_kdc_checksum_in = data_blob_const(k5pac_kdc_checksum_in.data, k5pac_kdc_checksum_in.length); - - ndr_err = ndr_pull_struct_blob(&pac_kdc_checksum_in, server_info_out, + + ndr_err = ndr_pull_struct_blob(&pac_kdc_checksum_in, server_info_out, iconv_convenience, &server_info_out->pac_kdc_sig, (ndr_pull_flags_fn_t)ndr_pull_PAC_SIGNATURE_DATA); krb5_data_free(&k5pac_kdc_checksum_in); @@ -746,21 +746,21 @@ krb5_error_code kerberos_pac_to_server_info(TALLOC_CTX *mem_ctx, } *server_info = server_info_out; - + return 0; } NTSTATUS kerberos_pac_blob_to_server_info(TALLOC_CTX *mem_ctx, struct smb_iconv_convenience *iconv_convenience, - DATA_BLOB pac_blob, + DATA_BLOB pac_blob, krb5_context context, - struct auth_serversupplied_info **server_info) + struct auth_serversupplied_info **server_info) { krb5_error_code ret; krb5_pac pac; - ret = krb5_pac_parse(context, - pac_blob.data, pac_blob.length, + ret = krb5_pac_parse(context, + pac_blob.data, pac_blob.length, &pac); if (ret) { return map_nt_error_from_unix(ret); diff --git a/source4/dsdb/common/util.c b/source4/dsdb/common/util.c index b8ba26a4ec..6147940e3b 100644 --- a/source4/dsdb/common/util.c +++ b/source4/dsdb/common/util.c @@ -1196,11 +1196,18 @@ const struct dom_sid *samdb_domain_sid(struct ldb_context *ldb) return domain_sid; failed: - DEBUG(1,("Failed to find domain_sid for open ldb\n")); talloc_free(tmp_ctx); return NULL; } +/* + get domain sid from cache +*/ +const struct dom_sid *samdb_domain_sid_cache_only(struct ldb_context *ldb) +{ + return (struct dom_sid *)ldb_get_opaque(ldb, "cache.domain_sid"); +} + bool samdb_set_domain_sid(struct ldb_context *ldb, const struct dom_sid *dom_sid_in) { TALLOC_CTX *tmp_ctx; @@ -1521,6 +1528,86 @@ struct ldb_dn *samdb_server_site_dn(struct ldb_context *ldb, TALLOC_CTX *mem_ctx return server_site_dn; } +/* + find a 'reference' DN that points at another object + (eg. serverReference, rIDManagerReference etc) + */ +int samdb_reference_dn(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, struct ldb_dn *base, + const char *attribute, struct ldb_dn **dn) +{ + const char *attrs[2]; + struct ldb_result *res; + int ret; + + attrs[0] = attribute; + attrs[1] = NULL; + + ret = ldb_search(ldb, mem_ctx, &res, base, LDB_SCOPE_BASE, attrs, NULL); + if (ret != LDB_SUCCESS) { + return ret; + } + if (res->count != 1) { + talloc_free(res); + return LDB_ERR_NO_SUCH_OBJECT; + } + + *dn = ldb_msg_find_attr_as_dn(ldb, mem_ctx, res->msgs[0], attribute); + if (!*dn) { + talloc_free(res); + return LDB_ERR_NO_SUCH_ATTRIBUTE; + } + + talloc_free(res); + return LDB_SUCCESS; +} + +/* + find our machine account via the serverReference attribute in the + server DN + */ +int samdb_server_reference_dn(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, struct ldb_dn **dn) +{ + struct ldb_dn *server_dn; + int ret; + + server_dn = samdb_server_dn(ldb, mem_ctx); + if (server_dn == NULL) { + return LDB_ERR_NO_SUCH_OBJECT; + } + + ret = samdb_reference_dn(ldb, mem_ctx, server_dn, "serverReference", dn); + talloc_free(server_dn); + + return ret; +} + +/* + find the RID Manager$ DN via the rIDManagerReference attribute in the + base DN + */ +int samdb_rid_manager_dn(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, struct ldb_dn **dn) +{ + return samdb_reference_dn(ldb, mem_ctx, samdb_base_dn(ldb), "rIDManagerReference", dn); +} + +/* + find the RID Set DN via the rIDSetReferences attribute in our + machine account DN + */ +int samdb_rid_set_dn(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, struct ldb_dn **dn) +{ + struct ldb_dn *server_ref_dn; + int ret; + + ret = samdb_server_reference_dn(ldb, mem_ctx, &server_ref_dn); + if (ret != LDB_SUCCESS) { + return ret; + } + ret = samdb_reference_dn(ldb, mem_ctx, server_ref_dn, "rIDSetReferences", dn); + talloc_free(server_ref_dn); + return ret; +} + const char *samdb_server_site_name(struct ldb_context *ldb, TALLOC_CTX *mem_ctx) { const struct ldb_val *val = ldb_dn_get_rdn_val(samdb_server_site_dn(ldb, mem_ctx)); @@ -2353,16 +2440,20 @@ int dsdb_search_dn_with_deleted(struct ldb_context *ldb, /* - use a DN to find a GUID + use a DN to find a GUID with a given attribute name */ -int dsdb_find_guid_by_dn(struct ldb_context *ldb, - struct ldb_dn *dn, struct GUID *guid) +int dsdb_find_guid_attr_by_dn(struct ldb_context *ldb, + struct ldb_dn *dn, const char *attribute, + struct GUID *guid) { int ret; struct ldb_result *res; - const char *attrs[] = { "objectGUID", NULL }; + const char *attrs[2]; TALLOC_CTX *tmp_ctx = talloc_new(ldb); + attrs[0] = attribute; + attrs[1] = NULL; + ret = dsdb_search_dn_with_deleted(ldb, tmp_ctx, &res, dn, attrs); if (ret != LDB_SUCCESS) { talloc_free(tmp_ctx); @@ -2372,11 +2463,20 @@ int dsdb_find_guid_by_dn(struct ldb_context *ldb, talloc_free(tmp_ctx); return LDB_ERR_NO_SUCH_OBJECT; } - *guid = samdb_result_guid(res->msgs[0], "objectGUID"); + *guid = samdb_result_guid(res->msgs[0], attribute); talloc_free(tmp_ctx); return LDB_SUCCESS; } +/* + use a DN to find a GUID + */ +int dsdb_find_guid_by_dn(struct ldb_context *ldb, + struct ldb_dn *dn, struct GUID *guid) +{ + return dsdb_find_guid_attr_by_dn(ldb, dn, "objectGUID", guid); +} + /* @@ -2717,6 +2817,12 @@ int drsuapi_DsReplicaCursor2_compare(const struct drsuapi_DsReplicaCursor2 *c1, return GUID_compare(&c1->source_dsa_invocation_id, &c2->source_dsa_invocation_id); } +int drsuapi_DsReplicaCursor_compare(const struct drsuapi_DsReplicaCursor *c1, + const struct drsuapi_DsReplicaCursor *c2) +{ + return GUID_compare(&c1->source_dsa_invocation_id, &c2->source_dsa_invocation_id); +} + /* see if we are a RODC @@ -3099,3 +3205,19 @@ int dsdb_tombstone_lifetime(struct ldb_context *ldb, uint32_t *lifetime) talloc_free(dn); return LDB_SUCCESS; } + +/* + compare a ldb_val to a string case insensitively + */ +int samdb_ldb_val_case_cmp(const char *s, struct ldb_val *v) +{ + size_t len = strlen(s); + int ret; + if (len > v->length) return 1; + ret = strncasecmp(s, (const char *)v->data, v->length); + if (ret != 0) return ret; + if (v->length > len && v->data[len] != 0) { + return -1; + } + return 0; +} diff --git a/source4/dsdb/config.mk b/source4/dsdb/config.mk index 35a0c84903..3226c08ec0 100644 --- a/source4/dsdb/config.mk +++ b/source4/dsdb/config.mk @@ -64,7 +64,8 @@ DREPL_SRV_OBJ_FILES = $(addprefix $(dsdbsrcdir)/repl/, \ drepl_partitions.o \ drepl_out_pull.o \ drepl_out_helpers.o \ - drepl_notify.o) + drepl_notify.o \ + drepl_ridalloc.o) $(eval $(call proto_header_template,$(dsdbsrcdir)/repl/drepl_service_proto.h,$(DREPL_SRV_OBJ_FILES:.o=.c))) diff --git a/source4/dsdb/repl/drepl_out_helpers.c b/source4/dsdb/repl/drepl_out_helpers.c index 722db4f8ee..a4f5d1faec 100644 --- a/source4/dsdb/repl/drepl_out_helpers.c +++ b/source4/dsdb/repl/drepl_out_helpers.c @@ -202,81 +202,90 @@ NTSTATUS dreplsrv_out_drsuapi_recv(struct tevent_req *req) } struct dreplsrv_op_pull_source_state { - struct composite_context *creq; - struct dreplsrv_out_operation *op; - - struct dreplsrv_drsuapi_connection *drsuapi; - - bool have_all; - - uint32_t ctr_level; - struct drsuapi_DsGetNCChangesCtr1 *ctr1; - struct drsuapi_DsGetNCChangesCtr6 *ctr6; }; static void dreplsrv_op_pull_source_connect_done(struct tevent_req *subreq); -struct composite_context *dreplsrv_op_pull_source_send(struct dreplsrv_out_operation *op) +struct tevent_req *dreplsrv_op_pull_source_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct dreplsrv_out_operation *op) { - struct composite_context *c; - struct dreplsrv_op_pull_source_state *st; + struct tevent_req *req; + struct dreplsrv_op_pull_source_state *state; struct tevent_req *subreq; - c = composite_create(op, op->service->task->event_ctx); - if (c == NULL) return NULL; - - st = talloc_zero(c, struct dreplsrv_op_pull_source_state); - if (composite_nomem(st, c)) return c; + req = tevent_req_create(mem_ctx, &state, + struct dreplsrv_op_pull_source_state); + if (req == NULL) { + return NULL; + } - st->creq = c; - st->op = op; + state->op = op; - subreq = dreplsrv_out_drsuapi_send(st, - op->service->task->event_ctx, - op->source_dsa->conn); - if (composite_nomem(subreq, c)) return c; - tevent_req_set_callback(subreq, dreplsrv_op_pull_source_connect_done, st); + subreq = dreplsrv_out_drsuapi_send(state, ev, op->source_dsa->conn); + if (tevent_req_nomem(subreq, req)) { + return tevent_req_post(req, ev); + } + tevent_req_set_callback(subreq, dreplsrv_op_pull_source_connect_done, req); - return c; + return req; } -static void dreplsrv_op_pull_source_get_changes_send(struct dreplsrv_op_pull_source_state *st); +static void dreplsrv_op_pull_source_get_changes_trigger(struct tevent_req *req); static void dreplsrv_op_pull_source_connect_done(struct tevent_req *subreq) { - struct dreplsrv_op_pull_source_state *st = tevent_req_callback_data(subreq, - struct dreplsrv_op_pull_source_state); - struct composite_context *c = st->creq; + struct tevent_req *req = tevent_req_callback_data(subreq, + struct tevent_req); + NTSTATUS status; - c->status = dreplsrv_out_drsuapi_recv(subreq); + status = dreplsrv_out_drsuapi_recv(subreq); TALLOC_FREE(subreq); - if (!composite_is_ok(c)) return; + if (tevent_req_nterror(req, status)) { + return; + } - dreplsrv_op_pull_source_get_changes_send(st); + dreplsrv_op_pull_source_get_changes_trigger(req); } -static void dreplsrv_op_pull_source_get_changes_recv(struct rpc_request *req); +static void dreplsrv_op_pull_source_get_changes_done(struct rpc_request *rreq); -static void dreplsrv_op_pull_source_get_changes_send(struct dreplsrv_op_pull_source_state *st) +static void dreplsrv_op_pull_source_get_changes_trigger(struct tevent_req *req) { - struct composite_context *c = st->creq; - struct repsFromTo1 *rf1 = st->op->source_dsa->repsFrom1; - struct dreplsrv_service *service = st->op->service; - struct dreplsrv_partition *partition = st->op->source_dsa->partition; - struct dreplsrv_drsuapi_connection *drsuapi = st->op->source_dsa->conn->drsuapi; - struct rpc_request *req; + struct dreplsrv_op_pull_source_state *state = tevent_req_data(req, + struct dreplsrv_op_pull_source_state); + struct repsFromTo1 *rf1 = state->op->source_dsa->repsFrom1; + struct dreplsrv_service *service = state->op->service; + struct dreplsrv_partition *partition = state->op->source_dsa->partition; + struct dreplsrv_drsuapi_connection *drsuapi = state->op->source_dsa->conn->drsuapi; + struct rpc_request *rreq; struct drsuapi_DsGetNCChanges *r; + struct drsuapi_DsReplicaCursorCtrEx *uptodateness_vector; - r = talloc(st, struct drsuapi_DsGetNCChanges); - if (composite_nomem(r, c)) return; + r = talloc(state, struct drsuapi_DsGetNCChanges); + if (tevent_req_nomem(r, req)) { + return; + } r->out.level_out = talloc(r, int32_t); - if (composite_nomem(r->out.level_out, c)) return; + if (tevent_req_nomem(r->out.level_out, req)) { + return; + } r->in.req = talloc(r, union drsuapi_DsGetNCChangesRequest); - if (composite_nomem(r->in.req, c)) return; + if (tevent_req_nomem(r->in.req, req)) { + return; + } r->out.ctr = talloc(r, union drsuapi_DsGetNCChangesCtr); - if (composite_nomem(r->out.ctr, c)) return; + if (tevent_req_nomem(r->out.ctr, req)) { + return; + } + + if (partition->uptodatevector_ex.count == 0) { + uptodateness_vector = NULL; + } else { + uptodateness_vector = &partition->uptodatevector_ex; + } r->in.bind_handle = &drsuapi->bind_handle; if (drsuapi->remote_info28.supported_extensions & DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V8) { @@ -285,12 +294,12 @@ static void dreplsrv_op_pull_source_get_changes_send(struct dreplsrv_op_pull_sou r->in.req->req8.source_dsa_invocation_id= rf1->source_dsa_invocation_id; r->in.req->req8.naming_context = &partition->nc; r->in.req->req8.highwatermark = rf1->highwatermark; - r->in.req->req8.uptodateness_vector = NULL;/*&partition->uptodatevector_ex;*/ + r->in.req->req8.uptodateness_vector = uptodateness_vector; r->in.req->req8.replica_flags = rf1->replica_flags; r->in.req->req8.max_object_count = 133; r->in.req->req8.max_ndr_size = 1336811; - r->in.req->req8.extended_op = DRSUAPI_EXOP_NONE; - r->in.req->req8.fsmo_info = 0; + r->in.req->req8.extended_op = state->op->extended_op; + r->in.req->req8.fsmo_info = state->op->fsmo_info; r->in.req->req8.partial_attribute_set = NULL; r->in.req->req8.partial_attribute_set_ex= NULL; r->in.req->req8.mapping_ctr.num_mappings= 0; @@ -301,40 +310,50 @@ static void dreplsrv_op_pull_source_get_changes_send(struct dreplsrv_op_pull_sou r->in.req->req5.source_dsa_invocation_id= rf1->source_dsa_invocation_id; r->in.req->req5.naming_context = &partition->nc; r->in.req->req5.highwatermark = rf1->highwatermark; - r->in.req->req5.uptodateness_vector = NULL;/*&partition->uptodatevector_ex;*/ + r->in.req->req5.uptodateness_vector = uptodateness_vector; r->in.req->req5.replica_flags = rf1->replica_flags; r->in.req->req5.max_object_count = 133; r->in.req->req5.max_ndr_size = 1336770; - r->in.req->req5.extended_op = DRSUAPI_EXOP_NONE; - r->in.req->req5.fsmo_info = 0; + r->in.req->req5.extended_op = state->op->extended_op; + r->in.req->req5.fsmo_info = state->op->fsmo_info; } - req = dcerpc_drsuapi_DsGetNCChanges_send(drsuapi->pipe, r, r); - composite_continue_rpc(c, req, dreplsrv_op_pull_source_get_changes_recv, st); +#if 0 + NDR_PRINT_IN_DEBUG(drsuapi_DsGetNCChanges, r); +#endif + + rreq = dcerpc_drsuapi_DsGetNCChanges_send(drsuapi->pipe, r, r); + if (tevent_req_nomem(rreq, req)) { + return; + } + composite_continue_rpc(NULL, rreq, dreplsrv_op_pull_source_get_changes_done, req); } -static void dreplsrv_op_pull_source_apply_changes_send(struct dreplsrv_op_pull_source_state *st, - struct drsuapi_DsGetNCChanges *r, - uint32_t ctr_level, - struct drsuapi_DsGetNCChangesCtr1 *ctr1, - struct drsuapi_DsGetNCChangesCtr6 *ctr6); +static void dreplsrv_op_pull_source_apply_changes_trigger(struct tevent_req *req, + struct drsuapi_DsGetNCChanges *r, + uint32_t ctr_level, + struct drsuapi_DsGetNCChangesCtr1 *ctr1, + struct drsuapi_DsGetNCChangesCtr6 *ctr6); -static void dreplsrv_op_pull_source_get_changes_recv(struct rpc_request *req) +static void dreplsrv_op_pull_source_get_changes_done(struct rpc_request *rreq) { - struct dreplsrv_op_pull_source_state *st = talloc_get_type(req->async.private_data, - struct dreplsrv_op_pull_source_state); - struct composite_context *c = st->creq; - struct drsuapi_DsGetNCChanges *r = talloc_get_type(req->ndr.struct_ptr, + struct tevent_req *req = talloc_get_type(rreq->async.private_data, + struct tevent_req); + NTSTATUS status; + struct drsuapi_DsGetNCChanges *r = talloc_get_type(rreq->ndr.struct_ptr, struct drsuapi_DsGetNCChanges); uint32_t ctr_level = 0; struct drsuapi_DsGetNCChangesCtr1 *ctr1 = NULL; struct drsuapi_DsGetNCChangesCtr6 *ctr6 = NULL; - c->status = dcerpc_ndr_request_recv(req); - if (!composite_is_ok(c)) return; + status = dcerpc_ndr_request_recv(rreq); + if (tevent_req_nterror(req, status)) { + return; + } if (!W_ERROR_IS_OK(r->out.result)) { - composite_error(c, werror_to_ntstatus(r->out.result)); + status = werror_to_ntstatus(r->out.result); + tevent_req_nterror(req, status); return; } @@ -361,38 +380,42 @@ static void dreplsrv_op_pull_source_get_changes_recv(struct rpc_request *req) ctr_level = 6; ctr6 = &r->out.ctr->ctr7.ctr.xpress6.ts->ctr6; } else { - composite_error(c, werror_to_ntstatus(WERR_BAD_NET_RESP)); + status = werror_to_ntstatus(WERR_BAD_NET_RESP); + tevent_req_nterror(req, status); return; } if (!ctr1 && !ctr6) { - composite_error(c, werror_to_ntstatus(WERR_BAD_NET_RESP)); + status = werror_to_ntstatus(WERR_BAD_NET_RESP); + tevent_req_nterror(req, status); return; } if (ctr_level == 6) { if (!W_ERROR_IS_OK(ctr6->drs_error)) { - composite_error(c, werror_to_ntstatus(ctr6->drs_error)); + status = werror_to_ntstatus(ctr6->drs_error); + tevent_req_nterror(req, status); return; } } - dreplsrv_op_pull_source_apply_changes_send(st, r, ctr_level, ctr1, ctr6); + dreplsrv_op_pull_source_apply_changes_trigger(req, r, ctr_level, ctr1, ctr6); } -static void dreplsrv_update_refs_send(struct dreplsrv_op_pull_source_state *st); +static void dreplsrv_update_refs_trigger(struct tevent_req *req); -static void dreplsrv_op_pull_source_apply_changes_send(struct dreplsrv_op_pull_source_state *st, - struct drsuapi_DsGetNCChanges *r, - uint32_t ctr_level, - struct drsuapi_DsGetNCChangesCtr1 *ctr1, - struct drsuapi_DsGetNCChangesCtr6 *ctr6) +static void dreplsrv_op_pull_source_apply_changes_trigger(struct tevent_req *req, + struct drsuapi_DsGetNCChanges *r, + uint32_t ctr_level, + struct drsuapi_DsGetNCChangesCtr1 *ctr1, + struct drsuapi_DsGetNCChangesCtr6 *ctr6) { - struct composite_context *c = st->creq; - struct repsFromTo1 rf1 = *st->op->source_dsa->repsFrom1; - struct dreplsrv_service *service = st->op->service; - struct dreplsrv_partition *partition = st->op->source_dsa->partition; - struct dreplsrv_drsuapi_connection *drsuapi = st->op->source_dsa->conn->drsuapi; + struct dreplsrv_op_pull_source_state *state = tevent_req_data(req, + struct dreplsrv_op_pull_source_state); + struct repsFromTo1 rf1 = *state->op->source_dsa->repsFrom1; + struct dreplsrv_service *service = state->op->service; + struct dreplsrv_partition *partition = state->op->source_dsa->partition; + struct dreplsrv_drsuapi_connection *drsuapi = state->op->source_dsa->conn->drsuapi; const struct drsuapi_DsReplicaOIDMapping_Ctr *mapping_ctr; uint32_t object_count; struct drsuapi_DsReplicaObjectListItemEx *first_object; @@ -402,6 +425,7 @@ static void dreplsrv_op_pull_source_apply_changes_send(struct dreplsrv_op_pull_s struct dsdb_extended_replicated_objects *objects; bool more_data = false; WERROR status; + NTSTATUS nt_status; switch (ctr_level) { case 1: @@ -425,7 +449,8 @@ static void dreplsrv_op_pull_source_apply_changes_send(struct dreplsrv_op_pull_s more_data = ctr6->more_data; break; default: - composite_error(c, werror_to_ntstatus(WERR_BAD_NET_RESP)); + nt_status = werror_to_ntstatus(WERR_BAD_NET_RESP); + tevent_req_nterror(req, nt_status); return; } @@ -439,32 +464,39 @@ static void dreplsrv_op_pull_source_apply_changes_send(struct dreplsrv_op_pull_s &rf1, uptodateness_vector, &drsuapi->gensec_skey, - st, &objects); + state, &objects); if (!W_ERROR_IS_OK(status)) { - DEBUG(0,("Failed to convert objects: %s\n", win_errstr(status))); - composite_error(c, werror_to_ntstatus(status)); + nt_status = werror_to_ntstatus(WERR_BAD_NET_RESP); + DEBUG(0,("Failed to convert objects: %s/%s\n", + win_errstr(status), nt_errstr(nt_status))); + tevent_req_nterror(req, nt_status); return; } status = dsdb_extended_replicated_objects_commit(service->samdb, objects, - &st->op->source_dsa->notify_uSN); + &state->op->source_dsa->notify_uSN); talloc_free(objects); if (!W_ERROR_IS_OK(status)) { - DEBUG(0,("Failed to commit objects: %s\n", win_errstr(status))); - composite_error(c, werror_to_ntstatus(status)); + nt_status = werror_to_ntstatus(WERR_BAD_NET_RESP); + DEBUG(0,("Failed to commit objects: %s/%s\n", + win_errstr(status), nt_errstr(nt_status))); + tevent_req_nterror(req, nt_status); return; } /* if it applied fine, we need to update the highwatermark */ - *st->op->source_dsa->repsFrom1 = rf1; + *state->op->source_dsa->repsFrom1 = rf1; /* * TODO: update our uptodatevector! */ + /* we don't need this maybe very large structure anymore */ + TALLOC_FREE(r); + if (more_data) { - dreplsrv_op_pull_source_get_changes_send(st); + dreplsrv_op_pull_source_get_changes_trigger(req); return; } @@ -473,43 +505,89 @@ static void dreplsrv_op_pull_source_apply_changes_send(struct dreplsrv_op_pull_s we join the domain, but they quickly expire. We do it here so we can use the already established DRSUAPI pipe */ - dreplsrv_update_refs_send(st); + dreplsrv_update_refs_trigger(req); } -WERROR dreplsrv_op_pull_source_recv(struct composite_context *c) +static void dreplsrv_update_refs_done(struct rpc_request *rreq); + +/* + send a UpdateRefs request to refresh our repsTo record on the server + */ +static void dreplsrv_update_refs_trigger(struct tevent_req *req) { - NTSTATUS status; + struct dreplsrv_op_pull_source_state *state = tevent_req_data(req, + struct dreplsrv_op_pull_source_state); + struct dreplsrv_service *service = state->op->service; + struct dreplsrv_partition *partition = state->op->source_dsa->partition; + struct dreplsrv_drsuapi_connection *drsuapi = state->op->source_dsa->conn->drsuapi; + struct rpc_request *rreq; + struct drsuapi_DsReplicaUpdateRefs *r; + char *ntds_guid_str; + char *ntds_dns_name; + + r = talloc(state, struct drsuapi_DsReplicaUpdateRefs); + if (tevent_req_nomem(r, req)) { + return; + } - status = composite_wait(c); + ntds_guid_str = GUID_string(r, &service->ntds_guid); + if (tevent_req_nomem(ntds_guid_str, req)) { + return; + } - talloc_free(c); - return ntstatus_to_werror(status); + ntds_dns_name = talloc_asprintf(r, "%s._msdcs.%s", + ntds_guid_str, + lp_dnsdomain(service->task->lp_ctx)); + if (tevent_req_nomem(ntds_dns_name, req)) { + return; + } + + r->in.bind_handle = &drsuapi->bind_handle; + r->in.level = 1; + r->in.req.req1.naming_context = &partition->nc; + r->in.req.req1.dest_dsa_dns_name = ntds_dns_name; + r->in.req.req1.dest_dsa_guid = service->ntds_guid; + r->in.req.req1.options = + DRSUAPI_DS_REPLICA_UPDATE_ADD_REFERENCE | + DRSUAPI_DS_REPLICA_UPDATE_DELETE_REFERENCE; + if (!samdb_rodc(service->task->lp_ctx)) { + r->in.req.req1.options |= DRSUAPI_DS_REPLICA_UPDATE_WRITEABLE; + } + + rreq = dcerpc_drsuapi_DsReplicaUpdateRefs_send(drsuapi->pipe, r, r); + if (tevent_req_nomem(rreq, req)) { + return; + } + composite_continue_rpc(NULL, rreq, dreplsrv_update_refs_done, req); } /* receive a UpdateRefs reply */ -static void dreplsrv_update_refs_recv(struct rpc_request *req) +static void dreplsrv_update_refs_done(struct rpc_request *rreq) { - struct dreplsrv_op_pull_source_state *st = talloc_get_type(req->async.private_data, - struct dreplsrv_op_pull_source_state); - struct composite_context *c = st->creq; - struct drsuapi_DsReplicaUpdateRefs *r = talloc_get_type(req->ndr.struct_ptr, + struct tevent_req *req = talloc_get_type(rreq->async.private_data, + struct tevent_req); + struct drsuapi_DsReplicaUpdateRefs *r = talloc_get_type(rreq->ndr.struct_ptr, struct drsuapi_DsReplicaUpdateRefs); + NTSTATUS status; - c->status = dcerpc_ndr_request_recv(req); - if (!composite_is_ok(c)) { + status = dcerpc_ndr_request_recv(rreq); + if (!NT_STATUS_IS_OK(status)) { DEBUG(0,("UpdateRefs failed with %s\n", - nt_errstr(c->status))); + nt_errstr(status))); + tevent_req_nterror(req, status); return; } if (!W_ERROR_IS_OK(r->out.result)) { - DEBUG(0,("UpdateRefs failed with %s for %s %s\n", + status = werror_to_ntstatus(r->out.result); + DEBUG(0,("UpdateRefs failed with %s/%s for %s %s\n", win_errstr(r->out.result), + nt_errstr(status), r->in.req.req1.dest_dsa_dns_name, r->in.req.req1.naming_context->dn)); - composite_error(c, werror_to_ntstatus(r->out.result)); + tevent_req_nterror(req, status); return; } @@ -517,46 +595,19 @@ static void dreplsrv_update_refs_recv(struct rpc_request *req) r->in.req.req1.dest_dsa_dns_name, r->in.req.req1.naming_context->dn)); - composite_done(c); + tevent_req_done(req); } -/* - send a UpdateRefs request to refresh our repsTo record on the server - */ -static void dreplsrv_update_refs_send(struct dreplsrv_op_pull_source_state *st) +WERROR dreplsrv_op_pull_source_recv(struct tevent_req *req) { - struct composite_context *c = st->creq; - struct dreplsrv_service *service = st->op->service; - struct dreplsrv_partition *partition = st->op->source_dsa->partition; - struct dreplsrv_drsuapi_connection *drsuapi = st->op->source_dsa->conn->drsuapi; - struct rpc_request *req; - struct drsuapi_DsReplicaUpdateRefs *r; - char *ntds_guid_str; - char *ntds_dns_name; - - r = talloc(st, struct drsuapi_DsReplicaUpdateRefs); - if (composite_nomem(r, c)) return; - - ntds_guid_str = GUID_string(r, &service->ntds_guid); - if (composite_nomem(ntds_guid_str, c)) return; - - ntds_dns_name = talloc_asprintf(r, "%s._msdcs.%s", - ntds_guid_str, - lp_dnsdomain(service->task->lp_ctx)); - if (composite_nomem(ntds_dns_name, c)) return; + NTSTATUS status; - r->in.bind_handle = &drsuapi->bind_handle; - r->in.level = 1; - r->in.req.req1.naming_context = &partition->nc; - r->in.req.req1.dest_dsa_dns_name = ntds_dns_name; - r->in.req.req1.dest_dsa_guid = service->ntds_guid; - r->in.req.req1.options = - DRSUAPI_DS_REPLICA_UPDATE_ADD_REFERENCE | - DRSUAPI_DS_REPLICA_UPDATE_DELETE_REFERENCE; - if (!samdb_rodc(service->task->lp_ctx)) { - r->in.req.req1.options |= DRSUAPI_DS_REPLICA_UPDATE_WRITEABLE; + if (tevent_req_is_nterror(req, &status)) { + tevent_req_received(req); + return ntstatus_to_werror(status); } - req = dcerpc_drsuapi_DsReplicaUpdateRefs_send(drsuapi->pipe, r, r); - composite_continue_rpc(c, req, dreplsrv_update_refs_recv, st); + tevent_req_received(req); + return WERR_OK; } + diff --git a/source4/dsdb/repl/drepl_out_pull.c b/source4/dsdb/repl/drepl_out_pull.c index 2793eec8b4..101214609a 100644 --- a/source4/dsdb/repl/drepl_out_pull.c +++ b/source4/dsdb/repl/drepl_out_pull.c @@ -33,21 +33,25 @@ #include "librpc/gen_ndr/ndr_drsblobs.h" #include "libcli/composite/composite.h" -static WERROR dreplsrv_schedule_partition_pull_source(struct dreplsrv_service *s, - struct dreplsrv_partition *p, - struct dreplsrv_partition_source_dsa *source, - TALLOC_CTX *mem_ctx) +WERROR dreplsrv_schedule_partition_pull_source(struct dreplsrv_service *s, + struct dreplsrv_partition_source_dsa *source, + enum drsuapi_DsExtendedOperation extended_op, + uint64_t fsmo_info, + dreplsrv_fsmo_callback_t callback) { struct dreplsrv_out_operation *op; - op = talloc_zero(mem_ctx, struct dreplsrv_out_operation); + op = talloc_zero(s, struct dreplsrv_out_operation); W_ERROR_HAVE_NO_MEMORY(op); op->service = s; op->source_dsa = source; + op->extended_op = extended_op; + op->fsmo_info = fsmo_info; + op->callback = callback; DLIST_ADD_END(s->ops.pending, op, struct dreplsrv_out_operation *); - talloc_steal(s, op); + return WERR_OK; } @@ -59,7 +63,7 @@ static WERROR dreplsrv_schedule_partition_pull(struct dreplsrv_service *s, struct dreplsrv_partition_source_dsa *cur; for (cur = p->sources; cur; cur = cur->next) { - status = dreplsrv_schedule_partition_pull_source(s, p, cur, mem_ctx); + status = dreplsrv_schedule_partition_pull_source(s, cur, DRSUAPI_EXOP_NONE, 0, NULL); W_ERROR_NOT_OK_RETURN(status); } @@ -95,8 +99,10 @@ WERROR dreplsrv_schedule_partition_pull_by_guid(struct dreplsrv_service *s, TALL return WERR_NOT_FOUND; } -static void dreplsrv_pending_op_callback(struct dreplsrv_out_operation *op) +static void dreplsrv_pending_op_callback(struct tevent_req *subreq) { + struct dreplsrv_out_operation *op = tevent_req_callback_data(subreq, + struct dreplsrv_out_operation); struct repsFromTo1 *rf = op->source_dsa->repsFrom1; struct dreplsrv_service *s = op->service; time_t t; @@ -105,7 +111,8 @@ static void dreplsrv_pending_op_callback(struct dreplsrv_out_operation *op) t = time(NULL); unix_to_nt_time(&now, t); - rf->result_last_attempt = dreplsrv_op_pull_source_recv(op->creq); + rf->result_last_attempt = dreplsrv_op_pull_source_recv(subreq); + TALLOC_FREE(subreq); if (W_ERROR_IS_OK(rf->result_last_attempt)) { rf->consecutive_sync_failures = 0; rf->last_success = now; @@ -116,30 +123,28 @@ static void dreplsrv_pending_op_callback(struct dreplsrv_out_operation *op) rf->consecutive_sync_failures++; - DEBUG(1,("dreplsrv_op_pull_source(%s/%s) failures[%u]\n", - win_errstr(rf->result_last_attempt), - nt_errstr(werror_to_ntstatus(rf->result_last_attempt)), - rf->consecutive_sync_failures)); + DEBUG(1,("dreplsrv_op_pull_source(%s/%s) for %s failures[%u]\n", + win_errstr(rf->result_last_attempt), + win_errstr(rf->result_last_attempt), + ldb_dn_get_linearized(op->source_dsa->partition->dn), + rf->consecutive_sync_failures)); done: + if (op->callback) { + op->callback(s, rf->result_last_attempt); + } talloc_free(op); s->ops.current = NULL; dreplsrv_run_pending_ops(s); dreplsrv_notify_run_ops(s); } -static void dreplsrv_pending_op_callback_creq(struct composite_context *creq) -{ - struct dreplsrv_out_operation *op = talloc_get_type(creq->async.private_data, - struct dreplsrv_out_operation); - dreplsrv_pending_op_callback(op); -} - void dreplsrv_run_pending_ops(struct dreplsrv_service *s) { struct dreplsrv_out_operation *op; time_t t; NTTIME now; + struct tevent_req *subreq; if (s->ops.current || s->ops.n_current) { /* if there's still one running, we're done */ @@ -160,12 +165,18 @@ void dreplsrv_run_pending_ops(struct dreplsrv_service *s) op->source_dsa->repsFrom1->last_attempt = now; - op->creq = dreplsrv_op_pull_source_send(op); - if (!op->creq) { - dreplsrv_pending_op_callback(op); + subreq = dreplsrv_op_pull_source_send(op, s->task->event_ctx, op); + if (!subreq) { + struct repsFromTo1 *rf = op->source_dsa->repsFrom1; + + rf->result_last_attempt = WERR_NOMEM; + rf->consecutive_sync_failures++; + + DEBUG(1,("dreplsrv_op_pull_source(%s/%s) failures[%u]\n", + win_errstr(rf->result_last_attempt), + nt_errstr(werror_to_ntstatus(rf->result_last_attempt)), + rf->consecutive_sync_failures)); return; } - - op->creq->async.fn = dreplsrv_pending_op_callback_creq; - op->creq->async.private_data = op; + tevent_req_set_callback(subreq, dreplsrv_pending_op_callback, op); } diff --git a/source4/dsdb/repl/drepl_partitions.c b/source4/dsdb/repl/drepl_partitions.c index 5b8227e7de..9a24fe541a 100644 --- a/source4/dsdb/repl/drepl_partitions.c +++ b/source4/dsdb/repl/drepl_partitions.c @@ -88,9 +88,9 @@ WERROR dreplsrv_load_partitions(struct dreplsrv_service *s) return WERR_OK; } -static WERROR dreplsrv_out_connection_attach(struct dreplsrv_service *s, - const struct repsFromTo1 *rft, - struct dreplsrv_out_connection **_conn) +WERROR dreplsrv_out_connection_attach(struct dreplsrv_service *s, + const struct repsFromTo1 *rft, + struct dreplsrv_out_connection **_conn) { struct dreplsrv_out_connection *cur, *conn = NULL; const char *hostname; @@ -188,6 +188,65 @@ static WERROR dreplsrv_partition_add_source_dsa(struct dreplsrv_service *s, return WERR_OK; } +/* + convert from one udv format to the other + */ +static WERROR udv_convert(TALLOC_CTX *mem_ctx, + const struct replUpToDateVectorCtr2 *udv, + struct drsuapi_DsReplicaCursorCtrEx *udv_ex) +{ + int i; + + udv_ex->version = 2; + udv_ex->reserved1 = 0; + udv_ex->reserved2 = 0; + udv_ex->count = udv->count; + udv_ex->cursors = talloc_array(mem_ctx, struct drsuapi_DsReplicaCursor, udv->count); + W_ERROR_HAVE_NO_MEMORY(udv_ex->cursors); + + for (i=0; i<udv->count; i++) { + udv_ex->cursors[i].source_dsa_invocation_id = udv->cursors[i].source_dsa_invocation_id; + udv_ex->cursors[i].highest_usn = udv->cursors[i].highest_usn; + } + + return WERR_OK; +} + +/* + add our local UDV element for the partition + */ +static WERROR add_local_udv(struct dreplsrv_service *s, + struct dreplsrv_partition *p, + const struct GUID *our_invocation_id, + struct drsuapi_DsReplicaCursorCtrEx *udv) +{ + int ret; + uint64_t highest_usn; + int i; + + ret = dsdb_load_partition_usn(s->samdb, p->dn, &highest_usn); + if (ret != LDB_SUCCESS) { + /* nothing to add */ + return WERR_OK; + } + + for (i=0; i<udv->count; i++) { + if (GUID_equal(our_invocation_id, &udv->cursors[i].source_dsa_invocation_id)) { + udv->cursors[i].highest_usn = highest_usn; + return WERR_OK; + } + } + + udv->cursors = talloc_realloc(p, udv->cursors, struct drsuapi_DsReplicaCursor, udv->count+1); + W_ERROR_HAVE_NO_MEMORY(udv->cursors); + + udv->cursors[udv->count].source_dsa_invocation_id = *our_invocation_id; + udv->cursors[udv->count].highest_usn = highest_usn; + udv->count++; + + return WERR_OK; +} + static WERROR dreplsrv_refresh_partition(struct dreplsrv_service *s, struct dreplsrv_partition *p) { @@ -232,6 +291,11 @@ static WERROR dreplsrv_refresh_partition(struct dreplsrv_service *s, talloc_free(nc_sid); } + talloc_free(p->uptodatevector.cursors); + talloc_free(p->uptodatevector_ex.cursors); + ZERO_STRUCT(p->uptodatevector); + ZERO_STRUCT(p->uptodatevector_ex); + ouv_value = ldb_msg_find_ldb_val(r->msgs[0], "replUpToDateVector"); if (ouv_value) { enum ndr_err_code ndr_err; @@ -251,14 +315,14 @@ static WERROR dreplsrv_refresh_partition(struct dreplsrv_service *s, p->uptodatevector.count = ouv.ctr.ctr2.count; p->uptodatevector.reserved = ouv.ctr.ctr2.reserved; - talloc_free(p->uptodatevector.cursors); p->uptodatevector.cursors = talloc_steal(p, ouv.ctr.ctr2.cursors); - } - /* - * TODO: add our own uptodatevector cursor - */ + status = udv_convert(p, &p->uptodatevector, &p->uptodatevector_ex); + W_ERROR_NOT_OK_RETURN(status); + } + status = add_local_udv(s, p, samdb_ntds_invocation_id(s->samdb), &p->uptodatevector_ex); + W_ERROR_NOT_OK_RETURN(status); orf_el = ldb_msg_find_element(r->msgs[0], "repsFrom"); if (orf_el) { diff --git a/source4/dsdb/repl/drepl_periodic.c b/source4/dsdb/repl/drepl_periodic.c index 61d5598207..d2fbe45586 100644 --- a/source4/dsdb/repl/drepl_periodic.c +++ b/source4/dsdb/repl/drepl_periodic.c @@ -109,6 +109,8 @@ static void dreplsrv_periodic_run(struct dreplsrv_service *service) /* the KCC might have changed repsFrom */ dreplsrv_refresh_partitions(service); + dreplsrv_ridalloc_check_rid_pool(service); + dreplsrv_run_pending_ops(service); dreplsrv_notify_run_ops(service); } diff --git a/source4/dsdb/repl/drepl_ridalloc.c b/source4/dsdb/repl/drepl_ridalloc.c new file mode 100644 index 0000000000..43fc5a2c51 --- /dev/null +++ b/source4/dsdb/repl/drepl_ridalloc.c @@ -0,0 +1,282 @@ +/* + Unix SMB/CIFS mplementation. + + DSDB replication service - RID allocation code + + Copyright (C) Andrew Tridgell 2010 + Copyright (C) Andrew Bartlett 2010 + + based on drepl_notify.c + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. + +*/ + +#include "includes.h" +#include "dsdb/samdb/samdb.h" +#include "smbd/service.h" +#include "dsdb/repl/drepl_service.h" +#include "param/param.h" + + +/* + create the RID manager source dsa structure + */ +static WERROR drepl_create_rid_manager_source_dsa(struct dreplsrv_service *service, + struct ldb_dn *rid_manager_dn, struct ldb_dn *fsmo_role_dn) +{ + struct dreplsrv_partition_source_dsa *sdsa; + struct ldb_context *ldb = service->samdb; + int ret; + WERROR werr; + + sdsa = talloc_zero(service, struct dreplsrv_partition_source_dsa); + W_ERROR_HAVE_NO_MEMORY(sdsa); + + sdsa->partition = talloc_zero(sdsa, struct dreplsrv_partition); + if (!sdsa->partition) { + talloc_free(sdsa); + return WERR_NOMEM; + } + + sdsa->partition->dn = samdb_base_dn(ldb); + sdsa->partition->nc.dn = ldb_dn_alloc_linearized(sdsa->partition, rid_manager_dn); + ret = dsdb_find_guid_by_dn(ldb, rid_manager_dn, &sdsa->partition->nc.guid); + if (ret != LDB_SUCCESS) { + DEBUG(0,(__location__ ": Failed to find GUID for %s\n", + ldb_dn_get_linearized(rid_manager_dn))); + talloc_free(sdsa); + return WERR_DS_DRA_INTERNAL_ERROR; + } + + sdsa->repsFrom1 = &sdsa->_repsFromBlob.ctr.ctr1; + ret = dsdb_find_guid_attr_by_dn(ldb, fsmo_role_dn, "objectGUID", &sdsa->repsFrom1->source_dsa_obj_guid); + if (ret != LDB_SUCCESS) { + DEBUG(0,(__location__ ": Failed to find objectGUID for %s\n", + ldb_dn_get_linearized(fsmo_role_dn))); + talloc_free(sdsa); + return WERR_DS_DRA_INTERNAL_ERROR; + } + + sdsa->repsFrom1->other_info = talloc_zero(sdsa, struct repsFromTo1OtherInfo); + if (!sdsa->repsFrom1->other_info) { + talloc_free(sdsa); + return WERR_NOMEM; + } + + sdsa->repsFrom1->other_info->dns_name = + talloc_asprintf(sdsa->repsFrom1->other_info, "%s._msdcs.%s", + GUID_string(sdsa->repsFrom1->other_info, &sdsa->repsFrom1->source_dsa_obj_guid), + lp_dnsdomain(service->task->lp_ctx)); + if (!sdsa->repsFrom1->other_info->dns_name) { + talloc_free(sdsa); + return WERR_NOMEM; + } + + + werr = dreplsrv_out_connection_attach(service, sdsa->repsFrom1, &sdsa->conn); + if (!W_ERROR_IS_OK(werr)) { + DEBUG(0,(__location__ ": Failed to attach to RID manager connection\n")); + talloc_free(sdsa); + return werr; + } + + service->ridalloc.rid_manager_source_dsa = sdsa; + return WERR_OK; +} + +/* + called when a rid allocation request has completed + */ +static void drepl_new_rid_pool_callback(struct dreplsrv_service *service, WERROR werr) +{ + if (!W_ERROR_IS_OK(werr)) { + DEBUG(0,(__location__ ": RID Manager failed RID allocation - %s\n", + win_errstr(werr))); + } else { + DEBUG(3,(__location__ ": RID Manager completed RID allocation OK\n")); + } + + /* don't keep the connection open to the RID Manager */ + talloc_free(service->ridalloc.rid_manager_source_dsa); + service->ridalloc.rid_manager_source_dsa = NULL; + + service->ridalloc.in_progress = false; +} + +/* + schedule a getncchanges request to the RID Manager to ask for a new + set of RIDs using DRSUAPI_EXOP_FSMO_RID_ALLOC + */ +static WERROR drepl_request_new_rid_pool(struct dreplsrv_service *service, + struct ldb_dn *rid_manager_dn, struct ldb_dn *fsmo_role_dn, + uint64_t alloc_pool) +{ + WERROR werr; + + if (service->ridalloc.rid_manager_source_dsa == NULL) { + /* we need to establish a connection to the RID + Manager */ + werr = drepl_create_rid_manager_source_dsa(service, rid_manager_dn, fsmo_role_dn); + W_ERROR_NOT_OK_RETURN(werr); + } + + service->ridalloc.in_progress = true; + + werr = dreplsrv_schedule_partition_pull_source(service, service->ridalloc.rid_manager_source_dsa, + DRSUAPI_EXOP_FSMO_RID_ALLOC, alloc_pool, + drepl_new_rid_pool_callback); + return werr; +} + + +/* + see if we are on the last pool we have + */ +static int drepl_ridalloc_pool_exhausted(struct ldb_context *ldb, bool *exhausted, uint64_t *alloc_pool) +{ + struct ldb_dn *server_dn, *machine_dn, *rid_set_dn; + TALLOC_CTX *tmp_ctx = talloc_new(ldb); + uint64_t prev_alloc_pool; + const char *attrs[] = { "rIDPreviousAllocationPool", "rIDAllocationPool", NULL }; + int ret; + struct ldb_result *res; + + server_dn = ldb_dn_get_parent(tmp_ctx, samdb_ntds_settings_dn(ldb)); + if (!server_dn) { + talloc_free(tmp_ctx); + return LDB_ERR_OPERATIONS_ERROR; + } + + ret = samdb_reference_dn(ldb, tmp_ctx, server_dn, "serverReference", &machine_dn); + if (ret != LDB_SUCCESS) { + DEBUG(0,(__location__ ": Failed to find serverReference in %s - %s", + ldb_dn_get_linearized(server_dn), ldb_errstring(ldb))); + talloc_free(tmp_ctx); + return ret; + } + + ret = samdb_reference_dn(ldb, tmp_ctx, machine_dn, "rIDSetReferences", &rid_set_dn); + if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE) { + *exhausted = true; + talloc_free(tmp_ctx); + return LDB_SUCCESS; + } + if (ret != LDB_SUCCESS) { + DEBUG(0,(__location__ ": Failed to find rIDSetReferences in %s - %s", + ldb_dn_get_linearized(machine_dn), ldb_errstring(ldb))); + talloc_free(tmp_ctx); + return ret; + } + + ret = ldb_search(ldb, tmp_ctx, &res, rid_set_dn, LDB_SCOPE_BASE, attrs, NULL); + if (ret != LDB_SUCCESS) { + DEBUG(0,(__location__ ": Failed to load RID Set attrs from %s - %s", + ldb_dn_get_linearized(rid_set_dn), ldb_errstring(ldb))); + talloc_free(tmp_ctx); + return ret; + } + + *alloc_pool = ldb_msg_find_attr_as_uint64(res->msgs[0], "rIDAllocationPool", 0); + prev_alloc_pool = ldb_msg_find_attr_as_uint64(res->msgs[0], "rIDPreviousAllocationPool", 0); + + if (*alloc_pool != prev_alloc_pool) { + *exhausted = false; + } else { + *exhausted = true; + } + + talloc_free(tmp_ctx); + return LDB_SUCCESS; +} + + +/* + see if we are low on RIDs in the RID Set rIDAllocationPool. If we + are, then schedule a replication call with DRSUAPI_EXOP_FSMO_RID_ALLOC + to the RID Manager + */ +WERROR dreplsrv_ridalloc_check_rid_pool(struct dreplsrv_service *service) +{ + struct ldb_dn *rid_manager_dn, *fsmo_role_dn; + TALLOC_CTX *tmp_ctx = talloc_new(service); + struct ldb_context *ldb = service->samdb; + bool exhausted; + WERROR werr; + int ret; + uint64_t alloc_pool; + + if (service->ridalloc.in_progress) { + talloc_free(tmp_ctx); + return WERR_OK; + } + + /* + steps: + - find who the RID Manager is + - if we are the RID Manager then nothing to do + - find our RID Set object + - load rIDAllocationPool and rIDPreviousAllocationPool + - if rIDAllocationPool != rIDPreviousAllocationPool then + nothing to do + - schedule a getncchanges with DRSUAPI_EXOP_FSMO_RID_ALLOC + to the RID Manager + */ + + /* work out who is the RID Manager */ + ret = samdb_rid_manager_dn(ldb, tmp_ctx, &rid_manager_dn); + if (ret != LDB_SUCCESS) { + DEBUG(0, (__location__ ": Failed to find RID Manager object - %s", ldb_errstring(ldb))); + talloc_free(tmp_ctx); + return WERR_DS_DRA_INTERNAL_ERROR; + } + + /* find the DN of the RID Manager */ + ret = samdb_reference_dn(ldb, tmp_ctx, rid_manager_dn, "fSMORoleOwner", &fsmo_role_dn); + if (ret != LDB_SUCCESS) { + DEBUG(0,(__location__ ": Failed to find fSMORoleOwner in RID Manager object - %s", + ldb_errstring(ldb))); + talloc_free(tmp_ctx); + return WERR_DS_DRA_INTERNAL_ERROR; + } + + if (ldb_dn_compare(samdb_ntds_settings_dn(ldb), fsmo_role_dn) == 0) { + /* we are the RID Manager - no need to do a + DRSUAPI_EXOP_FSMO_RID_ALLOC */ + talloc_free(tmp_ctx); + return WERR_OK; + } + + ret = drepl_ridalloc_pool_exhausted(ldb, &exhausted, &alloc_pool); + if (ret != LDB_SUCCESS) { + talloc_free(tmp_ctx); + return WERR_DS_DRA_INTERNAL_ERROR; + } + + DEBUG(2,(__location__ ": Requesting more RIDs from RID Manager\n")); + + werr = drepl_request_new_rid_pool(service, rid_manager_dn, fsmo_role_dn, alloc_pool); + talloc_free(tmp_ctx); + return werr; +} + +/* called by the samldb ldb module to tell us to ask for a new RID + pool */ +void dreplsrv_allocate_rid(struct messaging_context *msg, void *private_data, + uint32_t msg_type, + struct server_id server_id, DATA_BLOB *data) +{ + struct dreplsrv_service *service = talloc_get_type(private_data, struct dreplsrv_service); + dreplsrv_ridalloc_check_rid_pool(service); +} diff --git a/source4/dsdb/repl/drepl_service.c b/source4/dsdb/repl/drepl_service.c index a05ccc8d70..44164ff68f 100644 --- a/source4/dsdb/repl/drepl_service.c +++ b/source4/dsdb/repl/drepl_service.c @@ -206,6 +206,7 @@ static void dreplsrv_task_init(struct task_server *task) irpc_add_name(task->msg_ctx, "dreplsrv"); IRPC_REGISTER(task->msg_ctx, drsuapi, DRSUAPI_DSREPLICASYNC, drepl_replica_sync, service); + messaging_register(task->msg_ctx, service, MSG_DREPL_ALLOCATE_RID, dreplsrv_allocate_rid); } /* diff --git a/source4/dsdb/repl/drepl_service.h b/source4/dsdb/repl/drepl_service.h index 0f9684fa78..0a0d721d5c 100644 --- a/source4/dsdb/repl/drepl_service.h +++ b/source4/dsdb/repl/drepl_service.h @@ -100,6 +100,8 @@ struct dreplsrv_partition { struct dreplsrv_partition_source_dsa *sources; }; +typedef void (*dreplsrv_fsmo_callback_t)(struct dreplsrv_service *, WERROR ); + struct dreplsrv_out_operation { struct dreplsrv_out_operation *prev, *next; @@ -107,7 +109,9 @@ struct dreplsrv_out_operation { struct dreplsrv_partition_source_dsa *source_dsa; - struct composite_context *creq; + enum drsuapi_DsExtendedOperation extended_op; + uint64_t fsmo_info; + dreplsrv_fsmo_callback_t callback; }; struct dreplsrv_notify_operation { @@ -204,6 +208,11 @@ struct dreplsrv_service { /* an active notify operation */ struct dreplsrv_notify_operation *n_current; } ops; + + struct { + bool in_progress; + struct dreplsrv_partition_source_dsa *rid_manager_source_dsa; + } ridalloc; }; #include "dsdb/repl/drepl_out_helpers.h" diff --git a/source4/dsdb/samdb/ldb_modules/acl.c b/source4/dsdb/samdb/ldb_modules/acl.c index a3298362f3..a779821107 100644 --- a/source4/dsdb/samdb/ldb_modules/acl.c +++ b/source4/dsdb/samdb/ldb_modules/acl.c @@ -35,10 +35,10 @@ #include "ldb_module.h" #include "auth/auth.h" #include "libcli/security/security.h" -#include "librpc/gen_ndr/ndr_security.h" #include "dsdb/samdb/samdb.h" #include "librpc/gen_ndr/ndr_security.h" #include "param/param.h" +#include "dsdb/samdb/ldb_modules/util.h" struct extended_access_check_attribute { const char *oa_name; @@ -53,7 +53,7 @@ struct acl_private { struct acl_context { struct ldb_module *module; struct ldb_request *req; - enum security_user_level user_type; + bool am_system; bool allowedAttributes; bool allowedAttributesEffective; bool allowedChildClasses; @@ -70,14 +70,6 @@ bool is_root_base_dn(struct ldb_context *ldb, struct ldb_dn *dn_to_check) return (result==0); } -static enum security_user_level what_is_user(struct ldb_module *module) -{ - struct ldb_context *ldb = ldb_module_get_ctx(module); - struct auth_session_info *session_info - = (struct auth_session_info *)ldb_get_opaque(ldb, "sessionInfo"); - return security_session_user_level(session_info); -} - static struct security_token *acl_user_token(struct ldb_module *module) { struct ldb_context *ldb = ldb_module_get_ctx(module); @@ -309,7 +301,7 @@ static int acl_check_access_on_attribute(struct ldb_module *module, struct security_descriptor *sd, struct dom_sid *rp_sid, uint32_t access, - struct dsdb_attribute *attr) + const struct dsdb_attribute *attr) { int ret; NTSTATUS status; @@ -370,7 +362,7 @@ static int acl_check_access_on_class(struct ldb_module *module, uint32_t access_granted; struct object_tree *root = NULL; struct object_tree *new_node = NULL; - struct GUID *guid; + const struct GUID *guid; const struct dsdb_schema *schema = dsdb_get_schema(ldb); TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); struct security_token *token = acl_user_token(module); @@ -450,7 +442,7 @@ static int acl_allowedAttributes(struct ldb_module *module, struct ldb_control *as_system = ldb_request_get_control(ac->req, LDB_CONTROL_AS_SYSTEM_OID); ldb_msg_remove_attr(msg, "allowedAttributesEffective"); - if (ac->user_type == SECURITY_SYSTEM || as_system) { + if (ac->am_system || as_system) { for (i=0; attr_list && attr_list[i]; i++) { ldb_msg_add_string(msg, "allowedAttributesEffective", attr_list[i]); } @@ -468,7 +460,7 @@ static int acl_allowedAttributes(struct ldb_module *module, return ret; } for (i=0; attr_list && attr_list[i]; i++) { - struct dsdb_attribute *attr = dsdb_attribute_by_lDAPDisplayName(schema, + const struct dsdb_attribute *attr = dsdb_attribute_by_lDAPDisplayName(schema, attr_list[i]); if (!attr) { return LDB_ERR_OPERATIONS_ERROR; @@ -566,7 +558,7 @@ static int acl_childClassesEffective(struct ldb_module *module, struct dom_sid *sid = NULL; int i, j, ret; - if (ac->user_type == SECURITY_SYSTEM || as_system) { + if (ac->am_system || as_system) { return acl_childClasses(module, sd_msg, msg, "allowedChildClassesEffective"); } @@ -650,7 +642,7 @@ static int acl_sDRightsEffective(struct ldb_module *module, if (ret != LDB_SUCCESS) { return ret; } - if (ac->user_type == SECURITY_SYSTEM || as_system) { + if (ac->am_system || as_system) { flags = SECINFO_OWNER | SECINFO_GROUP | SECINFO_SACL | SECINFO_DACL; } else { @@ -707,7 +699,7 @@ static int acl_add(struct ldb_module *module, struct ldb_request *req) struct object_tree *new_node = NULL; struct ldb_control *as_system = ldb_request_get_control(req, LDB_CONTROL_AS_SYSTEM_OID); - if (what_is_user(module) == SECURITY_SYSTEM || as_system) { + if (dsdb_module_am_system(module) || as_system) { return ldb_next_request(module, req); } @@ -773,7 +765,7 @@ static int acl_modify(struct ldb_module *module, struct ldb_request *req) { DEBUG(10, ("ldb:acl_modify: %s\n", req->op.mod.message->elements[0].name)); } - if (what_is_user(module) == SECURITY_SYSTEM || as_system) { + if (dsdb_module_am_system(module) || as_system) { return ldb_next_request(module, req); } if (ldb_dn_is_special(req->op.mod.message->dn)) { @@ -901,7 +893,7 @@ static int acl_delete(struct ldb_module *module, struct ldb_request *req) struct ldb_control *as_system = ldb_request_get_control(req, LDB_CONTROL_AS_SYSTEM_OID); DEBUG(10, ("ldb:acl_delete: %s\n", ldb_dn_get_linearized(req->op.del.dn))); - if (what_is_user(module) == SECURITY_SYSTEM || as_system) { + if (dsdb_module_am_system(module) || as_system) { return ldb_next_request(module, req); } @@ -955,7 +947,7 @@ static int acl_rename(struct ldb_module *module, struct ldb_request *req) }; DEBUG(10, ("ldb:acl_rename: %s\n", ldb_dn_get_linearized(req->op.rename.olddn))); - if (what_is_user(module) == SECURITY_SYSTEM || as_system) { + if (dsdb_module_am_system(module) || as_system) { return ldb_next_request(module, req); } if (ldb_dn_is_special(req->op.rename.olddn)) { @@ -1135,7 +1127,7 @@ static int acl_search_callback(struct ldb_request *req, struct ldb_reply *ares) } } if (data && data->password_attrs) { - if (ac->user_type != SECURITY_SYSTEM) { + if (!ac->am_system) { for (i = 0; data->password_attrs[i]; i++) { ldb_msg_remove_attr(ares->message, data->password_attrs[i]); } @@ -1173,7 +1165,7 @@ static int acl_search(struct ldb_module *module, struct ldb_request *req) ac->module = module; ac->req = req; - ac->user_type = what_is_user(module); + ac->am_system = dsdb_module_am_system(module); ac->allowedAttributes = ldb_attr_in_list(req->op.search.attrs, "allowedAttributes"); ac->allowedAttributesEffective = ldb_attr_in_list(req->op.search.attrs, "allowedAttributesEffective"); ac->allowedChildClasses = ldb_attr_in_list(req->op.search.attrs, "allowedChildClasses"); @@ -1183,7 +1175,7 @@ static int acl_search(struct ldb_module *module, struct ldb_request *req) /* replace any attributes in the parse tree that are private, so we don't allow a search for 'userPassword=penguin', just as we would not allow that attribute to be returned */ - if (ac->user_type != SECURITY_SYSTEM) { + if (ac->am_system) { /* FIXME: We should copy the tree and keep the original unmodified. */ /* remove password attributes */ if (data && data->password_attrs) { diff --git a/source4/dsdb/samdb/ldb_modules/config.mk b/source4/dsdb/samdb/ldb_modules/config.mk index 6128dc9d65..f9f1714358 100644 --- a/source4/dsdb/samdb/ldb_modules/config.mk +++ b/source4/dsdb/samdb/ldb_modules/config.mk @@ -1,9 +1,11 @@ ################################################ # Start SUBSYSTEM DSDB_MODULE_HELPERS [SUBSYSTEM::DSDB_MODULE_HELPERS] -PRIVATE_DEPENDENCIES = LIBLDB LIBNDR SAMDB_SCHEMA +PRIVATE_DEPENDENCIES = LIBLDB LIBNDR SAMDB_SCHEMA MESSAGING -DSDB_MODULE_HELPERS_OBJ_FILES = $(dsdbsrcdir)/samdb/ldb_modules/util.o +DSDB_MODULE_HELPERS_OBJ_FILES = \ + $(dsdbsrcdir)/samdb/ldb_modules/util.o \ + $(dsdbsrcdir)/samdb/ldb_modules/ridalloc.o $(eval $(call proto_header_template,$(dsdbsrcdir)/samdb/ldb_modules/util_proto.h,$(DSDB_MODULE_HELPERS_OBJ_FILES:.o=.c))) @@ -135,13 +137,26 @@ SUBSYSTEM = LIBLDB INIT_FUNCTION = LDB_MODULE(samba3sam) PRIVATE_DEPENDENCIES = LIBTALLOC LIBEVENTS LIBLDB SMBPASSWD \ NSS_WRAPPER LIBSECURITY NDR_SECURITY -# End MODULE ldb_samldb +# End MODULE ldb_samba3sam ################################################ ldb_samba3sam_OBJ_FILES = \ $(dsdbsrcdir)/samdb/ldb_modules/samba3sam.o ################################################ +# Start MODULE ldb_samba3sid +[MODULE::ldb_samba3sid] +SUBSYSTEM = LIBLDB +INIT_FUNCTION = LDB_MODULE(samba3sid) +PRIVATE_DEPENDENCIES = LIBTALLOC LIBEVENTS LIBLDB SMBPASSWD \ + NSS_WRAPPER LIBSECURITY NDR_SECURITY +# End MODULE ldb_samba3sid +################################################ + +ldb_samba3sid_OBJ_FILES = \ + $(dsdbsrcdir)/samdb/ldb_modules/samba3sid.o + +################################################ # Start MODULE ldb_simple_ldap_map [MODULE::ldb_simple_ldap_map] SUBSYSTEM = LIBLDB @@ -337,7 +352,7 @@ ldb_subtree_delete_OBJ_FILES = $(dsdbsrcdir)/samdb/ldb_modules/subtree_delete.o [MODULE::ldb_linked_attributes] INIT_FUNCTION = LDB_MODULE(linked_attributes) CFLAGS = -Ilib/ldb/include -PRIVATE_DEPENDENCIES = LIBTALLOC LIBEVENTS SAMDB +PRIVATE_DEPENDENCIES = LIBTALLOC LIBEVENTS SAMDB DSDB_MODULE_HELPERS SUBSYSTEM = LIBLDB # End MODULE ldb_linked_attributes ################################################ diff --git a/source4/dsdb/samdb/ldb_modules/instancetype.c b/source4/dsdb/samdb/ldb_modules/instancetype.c index b17f40e82a..0a297d587a 100644 --- a/source4/dsdb/samdb/ldb_modules/instancetype.c +++ b/source4/dsdb/samdb/ldb_modules/instancetype.c @@ -36,6 +36,7 @@ #include "librpc/gen_ndr/ndr_misc.h" #include "dsdb/samdb/samdb.h" #include "../libds/common/flags.h" +#include "dsdb/samdb/ldb_modules/util.h" struct it_context { struct ldb_module *module; @@ -143,7 +144,7 @@ static int instancetype_add(struct ldb_module *module, struct ldb_request *req) ret = ldb_build_add_req(&down_req, ldb, req, msg, req->controls, - req->context, req->callback, + req, dsdb_next_callback, req); if (ret != LDB_SUCCESS) { return ret; diff --git a/source4/dsdb/samdb/ldb_modules/lazy_commit.c b/source4/dsdb/samdb/ldb_modules/lazy_commit.c index 0502b2efa1..b4eaf50d51 100644 --- a/source4/dsdb/samdb/ldb_modules/lazy_commit.c +++ b/source4/dsdb/samdb/ldb_modules/lazy_commit.c @@ -28,6 +28,7 @@ */ #include "ldb_module.h" +#include "dsdb/samdb/ldb_modules/util.h" static int unlazy_op(struct ldb_module *module, struct ldb_request *req) { @@ -47,28 +48,28 @@ static int unlazy_op(struct ldb_module *module, struct ldb_request *req) req->op.search.tree, req->op.search.attrs, req->controls, - req->context, req->callback, + req, dsdb_next_callback, req); break; case LDB_ADD: ret = ldb_build_add_req(&new_req, ldb_module_get_ctx(module), req, req->op.add.message, req->controls, - req->context, req->callback, + req, dsdb_next_callback, req); break; case LDB_MODIFY: ret = ldb_build_mod_req(&new_req, ldb_module_get_ctx(module), req, req->op.mod.message, req->controls, - req->context, req->callback, + req, dsdb_next_callback, req); break; case LDB_DELETE: ret = ldb_build_del_req(&new_req, ldb_module_get_ctx(module), req, req->op.del.dn, req->controls, - req->context, req->callback, + req, dsdb_next_callback, req); break; case LDB_RENAME: @@ -76,7 +77,7 @@ static int unlazy_op(struct ldb_module *module, struct ldb_request *req) req->op.rename.olddn, req->op.rename.newdn, req->controls, - req->context, req->callback, + req, dsdb_next_callback, req); break; case LDB_EXTENDED: @@ -85,7 +86,7 @@ static int unlazy_op(struct ldb_module *module, struct ldb_request *req) req->op.extended.oid, req->op.extended.data, req->controls, - req->context, req->callback, + req, dsdb_next_callback, req); break; default: diff --git a/source4/dsdb/samdb/ldb_modules/partition.c b/source4/dsdb/samdb/ldb_modules/partition.c index 01ae0a10a7..59e7fab393 100644 --- a/source4/dsdb/samdb/ldb_modules/partition.c +++ b/source4/dsdb/samdb/ldb_modules/partition.c @@ -39,7 +39,6 @@ struct part_request { struct partition_context { struct ldb_module *module; struct ldb_request *req; - bool got_success; struct part_request *part_req; int num_requests; @@ -160,7 +159,7 @@ static int partition_req_callback(struct ldb_request *req, } } - if (ares->error != LDB_SUCCESS && !ac->got_success) { + if (ares->error != LDB_SUCCESS) { return ldb_module_done(ac->req, ares->controls, ares->response, ares->error); } @@ -182,9 +181,6 @@ static int partition_req_callback(struct ldb_request *req, return ldb_module_send_entry(ac->req, ares->message, ares->controls); case LDB_REPLY_DONE: - if (ares->error == LDB_SUCCESS) { - ac->got_success = true; - } if (ac->req->operation == LDB_EXTENDED) { /* FIXME: check for ares->response, replmd does not fill it ! */ if (ares->response) { @@ -205,7 +201,7 @@ static int partition_req_callback(struct ldb_request *req, /* this was the last one, call callback */ return ldb_module_done(ac->req, ares->controls, ares->response, - ac->got_success?LDB_SUCCESS:ares->error); + ares->error); } /* not the last, now call the next one */ @@ -528,9 +524,7 @@ static int partition_search(struct ldb_module *module, struct ldb_request *req) */ if (ldb_dn_compare(data->partitions[i]->ctrl->dn, req->op.search.base) == 0) { match = true; - if (req->op.search.scope == LDB_SCOPE_BASE) { - stop = true; - } + stop = true; } if (!match && (ldb_dn_compare_base(req->op.search.base, data->partitions[i]->ctrl->dn) == 0 && diff --git a/source4/dsdb/samdb/ldb_modules/pdc_fsmo.c b/source4/dsdb/samdb/ldb_modules/pdc_fsmo.c index 796ecaf7bc..00d9a30fd3 100644 --- a/source4/dsdb/samdb/ldb_modules/pdc_fsmo.c +++ b/source4/dsdb/samdb/ldb_modules/pdc_fsmo.c @@ -75,8 +75,8 @@ static int pdc_fsmo_init(struct ldb_module *module) return ldb_next_init(module); } else if (ret != LDB_SUCCESS) { ldb_debug_set(ldb, LDB_DEBUG_FATAL, - "pdc_fsmo_init: failed to search the domain object: %d:%s", - ret, ldb_strerror(ret)); + "pdc_fsmo_init: failed to search the domain object: %d:%s: %s", + ret, ldb_strerror(ret), ldb_errstring(ldb)); talloc_free(mem_ctx); return ret; } diff --git a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c index 890eb91d6d..b4caac4c8d 100644 --- a/source4/dsdb/samdb/ldb_modules/repl_meta_data.c +++ b/source4/dsdb/samdb/ldb_modules/repl_meta_data.c @@ -672,7 +672,7 @@ static int replmd_add(struct ldb_module *module, struct ldb_request *req) /* check if there's a show relax control (used by provision to say 'I know what I'm doing') */ control = ldb_request_get_control(req, LDB_CONTROL_RELAX_OID); if (control) { - allow_add_guid = 1; + allow_add_guid = true; } /* do not manipulate our control entries */ @@ -2667,10 +2667,12 @@ static int replmd_replicated_apply_merge(struct replmd_replicated_request *ar) break; } - DEBUG(1,("Discarding older DRS attribute update to %s on %s from %s\n", - msg->elements[i-removed_attrs].name, - ldb_dn_get_linearized(msg->dn), - GUID_string(ar, &rmd->ctr.ctr1.array[i].originating_invocation_id))); + if (rmd->ctr.ctr1.array[i].attid != DRSUAPI_ATTRIBUTE_instanceType) { + DEBUG(1,("Discarding older DRS attribute update to %s on %s from %s\n", + msg->elements[i-removed_attrs].name, + ldb_dn_get_linearized(msg->dn), + GUID_string(ar, &rmd->ctr.ctr1.array[i].originating_invocation_id))); + } /* we don't want to apply this change so remove the attribute */ ldb_msg_remove_element(msg, &msg->elements[i-removed_attrs]); diff --git a/source4/dsdb/samdb/ldb_modules/ridalloc.c b/source4/dsdb/samdb/ldb_modules/ridalloc.c new file mode 100644 index 0000000000..a64062fcdc --- /dev/null +++ b/source4/dsdb/samdb/ldb_modules/ridalloc.c @@ -0,0 +1,646 @@ +/* + RID allocation helper functions + + Copyright (C) Andrew Bartlett 2010 + Copyright (C) Andrew Tridgell 2010 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +/* + * Name: ldb + * + * Component: RID allocation logic + * + * Description: manage RID Set and RID Manager objects + * + */ + +#include "includes.h" +#include "ldb_module.h" +#include "dsdb/samdb/samdb.h" +#include "dsdb/samdb/ldb_modules/util.h" +#include "lib/messaging/irpc.h" +#include "param/param.h" +#include "librpc/gen_ndr/ndr_misc.h" + +/* + Note: the RID allocation attributes in AD are very badly named. Here + is what we think they really do: + + in RID Set object: + - rIDPreviousAllocationPool: the pool which a DC is currently + pulling RIDs from. Managed by client DC + + - rIDAllocationPool: the pool that the DC will switch to next, + when rIDPreviousAllocationPool is exhausted. Managed by RID Manager. + + - rIDNextRID: the last RID allocated by this DC. Managed by client DC + + in RID Manager object: + - rIDAvailablePool: the pool where the RID Manager gets new rID + pools from when it gets a EXOP_RID_ALLOC getncchanges call (or + locally when the DC is the RID Manager) + */ + + +/* + make a IRPC call to the drepl task to ask it to get the RID + Manager to give us another RID pool. + + This function just sends the message to the drepl task then + returns immediately. It should be called well before we + completely run out of RIDs + */ +static void ridalloc_poke_rid_manager(struct ldb_module *module) +{ + struct messaging_context *msg; + struct server_id *server; + struct ldb_context *ldb = ldb_module_get_ctx(module); + struct loadparm_context *lp_ctx = ldb_get_opaque(ldb, "loadparm"); + TALLOC_CTX *tmp_ctx = talloc_new(module); + + msg = messaging_client_init(tmp_ctx, lp_messaging_path(tmp_ctx, lp_ctx), + lp_iconv_convenience(lp_ctx), + ldb_get_event_context(ldb)); + if (!msg) { + DEBUG(3,(__location__ ": Failed to create messaging context\n")); + talloc_free(tmp_ctx); + return; + } + + server = irpc_servers_byname(msg, msg, "dreplsrv"); + if (!server) { + /* this means the drepl service is not running */ + talloc_free(tmp_ctx); + return; + } + + messaging_send(msg, server[0], MSG_DREPL_ALLOCATE_RID, NULL); + + /* we don't care if the message got through */ + talloc_free(tmp_ctx); +} + + +/* + allocate a new range of RIDs in the RID Manager object + */ +static int ridalloc_rid_manager_allocate(struct ldb_module *module, struct ldb_dn *rid_manager_dn, uint64_t *new_pool) +{ + int ret; + TALLOC_CTX *tmp_ctx = talloc_new(module); + const char *attrs[] = { "rIDAvailablePool", NULL }; + uint64_t rid_pool, new_rid_pool, dc_pool; + uint32_t rid_pool_lo, rid_pool_hi; + struct ldb_result *res; + struct ldb_context *ldb = ldb_module_get_ctx(module); + const unsigned alloc_size = 500; + + ret = dsdb_module_search_dn(module, tmp_ctx, &res, rid_manager_dn, attrs, 0); + if (ret != LDB_SUCCESS) { + ldb_asprintf_errstring(ldb, "Failed to find rIDAvailablePool in %s - %s", + ldb_dn_get_linearized(rid_manager_dn), ldb_errstring(ldb)); + talloc_free(tmp_ctx); + return ret; + } + + rid_pool = ldb_msg_find_attr_as_uint64(res->msgs[0], "rIDAvailablePool", 0); + rid_pool_lo = rid_pool & 0xFFFFFFFF; + rid_pool_hi = rid_pool >> 32; + if (rid_pool_lo >= rid_pool_hi) { + ldb_asprintf_errstring(ldb, "Out of RIDs in RID Manager - rIDAvailablePool is %u-%u", + rid_pool_lo, rid_pool_hi); + talloc_free(tmp_ctx); + return ret; + } + + /* lower part of new pool is the low part of the rIDAvailablePool */ + dc_pool = rid_pool_lo; + + /* allocate 500 RIDs to this DC */ + rid_pool_lo = MIN(rid_pool_hi, rid_pool_lo + alloc_size); + + /* work out upper part of new pool */ + dc_pool |= (((uint64_t)rid_pool_lo-1)<<32); + + /* and new rIDAvailablePool value */ + new_rid_pool = rid_pool_lo | (((uint64_t)rid_pool_hi)<<32); + + ret = dsdb_module_constrainted_update_integer(module, rid_manager_dn, "rIDAvailablePool", + rid_pool, new_rid_pool); + if (ret != LDB_SUCCESS) { + ldb_asprintf_errstring(ldb, "Failed to update rIDAvailablePool - %s", + ldb_errstring(ldb)); + talloc_free(tmp_ctx); + return ret; + } + + (*new_pool) = dc_pool; + talloc_free(tmp_ctx); + return LDB_SUCCESS; +} + +/* + create a RID Set object for the specified DC + */ +static int ridalloc_create_rid_set_ntds(struct ldb_module *module, TALLOC_CTX *mem_ctx, + struct ldb_dn *rid_manager_dn, + struct ldb_dn *ntds_dn, struct ldb_dn **dn) +{ + TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); + struct ldb_dn *server_dn, *machine_dn, *rid_set_dn; + int ret; + uint64_t dc_pool; + struct ldb_message *msg; + struct ldb_context *ldb = ldb_module_get_ctx(module); + + /* + steps: + + find the machine object for the DC + construct the RID Set DN + load rIDAvailablePool to find next available set + modify RID Manager object to update rIDAvailablePool + add the RID Set object + link to the RID Set object in machine object + */ + + server_dn = ldb_dn_get_parent(tmp_ctx, ntds_dn); + if (!server_dn) { + ldb_module_oom(module); + talloc_free(tmp_ctx); + return LDB_ERR_OPERATIONS_ERROR; + } + + ret = dsdb_module_reference_dn(module, tmp_ctx, server_dn, "serverReference", &machine_dn); + if (ret != LDB_SUCCESS) { + ldb_asprintf_errstring(ldb, "Failed to find serverReference in %s - %s", + ldb_dn_get_linearized(server_dn), ldb_errstring(ldb)); + talloc_free(tmp_ctx); + return ret; + } + + rid_set_dn = ldb_dn_copy(tmp_ctx, machine_dn); + if (rid_set_dn == NULL) { + ldb_module_oom(module); + return LDB_ERR_OPERATIONS_ERROR; + } + + if (! ldb_dn_add_child_fmt(rid_set_dn, "CN=RID Set")) { + ldb_module_oom(module); + return LDB_ERR_OPERATIONS_ERROR; + } + + /* grab a pool from the RID Manager object */ + ret = ridalloc_rid_manager_allocate(module, rid_manager_dn, &dc_pool); + if (ret != LDB_SUCCESS) { + talloc_free(tmp_ctx); + return ret; + } + + /* create the RID Set object */ + msg = ldb_msg_new(tmp_ctx); + msg->dn = rid_set_dn; + + ret = ldb_msg_add_string(msg, "objectClass", "rIDSet"); + if (ret != LDB_SUCCESS) { + talloc_free(tmp_ctx); + return ret; + } + ret = ldb_msg_add_fmt(msg, "rIDAllocationPool", "%llu", (unsigned long long)dc_pool); + if (ret != LDB_SUCCESS) { + talloc_free(tmp_ctx); + return ret; + } + + /* w2k8-r2 sets these to zero when first created */ + ret = ldb_msg_add_fmt(msg, "rIDPreviousAllocationPool", "0"); + if (ret != LDB_SUCCESS) { + talloc_free(tmp_ctx); + return ret; + } + ret = ldb_msg_add_fmt(msg, "rIDUsedPool", "0"); + if (ret != LDB_SUCCESS) { + talloc_free(tmp_ctx); + return ret; + } + ret = ldb_msg_add_fmt(msg, "rIDNextRID", "0"); + if (ret != LDB_SUCCESS) { + talloc_free(tmp_ctx); + return ret; + } + + /* we need this to go all the way to the top of the module + * stack, as we need all the extra attributes added (including + * complex ones like ntsecuritydescriptor) */ + ret = dsdb_module_add(module, msg, DSDB_FLAG_TOP_MODULE | DSDB_MODIFY_RELAX); + if (ret != LDB_SUCCESS) { + ldb_asprintf_errstring(ldb, "Failed to add RID Set %s - %s", + ldb_dn_get_linearized(msg->dn), + ldb_errstring(ldb)); + talloc_free(tmp_ctx); + return ret; + } + + /* add the rIDSetReferences link */ + msg = ldb_msg_new(tmp_ctx); + msg->dn = machine_dn; + + ret = ldb_msg_add_string(msg, "rIDSetReferences", ldb_dn_get_linearized(rid_set_dn)); + if (ret != LDB_SUCCESS) { + talloc_free(tmp_ctx); + return ret; + } + msg->elements[0].flags = LDB_FLAG_MOD_ADD; + + ret = dsdb_module_modify(module, msg, 0); + if (ret != LDB_SUCCESS) { + ldb_asprintf_errstring(ldb, "Failed to add rIDSetReferences to %s - %s", + ldb_dn_get_linearized(msg->dn), + ldb_errstring(ldb)); + talloc_free(tmp_ctx); + return ret; + } + + (*dn) = talloc_steal(mem_ctx, rid_set_dn); + + talloc_free(tmp_ctx); + return LDB_SUCCESS; +} + + +/* + create a RID Set object for this DC + */ +static int ridalloc_create_own_rid_set(struct ldb_module *module, TALLOC_CTX *mem_ctx, + struct ldb_dn **dn) +{ + TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); + struct ldb_dn *rid_manager_dn, *fsmo_role_dn; + int ret; + struct ldb_context *ldb = ldb_module_get_ctx(module); + + /* work out who is the RID Manager */ + ret = dsdb_module_rid_manager_dn(module, tmp_ctx, &rid_manager_dn); + if (ret != LDB_SUCCESS) { + ldb_asprintf_errstring(ldb, "Failed to find RID Manager object - %s", + ldb_errstring(ldb)); + talloc_free(tmp_ctx); + return ret; + } + + /* find the DN of the RID Manager */ + ret = dsdb_module_reference_dn(module, tmp_ctx, rid_manager_dn, "fSMORoleOwner", &fsmo_role_dn); + if (ret != LDB_SUCCESS) { + ldb_asprintf_errstring(ldb, "Failed to find fSMORoleOwner in RID Manager object - %s", + ldb_errstring(ldb)); + talloc_free(tmp_ctx); + return ret; + } + + if (ldb_dn_compare(samdb_ntds_settings_dn(ldb), fsmo_role_dn) != 0) { + ridalloc_poke_rid_manager(module); + ldb_asprintf_errstring(ldb, "Remote RID Set allocation needs refresh"); + talloc_free(tmp_ctx); + return LDB_ERR_UNWILLING_TO_PERFORM; + } + + ret = ridalloc_create_rid_set_ntds(module, mem_ctx, rid_manager_dn, fsmo_role_dn, dn); + talloc_free(tmp_ctx); + return ret; +} + +/* + refresh a RID Set object for the specified DC + also returns the first RID for the new pool + */ +static int ridalloc_refresh_rid_set_ntds(struct ldb_module *module, + struct ldb_dn *rid_manager_dn, + struct ldb_dn *ntds_dn, uint64_t *new_pool) +{ + TALLOC_CTX *tmp_ctx = talloc_new(module); + struct ldb_dn *server_dn, *machine_dn, *rid_set_dn; + struct ldb_context *ldb = ldb_module_get_ctx(module); + int ret; + + /* grab a pool from the RID Manager object */ + ret = ridalloc_rid_manager_allocate(module, rid_manager_dn, new_pool); + if (ret != LDB_SUCCESS) { + talloc_free(tmp_ctx); + return ret; + } + + server_dn = ldb_dn_get_parent(tmp_ctx, ntds_dn); + if (!server_dn) { + ldb_module_oom(module); + talloc_free(tmp_ctx); + return LDB_ERR_OPERATIONS_ERROR; + } + + ret = dsdb_module_reference_dn(module, tmp_ctx, server_dn, "serverReference", &machine_dn); + if (ret != LDB_SUCCESS) { + ldb_asprintf_errstring(ldb, "Failed to find serverReference in %s - %s", + ldb_dn_get_linearized(server_dn), ldb_errstring(ldb)); + talloc_free(tmp_ctx); + return ret; + } + + ret = dsdb_module_reference_dn(module, tmp_ctx, machine_dn, "rIDSetReferences", &rid_set_dn); + if (ret != LDB_SUCCESS) { + ldb_asprintf_errstring(ldb, "Failed to find rIDSetReferences in %s - %s", + ldb_dn_get_linearized(machine_dn), ldb_errstring(ldb)); + talloc_free(tmp_ctx); + return ret; + } + + ret = dsdb_module_set_integer(module, rid_set_dn, "rIDAllocationPool", *new_pool); + if (ret != LDB_SUCCESS) { + ldb_asprintf_errstring(ldb, "Failed to modify RID Set object %s - %s", + ldb_dn_get_linearized(rid_set_dn), ldb_errstring(ldb)); + talloc_free(tmp_ctx); + return ret; + } + + talloc_free(tmp_ctx); + return LDB_SUCCESS; +} + + +/* + get a new RID pool for ourselves + also returns the first rid for the new pool + */ +static int ridalloc_refresh_own_pool(struct ldb_module *module, uint64_t *new_pool) +{ + TALLOC_CTX *tmp_ctx = talloc_new(module); + struct ldb_dn *rid_manager_dn, *fsmo_role_dn; + int ret; + struct ldb_context *ldb = ldb_module_get_ctx(module); + + /* work out who is the RID Manager */ + ret = dsdb_module_rid_manager_dn(module, tmp_ctx, &rid_manager_dn); + if (ret != LDB_SUCCESS) { + ldb_asprintf_errstring(ldb, "Failed to find RID Manager object - %s", + ldb_errstring(ldb)); + talloc_free(tmp_ctx); + return ret; + } + + /* find the DN of the RID Manager */ + ret = dsdb_module_reference_dn(module, tmp_ctx, rid_manager_dn, "fSMORoleOwner", &fsmo_role_dn); + if (ret != LDB_SUCCESS) { + ldb_asprintf_errstring(ldb, "Failed to find fSMORoleOwner in RID Manager object - %s", + ldb_errstring(ldb)); + talloc_free(tmp_ctx); + return ret; + } + + if (ldb_dn_compare(samdb_ntds_settings_dn(ldb), fsmo_role_dn) != 0) { + ridalloc_poke_rid_manager(module); + ldb_asprintf_errstring(ldb, "Remote RID Set allocation needs refresh"); + talloc_free(tmp_ctx); + return LDB_ERR_UNWILLING_TO_PERFORM; + } + + ret = ridalloc_refresh_rid_set_ntds(module, rid_manager_dn, fsmo_role_dn, new_pool); + talloc_free(tmp_ctx); + return ret; +} + + +/* allocate a RID using our RID Set + If we run out of RIDs then allocate a new pool + either locally or by contacting the RID Manager +*/ +int ridalloc_allocate_rid(struct ldb_module *module, uint32_t *rid) +{ + struct ldb_context *ldb; + static const char * const attrs[] = { "rIDAllocationPool", "rIDPreviousAllocationPool", + "rIDNextRID" , "rIDUsedPool", NULL }; + int ret; + struct ldb_dn *rid_set_dn; + struct ldb_result *res; + uint64_t alloc_pool, prev_alloc_pool; + uint32_t prev_alloc_pool_lo, prev_alloc_pool_hi; + uint32_t rid_used_pool; + int prev_rid; + TALLOC_CTX *tmp_ctx = talloc_new(module); + + (*rid) = 0; + ldb = ldb_module_get_ctx(module); + + ret = samdb_rid_set_dn(ldb, tmp_ctx, &rid_set_dn); + if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE) { + ret = ridalloc_create_own_rid_set(module, tmp_ctx, &rid_set_dn); + } + if (ret != LDB_SUCCESS) { + ldb_asprintf_errstring(ldb, __location__ ": No RID Set DN - %s", + ldb_errstring(ldb)); + talloc_free(tmp_ctx); + return ret; + } + + ret = dsdb_module_search_dn(module, tmp_ctx, &res, rid_set_dn, attrs, 0); + if (ret != LDB_SUCCESS) { + ldb_asprintf_errstring(ldb, __location__ ": No RID Set %s", + ldb_dn_get_linearized(rid_set_dn)); + talloc_free(tmp_ctx); + return ret; + } + + prev_alloc_pool = ldb_msg_find_attr_as_uint64(res->msgs[0], "rIDPreviousAllocationPool", 0); + alloc_pool = ldb_msg_find_attr_as_uint64(res->msgs[0], "rIDAllocationPool", 0); + prev_rid = ldb_msg_find_attr_as_int(res->msgs[0], "rIDNextRID", 0); + rid_used_pool = ldb_msg_find_attr_as_int(res->msgs[0], "rIDUsedPool", 0); + if (alloc_pool == 0) { + ldb_asprintf_errstring(ldb, __location__ ": Bad RID Set %s", + ldb_dn_get_linearized(rid_set_dn)); + talloc_free(tmp_ctx); + return LDB_ERR_OPERATIONS_ERROR; + } + + prev_alloc_pool_lo = prev_alloc_pool & 0xFFFFFFFF; + prev_alloc_pool_hi = prev_alloc_pool >> 32; + if (prev_rid >= prev_alloc_pool_hi) { + if (prev_alloc_pool == 0) { + ret = dsdb_module_set_integer(module, rid_set_dn, "rIDPreviousAllocationPool", alloc_pool); + } else { + ret = dsdb_module_constrainted_update_integer(module, rid_set_dn, "rIDPreviousAllocationPool", + prev_alloc_pool, alloc_pool); + } + if (ret != LDB_SUCCESS) { + ldb_asprintf_errstring(ldb, __location__ ": Failed to update rIDPreviousAllocationPool on %s - %s", + ldb_dn_get_linearized(rid_set_dn), ldb_errstring(ldb)); + talloc_free(tmp_ctx); + return ret; + } + prev_alloc_pool = alloc_pool; + prev_alloc_pool_lo = prev_alloc_pool & 0xFFFFFFFF; + prev_alloc_pool_hi = prev_alloc_pool >> 32; + + /* update the rIDUsedPool attribute */ + ret = dsdb_module_set_integer(module, rid_set_dn, "rIDUsedPool", rid_used_pool+1); + if (ret != LDB_SUCCESS) { + ldb_asprintf_errstring(ldb, __location__ ": Failed to update rIDUsedPool on %s - %s", + ldb_dn_get_linearized(rid_set_dn), ldb_errstring(ldb)); + talloc_free(tmp_ctx); + return ret; + } + + (*rid) = prev_alloc_pool_lo; + } + + /* see if we are still out of RIDs, and if so then ask + the RID Manager to give us more */ + if (prev_rid >= prev_alloc_pool_hi) { + uint64_t new_pool; + ret = ridalloc_refresh_own_pool(module, &new_pool); + if (ret != LDB_SUCCESS) { + return ret; + } + ret = dsdb_module_constrainted_update_integer(module, rid_set_dn, "rIDPreviousAllocationPool", + prev_alloc_pool, new_pool); + if (ret != LDB_SUCCESS) { + ldb_asprintf_errstring(ldb, __location__ ": Failed to update rIDPreviousAllocationPool on %s - %s", + ldb_dn_get_linearized(rid_set_dn), ldb_errstring(ldb)); + talloc_free(tmp_ctx); + return ret; + } + prev_alloc_pool = new_pool; + prev_alloc_pool_lo = prev_alloc_pool & 0xFFFFFFFF; + prev_alloc_pool_hi = prev_alloc_pool >> 32; + (*rid) = prev_alloc_pool_lo; + } else { + /* despite the name, rIDNextRID is the value of the last user + * added by this DC, not the next available RID */ + if (*rid == 0) { + (*rid) = prev_rid + 1; + } + } + + if (*rid < prev_alloc_pool_lo || *rid > prev_alloc_pool_hi) { + ldb_asprintf_errstring(ldb, __location__ ": Bad rid chosen %u from range %u-%u", + (unsigned)*rid, (unsigned)prev_alloc_pool_lo, + (unsigned)prev_alloc_pool_hi); + talloc_free(tmp_ctx); + return LDB_ERR_OPERATIONS_ERROR; + } + + /* now modify the RID Set to use up this RID using a + * constrained delete/add if possible */ + if (prev_rid == 0) { + ret = dsdb_module_set_integer(module, rid_set_dn, "rIDNextRID", *rid); + } else { + ret = dsdb_module_constrainted_update_integer(module, rid_set_dn, "rIDNextRID", prev_rid, *rid); + } + + /* if we are half-exhausted then ask the repl task to start + * getting another one */ + if (*rid > (prev_alloc_pool_hi + prev_alloc_pool_lo)/2) { + ridalloc_poke_rid_manager(module); + } + + talloc_free(tmp_ctx); + + return ret; +} + + +/* + called by DSDB_EXTENDED_ALLOCATE_RID_POOL extended operation in samldb + */ +int ridalloc_allocate_rid_pool_fsmo(struct ldb_module *module, struct dsdb_fsmo_extended_op *exop) +{ + struct ldb_dn *ntds_dn, *server_dn, *machine_dn, *rid_set_dn; + struct ldb_dn *rid_manager_dn; + TALLOC_CTX *tmp_ctx = talloc_new(module); + int ret; + struct ldb_context *ldb = ldb_module_get_ctx(module); + uint64_t new_pool; + + ret = dsdb_module_dn_by_guid(module, tmp_ctx, &exop->destination_dsa_guid, &ntds_dn); + if (ret != LDB_SUCCESS) { + ldb_asprintf_errstring(ldb, __location__ ": Unable to find NTDS object for guid %s - %s\n", + GUID_string(tmp_ctx, &exop->destination_dsa_guid), ldb_errstring(ldb)); + talloc_free(tmp_ctx); + return ret; + } + + server_dn = ldb_dn_get_parent(tmp_ctx, ntds_dn); + if (!server_dn) { + ldb_module_oom(module); + talloc_free(tmp_ctx); + return LDB_ERR_OPERATIONS_ERROR; + } + + ret = dsdb_module_reference_dn(module, tmp_ctx, server_dn, "serverReference", &machine_dn); + if (ret != LDB_SUCCESS) { + ldb_asprintf_errstring(ldb, __location__ ": Failed to find serverReference in %s - %s", + ldb_dn_get_linearized(server_dn), ldb_errstring(ldb)); + talloc_free(tmp_ctx); + return ret; + } + + + ret = dsdb_module_rid_manager_dn(module, tmp_ctx, &rid_manager_dn); + if (ret != LDB_SUCCESS) { + ldb_asprintf_errstring(ldb, __location__ ": Failed to find RID Manager object - %s", + ldb_errstring(ldb)); + talloc_free(tmp_ctx); + return ret; + } + + ret = dsdb_module_reference_dn(module, tmp_ctx, machine_dn, "rIDSetReferences", &rid_set_dn); + if (ret == LDB_ERR_NO_SUCH_ATTRIBUTE) { + ret = ridalloc_create_rid_set_ntds(module, tmp_ctx, rid_manager_dn, ntds_dn, &rid_set_dn); + talloc_free(tmp_ctx); + return ret; + } + + if (ret != LDB_SUCCESS) { + ldb_asprintf_errstring(ldb, "Failed to find rIDSetReferences in %s - %s", + ldb_dn_get_linearized(machine_dn), ldb_errstring(ldb)); + talloc_free(tmp_ctx); + return ret; + } + + if (exop->fsmo_info != 0) { + const char *attrs[] = { "rIDAllocationPool", NULL }; + struct ldb_result *res; + uint64_t alloc_pool; + + ret = dsdb_module_search_dn(module, tmp_ctx, &res, rid_set_dn, attrs, 0); + if (ret != LDB_SUCCESS) { + ldb_asprintf_errstring(ldb, __location__ ": No RID Set %s", + ldb_dn_get_linearized(rid_set_dn)); + talloc_free(tmp_ctx); + return ret; + } + + alloc_pool = ldb_msg_find_attr_as_uint64(res->msgs[0], "rIDAllocationPool", 0); + if (alloc_pool != exop->fsmo_info) { + /* it has already been updated */ + DEBUG(2,(__location__ ": rIDAllocationPool fsmo_info mismatch - already changed (0x%llx 0x%llx)\n", + (unsigned long long)exop->fsmo_info, + (unsigned long long)alloc_pool)); + talloc_free(tmp_ctx); + return LDB_SUCCESS; + } + } + + ret = ridalloc_refresh_rid_set_ntds(module, rid_manager_dn, ntds_dn, &new_pool); + talloc_free(tmp_ctx); + return ret; +} diff --git a/source4/dsdb/samdb/ldb_modules/samba3sid.c b/source4/dsdb/samdb/ldb_modules/samba3sid.c new file mode 100644 index 0000000000..76848eb258 --- /dev/null +++ b/source4/dsdb/samdb/ldb_modules/samba3sid.c @@ -0,0 +1,197 @@ +/* + samba3sid module + + Copyright (C) Andrew Bartlett 2010 + Copyright (C) Andrew Tridgell 2010 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +/* + add objectSID to users and groups using samba3 nextRid method + */ + +#include "includes.h" +#include "libcli/ldap/ldap_ndr.h" +#include "ldb_module.h" +#include "dsdb/samdb/samdb.h" +#include "dsdb/samdb/ldb_modules/util.h" +#include "libcli/security/security.h" +#include "librpc/gen_ndr/ndr_security.h" +#include "../lib/util/util_ldb.h" +#include "ldb_wrap.h" +#include "param/param.h" + +/* + RID algorithm from pdb_ldap.c in source3/passdb/ + (loosely based on Volkers code) + */ +static int samba3sid_next_sid(struct ldb_module *module, + TALLOC_CTX *mem_ctx, char **sid) +{ + TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); + struct ldb_result *res; + const char *attrs[] = { "sambaNextRid", "sambaNextUserRid", + "sambaNextGroupRid", "sambaSID", NULL }; + int ret; + struct ldb_context *ldb = ldb_module_get_ctx(module); + int sambaNextRid, sambaNextGroupRid, sambaNextUserRid; + struct ldb_message *msg; + int rid; + const char *sambaSID; + + ret = dsdb_module_search(module, tmp_ctx, &res, NULL, LDB_SCOPE_SUBTREE, + attrs, DSDB_SEARCH_SEARCH_ALL_PARTITIONS, + "(&(objectClass=sambaDomain)(sambaDomainName=%s))", + lp_sam_name(ldb_get_opaque(ldb, "loadparm"))); + if (ret != LDB_SUCCESS) { + ldb_asprintf_errstring(ldb, + __location__ + ": Failed to find domain object - %s", + ldb_errstring(ldb)); + talloc_free(tmp_ctx); + return ret; + } + if (res->count != 1) { + ldb_asprintf_errstring(ldb, + __location__ + ": Expected exactly 1 domain object - got %u", + res->count); + talloc_free(tmp_ctx); + return LDB_ERR_OPERATIONS_ERROR; + } + msg = res->msgs[0]; + + sambaNextRid = ldb_msg_find_attr_as_uint(msg, "sambaNextRid", -1); + sambaNextUserRid = ldb_msg_find_attr_as_uint(msg, "sambaNextUserRid", -1); + sambaNextGroupRid = ldb_msg_find_attr_as_uint(msg, "sambaNextGroupRid", -1); + sambaSID = ldb_msg_find_attr_as_string(msg, "sambaSID", NULL); + + if (sambaSID == NULL) { + ldb_asprintf_errstring(ldb, + __location__ + ": No sambaSID in %s", + ldb_dn_get_linearized(msg->dn)); + talloc_free(tmp_ctx); + return LDB_ERR_OPERATIONS_ERROR; + } + + /* choose the highest of the 3 - see pdb_ldap.c for an + * explanation */ + rid = sambaNextRid; + if (sambaNextUserRid > rid) { + rid = sambaNextUserRid; + } + if (sambaNextGroupRid > rid) { + rid = sambaNextGroupRid; + } + if (rid == -1) { + ldb_asprintf_errstring(ldb, + __location__ + ": No sambaNextRid in %s", + ldb_dn_get_linearized(msg->dn)); + talloc_free(tmp_ctx); + return LDB_ERR_OPERATIONS_ERROR; + } + + /* sambaNextRid is actually the previous RID .... */ + rid += 1; + + (*sid) = talloc_asprintf(tmp_ctx, "%s-%d", sambaSID, rid); + if (!*sid) { + ldb_module_oom(module); + talloc_free(tmp_ctx); + return LDB_ERR_OPERATIONS_ERROR; + } + + ret = dsdb_module_constrainted_update_integer(module, msg->dn, + "sambaNextRid", + sambaNextRid, rid); + if (ret != LDB_SUCCESS) { + ldb_asprintf_errstring(ldb, + __location__ + ": Failed to update sambaNextRid - %s", + ldb_errstring(ldb)); + talloc_free(tmp_ctx); + return ret; + } + + talloc_steal(mem_ctx, *sid); + talloc_free(tmp_ctx); + return LDB_SUCCESS; +} + + + +/* add */ +static int samba3sid_add(struct ldb_module *module, struct ldb_request *req) +{ + struct ldb_context *ldb; + int ret; + const struct ldb_message *msg = req->op.add.message; + struct ldb_message *new_msg; + char *sid; + struct ldb_request *new_req; + + ldb = ldb_module_get_ctx(module); + + /* do not manipulate our control entries */ + if (ldb_dn_is_special(req->op.add.message->dn)) { + return ldb_next_request(module, req); + } + + if (!samdb_find_attribute(ldb, msg, "objectclass", "posixAccount") && + !samdb_find_attribute(ldb, msg, "objectclass", "posixGroup")) { + /* its not a user or a group */ + return ldb_next_request(module, req); + } + + if (ldb_msg_find_element(msg, "sambaSID")) { + /* a SID was supplied */ + return ldb_next_request(module, req); + } + + new_msg = ldb_msg_copy_shallow(req, req->op.add.message); + if (!new_msg) { + ldb_module_oom(module); + return LDB_ERR_OPERATIONS_ERROR; + } + + ret = samba3sid_next_sid(module, new_msg, &sid); + if (ret != LDB_SUCCESS) { + return ret; + } + + ret = ldb_msg_add_steal_string(new_msg, "sambaSID", sid); + if (ret != LDB_SUCCESS) { + return ret; + } + + ret = ldb_build_add_req(&new_req, ldb, req, + new_msg, + req->controls, + req, dsdb_next_callback, + req); + if (ret != LDB_SUCCESS) { + return ret; + } + + return ldb_next_request(module, new_req); +} + +_PUBLIC_ const struct ldb_module_ops ldb_samba3sid_module_ops = { + .name = "samba3sid", + .add = samba3sid_add, +}; + diff --git a/source4/dsdb/samdb/ldb_modules/samba_dsdb.c b/source4/dsdb/samdb/ldb_modules/samba_dsdb.c index a461a94806..44526128f1 100644 --- a/source4/dsdb/samdb/ldb_modules/samba_dsdb.c +++ b/source4/dsdb/samdb/ldb_modules/samba_dsdb.c @@ -138,53 +138,6 @@ static int prepare_modules_line(struct ldb_context *ldb, -/* - initialise the invocationID for a standalone server - */ -static int initialise_invocation_id(struct ldb_module *module, struct GUID *guid) -{ - struct ldb_message *msg; - struct ldb_context *ldb = ldb_module_get_ctx(module); - int ret; - - *guid = GUID_random(); - - msg = ldb_msg_new(module); - if (msg == NULL) { - ldb_module_oom(module); - return LDB_ERR_OPERATIONS_ERROR; - } - msg->dn = ldb_dn_new(msg, ldb, "@SAMBA_DSDB"); - if (!msg->dn) { - ldb_module_oom(module); - talloc_free(msg); - return LDB_ERR_OPERATIONS_ERROR; - } - ret = dsdb_msg_add_guid(msg, guid, "invocationID"); - if (ret != LDB_SUCCESS) { - ldb_module_oom(module); - talloc_free(msg); - return ret; - } - msg->elements[0].flags = LDB_FLAG_MOD_ADD; - - ret = ldb_modify(ldb, msg); - if (ret != LDB_SUCCESS) { - ldb_asprintf_errstring(ldb, "Failed to setup standalone invocationID - %s", - ldb_errstring(ldb)); - talloc_free(msg); - return ret; - } - - DEBUG(1,("Initialised standalone invocationID to %s\n", - GUID_string(msg, guid))); - - talloc_free(msg); - - return LDB_SUCCESS; -} - - static int samba_dsdb_init(struct ldb_module *module) { struct ldb_context *ldb = ldb_module_get_ctx(module); @@ -258,7 +211,7 @@ static int samba_dsdb_init(struct ldb_module *module) static const char *openldap_backend_modules[] = { "entryuuid", "paged_searches", NULL }; - static const char *samba_dsdb_attrs[] = { "backendType", "serverRole", "invocationID", NULL }; + static const char *samba_dsdb_attrs[] = { "backendType", "serverRole", NULL }; const char *backendType, *serverRole; if (!tmp_ctx) { @@ -293,34 +246,6 @@ static int samba_dsdb_init(struct ldb_module *module) return ret; } - if (strcmp(serverRole, "standalone") == 0 || - strcmp(serverRole, "member server") == 0) { - struct GUID *guid; - - guid = talloc(module, struct GUID); - if (!guid) { - ldb_module_oom(module); - return LDB_ERR_OPERATIONS_ERROR; - } - - *guid = samdb_result_guid(res->msgs[0], "invocationID"); - if (GUID_all_zero(guid)) { - ret = initialise_invocation_id(module, guid); - if (ret != LDB_SUCCESS) { - talloc_free(tmp_ctx); - return ret; - } - } - - /* cache the domain_sid in the ldb. See the matching - * code in samdb_ntds_invocation_id() */ - ret = ldb_set_opaque(ldb, "cache.invocation_id", guid); - if (ret != LDB_SUCCESS) { - talloc_free(tmp_ctx); - return ret; - } - } - backend_modules = NULL; if (strcasecmp(backendType, "ldb") == 0) { extended_dn_module = extended_dn_module_ldb; diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c index 17a99c74c7..ccf76aaef2 100644 --- a/source4/dsdb/samdb/ldb_modules/samldb.c +++ b/source4/dsdb/samdb/ldb_modules/samldb.c @@ -59,12 +59,6 @@ struct samldb_ctx { /* the resulting message */ struct ldb_message *msg; - /* used to find parent domain */ - struct ldb_dn *check_dn; - struct ldb_dn *domain_dn; - struct dom_sid *domain_sid; - uint32_t next_rid; - /* holds the entry SID */ struct dom_sid *sid; @@ -175,139 +169,6 @@ static int samldb_next_step(struct samldb_ctx *ac) } } -/* - * samldb_get_parent_domain (async) - */ - -static int samldb_get_parent_domain(struct samldb_ctx *ac); - -static int samldb_get_parent_domain_callback(struct ldb_request *req, - struct ldb_reply *ares) -{ - struct ldb_context *ldb; - struct samldb_ctx *ac; - const char *nextRid; - int ret; - - ac = talloc_get_type(req->context, struct samldb_ctx); - ldb = ldb_module_get_ctx(ac->module); - - if (!ares) { - ret = LDB_ERR_OPERATIONS_ERROR; - goto done; - } - if (ares->error != LDB_SUCCESS) { - return ldb_module_done(ac->req, ares->controls, - ares->response, ares->error); - } - - switch (ares->type) { - case LDB_REPLY_ENTRY: - /* save entry */ - if ((ac->domain_dn != NULL) || (ac->domain_sid != NULL)) { - /* one too many! */ - ldb_set_errstring(ldb, - "Invalid number of results while searching " - "for domain object!"); - ret = LDB_ERR_OPERATIONS_ERROR; - break; - } - - nextRid = ldb_msg_find_attr_as_string(ares->message, - "nextRid", NULL); - if (nextRid == NULL) { - ldb_asprintf_errstring(ldb, - "While looking for domain above %s attribute nextRid not found in %s!", - ldb_dn_get_linearized( - ac->req->op.add.message->dn), - ldb_dn_get_linearized(ares->message->dn)); - ret = LDB_ERR_OPERATIONS_ERROR; - break; - } - - ac->next_rid = strtol(nextRid, NULL, 0); - - ac->domain_sid = samdb_result_dom_sid(ac, ares->message, - "objectSid"); - if (ac->domain_sid == NULL) { - ldb_set_errstring(ldb, - "Unable to get the parent domain SID!"); - ret = LDB_ERR_CONSTRAINT_VIOLATION; - break; - } - ac->domain_dn = ldb_dn_copy(ac, ares->message->dn); - - talloc_free(ares); - ret = LDB_SUCCESS; - break; - - case LDB_REPLY_REFERRAL: - /* ignore */ - talloc_free(ares); - ret = LDB_SUCCESS; - break; - - case LDB_REPLY_DONE: - talloc_free(ares); - if ((ac->domain_dn == NULL) || (ac->domain_sid == NULL)) { - /* not found -> retry */ - ret = samldb_get_parent_domain(ac); - } else { - /* found, go on */ - ret = samldb_next_step(ac); - } - break; - } - -done: - if (ret != LDB_SUCCESS) { - return ldb_module_done(ac->req, NULL, NULL, ret); - } - - return LDB_SUCCESS; -} - -/* Find a domain object in the parents of a particular DN. */ -static int samldb_get_parent_domain(struct samldb_ctx *ac) -{ - struct ldb_context *ldb; - static const char * const attrs[] = { "objectSid", "nextRid", NULL }; - struct ldb_request *req; - struct ldb_dn *dn; - int ret; - - ldb = ldb_module_get_ctx(ac->module); - - if (ac->check_dn == NULL) { - return LDB_ERR_OPERATIONS_ERROR; - } - - dn = ldb_dn_get_parent(ac, ac->check_dn); - if (dn == NULL) { - ldb_set_errstring(ldb, - "Unable to find parent domain object!"); - return LDB_ERR_CONSTRAINT_VIOLATION; - } - - ac->check_dn = dn; - - ret = ldb_build_search_req(&req, ldb, ac, - dn, LDB_SCOPE_BASE, - "(|(objectClass=domain)" - "(objectClass=builtinDomain))", - attrs, - NULL, - ac, samldb_get_parent_domain_callback, - ac->req); - - if (ret != LDB_SUCCESS) { - return ret; - } - - return ldb_next_request(ac->module, req); -} - - static int samldb_generate_samAccountName(struct ldb_message *msg) { char *name; @@ -395,7 +256,7 @@ static int samldb_check_samAccountName(struct samldb_ctx *ac) } ret = ldb_build_search_req(&req, ldb, ac, - ac->domain_dn, LDB_SCOPE_SUBTREE, + samdb_base_dn(ldb), LDB_SCOPE_SUBTREE, filter, NULL, NULL, ac, samldb_check_samAccountName_callback, @@ -464,134 +325,45 @@ static int samldb_check_samAccountType(struct samldb_ctx *ac) return samldb_next_step(ac); } - -/* - * samldb_get_sid_domain (async) - */ - -static int samldb_get_sid_domain_callback(struct ldb_request *req, - struct ldb_reply *ares) +static bool samldb_msg_add_sid(struct ldb_message *msg, + const char *name, + const struct dom_sid *sid) { - struct ldb_context *ldb; - struct samldb_ctx *ac; - const char *nextRid; - int ret; - - ac = talloc_get_type(req->context, struct samldb_ctx); - ldb = ldb_module_get_ctx(ac->module); - - if (!ares) { - ret = LDB_ERR_OPERATIONS_ERROR; - goto done; - } - if (ares->error != LDB_SUCCESS) { - return ldb_module_done(ac->req, ares->controls, - ares->response, ares->error); - } - - switch (ares->type) { - case LDB_REPLY_ENTRY: - /* save entry */ - if (ac->next_rid != 0) { - /* one too many! */ - ldb_set_errstring(ldb, - "Invalid number of results while searching " - "for domain object!"); - ret = LDB_ERR_OPERATIONS_ERROR; - break; - } - - nextRid = ldb_msg_find_attr_as_string(ares->message, - "nextRid", NULL); - if (nextRid == NULL) { - ldb_asprintf_errstring(ldb, - "Attribute nextRid not found in %s!", - ldb_dn_get_linearized(ares->message->dn)); - ret = LDB_ERR_OPERATIONS_ERROR; - break; - } - - ac->next_rid = strtol(nextRid, NULL, 0); - - ac->domain_dn = ldb_dn_copy(ac, ares->message->dn); - - talloc_free(ares); - ret = LDB_SUCCESS; - break; - - case LDB_REPLY_REFERRAL: - /* ignore */ - talloc_free(ares); - ret = LDB_SUCCESS; - break; - - case LDB_REPLY_DONE: - talloc_free(ares); - if (ac->next_rid == 0) { - ldb_asprintf_errstring(ldb, - "Unable to get nextRid from domain entry!"); - ret = LDB_ERR_OPERATIONS_ERROR; - break; - } - - /* found, go on */ - ret = samldb_next_step(ac); - break; - } + struct ldb_val v; + enum ndr_err_code ndr_err; -done: - if (ret != LDB_SUCCESS) { - return ldb_module_done(ac->req, NULL, NULL, ret); + ndr_err = ndr_push_struct_blob(&v, msg, NULL, sid, + (ndr_push_flags_fn_t)ndr_push_dom_sid); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + return false; } - - return LDB_SUCCESS; + return (ldb_msg_add_value(msg, name, &v, NULL) == 0); } -/* Find a domain object in the parents of a particular DN. */ -static int samldb_get_sid_domain(struct samldb_ctx *ac) + +/* allocate a SID using our RID Set */ +static int samldb_allocate_sid(struct samldb_ctx *ac) { - struct ldb_context *ldb; - static const char * const attrs[] = { "nextRid", NULL }; - struct ldb_request *req; - char *filter; + uint32_t rid; int ret; + struct ldb_context *ldb = ldb_module_get_ctx(ac->module); - ldb = ldb_module_get_ctx(ac->module); - - if (ac->sid == NULL) { - return LDB_ERR_OPERATIONS_ERROR; + ret = ridalloc_allocate_rid(ac->module, &rid); + if (ret != LDB_SUCCESS) { + return ret; } - ac->domain_sid = dom_sid_dup(ac, ac->sid); - if (!ac->domain_sid) { + ac->sid = dom_sid_add_rid(ac, samdb_domain_sid(ldb), rid); + if (ac->sid == NULL) { + ldb_module_oom(ac->module); return LDB_ERR_OPERATIONS_ERROR; } - /* get the domain component part of the provided SID */ - ac->domain_sid->num_auths--; - filter = talloc_asprintf(ac, - "(&(objectSid=%s)" - "(|(objectClass=domain)" - "(objectClass=builtinDomain)))", - ldap_encode_ndr_dom_sid(ac, ac->domain_sid)); - if (filter == NULL) { + if ( ! samldb_msg_add_sid(ac->msg, "objectSid", ac->sid)) { return LDB_ERR_OPERATIONS_ERROR; } - ret = ldb_build_search_req(&req, ldb, ac, - ldb_get_default_basedn(ldb), - LDB_SCOPE_SUBTREE, - filter, attrs, - NULL, - ac, samldb_get_sid_domain_callback, - ac->req); - - if (ret != LDB_SUCCESS) { - return ret; - } - - ac->next_rid = 0; - return ldb_next_request(ac->module, req); + return samldb_next_step(ac); } /* @@ -722,161 +494,6 @@ static int samldb_check_primaryGroupID_2(struct samldb_ctx *ac) } -static bool samldb_msg_add_sid(struct ldb_message *msg, - const char *name, - const struct dom_sid *sid) -{ - struct ldb_val v; - enum ndr_err_code ndr_err; - - ndr_err = ndr_push_struct_blob(&v, msg, NULL, sid, - (ndr_push_flags_fn_t)ndr_push_dom_sid); - if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { - return false; - } - return (ldb_msg_add_value(msg, name, &v, NULL) == 0); -} - -static int samldb_new_sid(struct samldb_ctx *ac) -{ - - if (ac->domain_sid == NULL || ac->next_rid == 0) { - return LDB_ERR_OPERATIONS_ERROR; - } - - ac->sid = dom_sid_add_rid(ac, ac->domain_sid, ac->next_rid + 1); - if (ac->sid == NULL) { - return LDB_ERR_OPERATIONS_ERROR; - } - - if ( ! samldb_msg_add_sid(ac->msg, "objectSid", ac->sid)) { - return LDB_ERR_OPERATIONS_ERROR; - } - - return samldb_next_step(ac); -} - -/* - * samldb_notice_sid_callback (async) - */ - -static int samldb_notice_sid_callback(struct ldb_request *req, - struct ldb_reply *ares) -{ - struct ldb_context *ldb; - struct samldb_ctx *ac; - int ret; - - ac = talloc_get_type(req->context, struct samldb_ctx); - ldb = ldb_module_get_ctx(ac->module); - - if (!ares) { - ret = LDB_ERR_OPERATIONS_ERROR; - goto done; - } - if (ares->error != LDB_SUCCESS) { - return ldb_module_done(ac->req, ares->controls, - ares->response, ares->error); - } - if (ares->type != LDB_REPLY_DONE) { - ldb_set_errstring(ldb, - "Invalid reply type!"); - ret = LDB_ERR_OPERATIONS_ERROR; - goto done; - } - - ret = samldb_next_step(ac); - -done: - if (ret != LDB_SUCCESS) { - return ldb_module_done(ac->req, NULL, NULL, ret); - } - - return LDB_SUCCESS; -} - -/* If we are adding new users/groups, we need to update the nextRid - * attribute to be 'above' the new/incoming RID. Attempt to do it - * atomically. */ -static int samldb_notice_sid(struct samldb_ctx *ac) -{ - struct ldb_context *ldb; - uint32_t old_id, new_id; - struct ldb_request *req; - struct ldb_message *msg; - struct ldb_message_element *els; - struct ldb_val *vals; - int ret; - - ldb = ldb_module_get_ctx(ac->module); - old_id = ac->next_rid; - new_id = ac->sid->sub_auths[ac->sid->num_auths - 1]; - - if (old_id >= new_id) { - /* no need to update the domain nextRid attribute */ - return samldb_next_step(ac); - } - - /* we do a delete and add as a single operation. That prevents - a race, in case we are not actually on a transaction db */ - msg = ldb_msg_new(ac); - if (msg == NULL) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; - } - els = talloc_array(msg, struct ldb_message_element, 2); - if (els == NULL) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; - } - vals = talloc_array(msg, struct ldb_val, 2); - if (vals == NULL) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; - } - msg->dn = ac->domain_dn; - msg->num_elements = 2; - msg->elements = els; - - els[0].num_values = 1; - els[0].values = &vals[0]; - els[0].flags = LDB_FLAG_MOD_DELETE; - els[0].name = talloc_strdup(msg, "nextRid"); - if (!els[0].name) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; - } - - els[1].num_values = 1; - els[1].values = &vals[1]; - els[1].flags = LDB_FLAG_MOD_ADD; - els[1].name = els[0].name; - - vals[0].data = (uint8_t *)talloc_asprintf(vals, "%u", old_id); - if (!vals[0].data) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; - } - vals[0].length = strlen((char *)vals[0].data); - - vals[1].data = (uint8_t *)talloc_asprintf(vals, "%u", new_id); - if (!vals[1].data) { - ldb_oom(ldb); - return LDB_ERR_OPERATIONS_ERROR; - } - vals[1].length = strlen((char *)vals[1].data); - - ret = ldb_build_mod_req(&req, ldb, ac, - msg, NULL, - ac, samldb_notice_sid_callback, - ac->req); - if (ret != LDB_SUCCESS) { - return ret; - } - - return ldb_next_request(ac->module, req); -} - /* * samldb_set_defaultObjectCategory_callback (async) */ @@ -1142,11 +759,6 @@ static int samldb_fill_object(struct samldb_ctx *ac, const char *type) ldb = ldb_module_get_ctx(ac->module); - /* search for a parent domain objet */ - ac->check_dn = ac->req->op.add.message->dn; - ret = samldb_add_step(ac, samldb_get_parent_domain); - if (ret != LDB_SUCCESS) return ret; - /* Add informations for the different account types */ ac->type = type; if (strcmp(ac->type, "user") == 0) { @@ -1174,9 +786,11 @@ static int samldb_fill_object(struct samldb_ctx *ac, const char *type) ret = samdb_find_or_add_attribute(ldb, ac->msg, "pwdLastSet", "0"); if (ret != LDB_SUCCESS) return ret; - ret = samdb_find_or_add_attribute(ldb, ac->msg, - "primaryGroupID", "513"); - if (ret != LDB_SUCCESS) return ret; + if (!ldb_msg_find_element(ac->msg, "primaryGroupID")) { + ret = samdb_msg_add_uint(ldb, ac->msg, ac->msg, + "primaryGroupID", DOMAIN_RID_USERS); + if (ret != LDB_SUCCESS) return ret; + } ret = samdb_find_or_add_attribute(ldb, ac->msg, "accountExpires", "9223372036854775807"); if (ret != LDB_SUCCESS) return ret; @@ -1287,20 +901,21 @@ static int samldb_fill_object(struct samldb_ctx *ac, const char *type) lp_ctx = talloc_get_type(ldb_get_opaque(ldb, "loadparm"), struct loadparm_context); - sid_generator = lp_sid_generator(lp_ctx); - if (sid_generator == SID_GENERATOR_INTERNAL) { - /* check if we have a valid SID */ - ac->sid = samdb_result_dom_sid(ac, ac->msg, "objectSid"); - if ( ! ac->sid) { - ret = samldb_add_step(ac, samldb_new_sid); - if (ret != LDB_SUCCESS) return ret; - } else { - ret = samldb_add_step(ac, samldb_get_sid_domain); + /* don't allow objectSID to be specified without the RELAX control */ + ac->sid = samdb_result_dom_sid(ac, ac->msg, "objectSid"); + if (ac->sid && !ldb_request_get_control(ac->req, LDB_CONTROL_RELAX_OID) && + !dsdb_module_am_system(ac->module)) { + ldb_asprintf_errstring(ldb, "No SID may be specified in user/group creation for %s", + ldb_dn_get_linearized(ac->msg->dn)); + return LDB_ERR_UNWILLING_TO_PERFORM; + } + + if ( ! ac->sid) { + sid_generator = lp_sid_generator(lp_ctx); + if (sid_generator == SID_GENERATOR_INTERNAL) { + ret = samldb_add_step(ac, samldb_allocate_sid); if (ret != LDB_SUCCESS) return ret; } - - ret = samldb_add_step(ac, samldb_notice_sid); - if (ret != LDB_SUCCESS) return ret; } /* finally proceed with adding the entry */ @@ -1310,144 +925,6 @@ static int samldb_fill_object(struct samldb_ctx *ac, const char *type) return samldb_first_step(ac); } -/* - * samldb_foreign_notice_sid (async) - */ - -static int samldb_foreign_notice_sid_callback(struct ldb_request *req, - struct ldb_reply *ares) -{ - struct ldb_context *ldb; - struct samldb_ctx *ac; - const char *nextRid; - const char *name; - int ret; - - ac = talloc_get_type(req->context, struct samldb_ctx); - ldb = ldb_module_get_ctx(ac->module); - - if (!ares) { - ret = LDB_ERR_OPERATIONS_ERROR; - goto done; - } - if (ares->error != LDB_SUCCESS) { - return ldb_module_done(ac->req, ares->controls, - ares->response, ares->error); - } - - switch (ares->type) { - case LDB_REPLY_ENTRY: - /* save entry */ - if (ac->next_rid != 0) { - /* one too many! */ - ldb_set_errstring(ldb, - "Invalid number of results while searching " - "for domain object!"); - ret = LDB_ERR_OPERATIONS_ERROR; - break; - } - - nextRid = ldb_msg_find_attr_as_string(ares->message, - "nextRid", NULL); - if (nextRid == NULL) { - ldb_asprintf_errstring(ldb, - "While looking for foreign SID %s attribute nextRid not found in %s", - dom_sid_string(ares, ac->sid), - ldb_dn_get_linearized(ares->message->dn)); - ret = LDB_ERR_OPERATIONS_ERROR; - break; - } - - ac->next_rid = strtol(nextRid, NULL, 0); - - ac->domain_dn = ldb_dn_copy(ac, ares->message->dn); - - name = samdb_result_string(ares->message, "name", NULL); - ldb_debug(ldb, LDB_DEBUG_TRACE, - "NOTE (strange but valid): Adding foreign SID " - "record with SID %s, but this domain (%s) is " - "not foreign in the database\n", - dom_sid_string(ares, ac->sid), name); - - talloc_free(ares); - ret = LDB_SUCCESS; - break; - - case LDB_REPLY_REFERRAL: - /* ignore */ - talloc_free(ares); - ret = LDB_SUCCESS; - break; - - case LDB_REPLY_DONE: - talloc_free(ares); - - /* if this is a fake foreign SID, notice the SID */ - if (ac->domain_dn) { - ret = samldb_notice_sid(ac); - break; - } - - /* found, go on */ - ret = samldb_next_step(ac); - break; - } - -done: - if (ret != LDB_SUCCESS) { - return ldb_module_done(ac->req, NULL, NULL, ret); - } - - return LDB_SUCCESS; -} - -/* Find a domain object in the parents of a particular DN. */ -static int samldb_foreign_notice_sid(struct samldb_ctx *ac) -{ - struct ldb_context *ldb; - static const char * const attrs[3] = { "nextRid", "name", NULL }; - struct ldb_request *req; - NTSTATUS status; - char *filter; - int ret; - - ldb = ldb_module_get_ctx(ac->module); - - if (ac->sid == NULL) { - return LDB_ERR_OPERATIONS_ERROR; - } - - status = dom_sid_split_rid(ac, ac->sid, &ac->domain_sid, NULL); - if (!NT_STATUS_IS_OK(status)) { - return LDB_ERR_OPERATIONS_ERROR; - } - - - filter = talloc_asprintf(ac, - "(&(objectSid=%s)" - "(|(objectClass=domain)" - "(objectClass=builtinDomain)))", - ldap_encode_ndr_dom_sid(ac, ac->domain_sid)); - if (filter == NULL) { - return LDB_ERR_OPERATIONS_ERROR; - } - - ret = ldb_build_search_req(&req, ldb, ac, - ldb_get_default_basedn(ldb), - LDB_SCOPE_SUBTREE, - filter, attrs, - NULL, - ac, samldb_foreign_notice_sid_callback, - ac->req); - - if (ret != LDB_SUCCESS) { - return ret; - } - - return ldb_next_request(ac->module, req); -} - - static int samldb_fill_foreignSecurityPrincipal_object(struct samldb_ctx *ac) { struct ldb_context *ldb; @@ -1455,8 +932,6 @@ static int samldb_fill_foreignSecurityPrincipal_object(struct samldb_ctx *ac) ldb = ldb_module_get_ctx(ac->module); - ac->next_rid = 0; - ac->sid = samdb_result_dom_sid(ac->msg, ac->msg, "objectSid"); if (ac->sid == NULL) { ac->sid = dom_sid_parse_talloc(ac->msg, @@ -1474,10 +949,6 @@ static int samldb_fill_foreignSecurityPrincipal_object(struct samldb_ctx *ac) } } - /* check if we need to notice this SID */ - ret = samldb_add_step(ac, samldb_foreign_notice_sid); - if (ret != LDB_SUCCESS) return ret; - /* finally proceed with adding the entry */ ret = samldb_add_step(ac, samldb_add_entry); if (ret != LDB_SUCCESS) return ret; @@ -2313,6 +1784,20 @@ static int samldb_modify(struct ldb_module *module, struct ldb_request *req) el2->flags = LDB_FLAG_MOD_REPLACE; } + el = ldb_msg_find_element(req->op.mod.message, "primaryGroupID"); + if (el && el->flags & (LDB_FLAG_MOD_ADD|LDB_FLAG_MOD_REPLACE) && el->num_values == 1) { + struct samldb_ctx *ac; + + ac = samldb_ctx_init(module, req); + if (ac == NULL) + return LDB_ERR_OPERATIONS_ERROR; + + req->op.mod.message = ac->msg = ldb_msg_copy_shallow(req, + req->op.mod.message); + + return samldb_prim_group_change(ac); + } + el = ldb_msg_find_element(req->op.mod.message, "userAccountControl"); if (el && el->flags & (LDB_FLAG_MOD_ADD|LDB_FLAG_MOD_REPLACE) && el->num_values == 1) { uint32_t user_account_control; @@ -2340,21 +1825,18 @@ static int samldb_modify(struct ldb_module *module, struct ldb_request *req) } el2 = ldb_msg_find_element(msg, "isCriticalSystemObject"); el2->flags = LDB_FLAG_MOD_REPLACE; - } - } - - el = ldb_msg_find_element(req->op.mod.message, "primaryGroupID"); - if (el && el->flags & (LDB_FLAG_MOD_ADD|LDB_FLAG_MOD_REPLACE) && el->num_values == 1) { - struct samldb_ctx *ac; - ac = samldb_ctx_init(module, req); - if (ac == NULL) - return LDB_ERR_OPERATIONS_ERROR; - - req->op.mod.message = ac->msg = ldb_msg_copy_shallow(req, - req->op.mod.message); - - return samldb_prim_group_change(ac); + /* DCs have primaryGroupID of DOMAIN_RID_DCS */ + if (!ldb_msg_find_element(msg, "primaryGroupID")) { + ret = samdb_msg_add_uint(ldb, msg, msg, + "primaryGroupID", DOMAIN_RID_DCS); + if (ret != LDB_SUCCESS) { + return ret; + } + el2 = ldb_msg_find_element(msg, "primaryGroupID"); + el2->flags = LDB_FLAG_MOD_REPLACE; + } + } } el = ldb_msg_find_element(req->op.mod.message, "member"); @@ -2392,17 +1874,41 @@ static int samldb_delete(struct ldb_module *module, struct ldb_request *req) return samldb_prim_group_users_check(ac); } +static int samldb_extended_allocate_rid_pool(struct ldb_module *module, struct ldb_request *req) +{ + struct ldb_context *ldb = ldb_module_get_ctx(module); + struct dsdb_fsmo_extended_op *exop; + int ret; + + exop = talloc_get_type(req->op.extended.data, struct dsdb_fsmo_extended_op); + if (!exop) { + ldb_debug(ldb, LDB_DEBUG_FATAL, "samldb_extended_allocate_rid_pool: invalid extended data\n"); + return LDB_ERR_PROTOCOL_ERROR; + } + + ret = ridalloc_allocate_rid_pool_fsmo(module, exop); + if (ret != LDB_SUCCESS) { + return ret; + } + + return ldb_module_done(req, NULL, NULL, LDB_SUCCESS); +} -static int samldb_init(struct ldb_module *module) +static int samldb_extended(struct ldb_module *module, struct ldb_request *req) { - return ldb_next_init(module); + if (strcmp(req->op.extended.oid, DSDB_EXTENDED_ALLOCATE_RID_POOL) == 0) { + return samldb_extended_allocate_rid_pool(module, req); + } + + return ldb_next_request(module, req); } + _PUBLIC_ const struct ldb_module_ops ldb_samldb_module_ops = { .name = "samldb", - .init_context = samldb_init, .add = samldb_add, .modify = samldb_modify, - .del = samldb_delete + .del = samldb_delete, + .extended = samldb_extended }; diff --git a/source4/dsdb/samdb/ldb_modules/schema_data.c b/source4/dsdb/samdb/ldb_modules/schema_data.c index 2e99113953..8125a46cbb 100644 --- a/source4/dsdb/samdb/ldb_modules/schema_data.c +++ b/source4/dsdb/samdb/ldb_modules/schema_data.c @@ -290,6 +290,11 @@ static int schema_data_add(struct ldb_module *module, struct ldb_request *req) } } + /* bypass further processing if CONTROL_RELAX is set */ + if (ldb_request_get_control(req, LDB_CONTROL_RELAX_OID)) { + return ldb_next_request(module, req); + } + /* generate and add msDS-IntId attr value */ if (attributeID && (dsdb_functional_level(ldb) >= DS_DOMAIN_FUNCTION_2003) diff --git a/source4/dsdb/samdb/ldb_modules/schema_load.c b/source4/dsdb/samdb/ldb_modules/schema_load.c index c72911fe89..6c11df21ce 100644 --- a/source4/dsdb/samdb/ldb_modules/schema_load.c +++ b/source4/dsdb/samdb/ldb_modules/schema_load.c @@ -181,8 +181,8 @@ static int schema_load_init(struct ldb_module *module) ret = dsdb_set_schema(ldb, schema); if (ret != LDB_SUCCESS) { ldb_debug_set(ldb, LDB_DEBUG_FATAL, - "schema_load_init: dsdb_set_schema() failed: %d:%s", - ret, ldb_strerror(ret)); + "schema_load_init: dsdb_set_schema() failed: %d:%s: %s", + ret, ldb_strerror(ret), ldb_errstring(ldb)); talloc_free(mem_ctx); return ret; } @@ -240,8 +240,8 @@ static int schema_load_extended(struct ldb_module *module, struct ldb_request *r ret = dsdb_set_schema(ldb, schema); if (ret != LDB_SUCCESS) { ldb_debug_set(ldb, LDB_DEBUG_FATAL, - "schema_load_extended: dsdb_set_schema() failed: %d:%s", - ret, ldb_strerror(ret)); + "schema_load_extended: dsdb_set_schema() failed: %d:%s: %s", + ret, ldb_strerror(ret), ldb_errstring(ldb)); talloc_free(mem_ctx); return ret; } diff --git a/source4/dsdb/samdb/ldb_modules/show_deleted.c b/source4/dsdb/samdb/ldb_modules/show_deleted.c index 666d28053c..93463ae95f 100644 --- a/source4/dsdb/samdb/ldb_modules/show_deleted.c +++ b/source4/dsdb/samdb/ldb_modules/show_deleted.c @@ -32,7 +32,7 @@ #include "includes.h" #include "ldb/include/ldb_module.h" #include "dsdb/samdb/samdb.h" - +#include "dsdb/samdb/ldb_modules/util.h" static int show_deleted_search(struct ldb_module *module, struct ldb_request *req) { @@ -83,7 +83,7 @@ static int show_deleted_search(struct ldb_module *module, struct ldb_request *re new_tree, req->op.search.attrs, req->controls, - req->context, req->callback, + req, dsdb_next_callback, req); if (ret != LDB_SUCCESS) { return ret; diff --git a/source4/dsdb/samdb/ldb_modules/tests/samba3sam.py b/source4/dsdb/samdb/ldb_modules/tests/samba3sam.py index 2478043eb4..cc1a86ed4a 100644 --- a/source4/dsdb/samdb/ldb_modules/tests/samba3sam.py +++ b/source4/dsdb/samdb/ldb_modules/tests/samba3sam.py @@ -29,6 +29,8 @@ from samba import Ldb, substitute_var from samba.tests import LdbTestCase, TestCaseInTempDir, cmdline_loadparm import samba.dcerpc.security import samba.ndr +from samba.auth import system_session +from samba import param datadir = os.path.join(os.path.dirname(__file__), "../../../../../testdata/samba3") @@ -49,7 +51,7 @@ class MapBaseTestCase(TestCaseInTempDir): "@TO": "sambaDomainName=TESTS," + s3.basedn}) ldb.add({"dn": "@MODULES", - "@LIST": "rootdse,paged_results,server_sort,asq,samldb,password_hash,operational,objectguid,rdn_name,samba3sam,partition"}) + "@LIST": "rootdse,paged_results,server_sort,asq,samldb,password_hash,operational,objectguid,rdn_name,samba3sam,samba3sid,partition"}) ldb.add({"dn": "@PARTITION", "partition": ["%s" % (s4.basedn_casefold), @@ -58,6 +60,9 @@ class MapBaseTestCase(TestCaseInTempDir): "modules": "*:"}) def setUp(self): + cmdline_loadparm.set("sid generator", "backend") + cmdline_loadparm.set("workgroup", "TESTS") + cmdline_loadparm.set("netbios name", "TESTS") super(MapBaseTestCase, self).setUp() def make_dn(basedn, rdn): @@ -75,7 +80,7 @@ class MapBaseTestCase(TestCaseInTempDir): """Simple helper class that contains data for a specific SAM connection.""" def __init__(self, basedn, dn): - self.db = Ldb(lp=cmdline_loadparm) + self.db = Ldb(lp=cmdline_loadparm, session_info=system_session()) self.basedn = basedn self.basedn_casefold = ldb.Dn(self.db, basedn).get_casefold() self.substvars = {"BASEDN": self.basedn} @@ -124,13 +129,13 @@ class Samba3SamTestCase(MapBaseTestCase): def setUp(self): super(Samba3SamTestCase, self).setUp() - ldb = Ldb(self.ldburl, lp=cmdline_loadparm) + ldb = Ldb(self.ldburl, lp=cmdline_loadparm, session_info=system_session()) self.samba3.setup_data("samba3.ldif") ldif = read_datafile("provision_samba3sam.ldif") ldb.add_ldif(self.samba4.subst(ldif)) self.setup_modules(ldb, self.samba3, self.samba4) del ldb - self.ldb = Ldb(self.ldburl, lp=cmdline_loadparm) + self.ldb = Ldb(self.ldburl, lp=cmdline_loadparm, session_info=system_session()) def test_search_non_mapped(self): """Looking up by non-mapped attribute""" @@ -291,12 +296,12 @@ class MapTestCase(MapBaseTestCase): def setUp(self): super(MapTestCase, self).setUp() - ldb = Ldb(self.ldburl, lp=cmdline_loadparm) + ldb = Ldb(self.ldburl, lp=cmdline_loadparm, session_info=system_session()) ldif = read_datafile("provision_samba3sam.ldif") ldb.add_ldif(self.samba4.subst(ldif)) self.setup_modules(ldb, self.samba3, self.samba4) del ldb - self.ldb = Ldb(self.ldburl, lp=cmdline_loadparm) + self.ldb = Ldb(self.ldburl, lp=cmdline_loadparm, session_info=system_session()) def test_map_search(self): """Running search tests on mapped data.""" diff --git a/source4/dsdb/samdb/ldb_modules/util.c b/source4/dsdb/samdb/ldb_modules/util.c index 32b79a6701..46252cb279 100644 --- a/source4/dsdb/samdb/ldb_modules/util.c +++ b/source4/dsdb/samdb/ldb_modules/util.c @@ -26,6 +26,7 @@ #include "dsdb/samdb/ldb_modules/util.h" #include "dsdb/samdb/samdb.h" #include "util.h" +#include "libcli/security/security.h" /* add a set of controls to a ldb_request structure based on a set of @@ -214,6 +215,8 @@ int dsdb_module_search(struct ldb_module *module, if (dsdb_flags & DSDB_FLAG_OWN_MODULE) { const struct ldb_module_ops *ops = ldb_module_get_ops(module); ret = ops->search(module, req); + } else if (dsdb_flags & DSDB_FLAG_TOP_MODULE) { + ret = ldb_request(ldb_module_get_ctx(module), req); } else { ret = ldb_next_request(module, req); } @@ -332,6 +335,8 @@ int dsdb_module_modify(struct ldb_module *module, if (dsdb_flags & DSDB_FLAG_OWN_MODULE) { const struct ldb_module_ops *ops = ldb_module_get_ops(module); ret = ops->modify(module, mod_req); + } else if (dsdb_flags & DSDB_FLAG_TOP_MODULE) { + ret = ldb_request(ldb_module_get_ctx(module), mod_req); } else { ret = ldb_next_request(module, mod_req); } @@ -380,6 +385,8 @@ int dsdb_module_rename(struct ldb_module *module, if (dsdb_flags & DSDB_FLAG_OWN_MODULE) { const struct ldb_module_ops *ops = ldb_module_get_ops(module); ret = ops->rename(module, req); + } else if (dsdb_flags & DSDB_FLAG_TOP_MODULE) { + ret = ldb_request(ldb_module_get_ctx(module), req); } else { ret = ldb_next_request(module, req); } @@ -391,6 +398,54 @@ int dsdb_module_rename(struct ldb_module *module, return ret; } +/* + a ldb_add request operating on modules below the + current module + */ +int dsdb_module_add(struct ldb_module *module, + const struct ldb_message *message, + uint32_t dsdb_flags) +{ + struct ldb_request *req; + int ret; + struct ldb_context *ldb = ldb_module_get_ctx(module); + TALLOC_CTX *tmp_ctx = talloc_new(module); + + ret = ldb_build_add_req(&req, ldb, tmp_ctx, + message, + NULL, + NULL, + ldb_op_default_callback, + NULL); + if (ret != LDB_SUCCESS) { + talloc_free(tmp_ctx); + return ret; + } + + ret = dsdb_request_add_controls(module, req, dsdb_flags); + if (ret != LDB_SUCCESS) { + talloc_free(tmp_ctx); + return ret; + } + + /* Run the new request */ + if (dsdb_flags & DSDB_FLAG_OWN_MODULE) { + const struct ldb_module_ops *ops = ldb_module_get_ops(module); + ret = ops->add(module, req); + } else if (dsdb_flags & DSDB_FLAG_TOP_MODULE) { + ret = ldb_request(ldb_module_get_ctx(module), req); + } else { + ret = ldb_next_request(module, req); + } + if (ret == LDB_SUCCESS) { + ret = ldb_wait(req->handle, LDB_WAIT_ALL); + } + + talloc_free(tmp_ctx); + return ret; +} + + const struct dsdb_class * get_last_structural_class(const struct dsdb_schema *schema,const struct ldb_message_element *element) { const struct dsdb_class *last_class = NULL; @@ -446,3 +501,140 @@ int dsdb_check_single_valued_link(const struct dsdb_attribute *attr, return LDB_SUCCESS; } + + +/* + find a 'reference' DN that points at another object + (eg. serverReference, rIDManagerReference etc) + */ +int dsdb_module_reference_dn(struct ldb_module *module, TALLOC_CTX *mem_ctx, struct ldb_dn *base, + const char *attribute, struct ldb_dn **dn) +{ + const char *attrs[2]; + struct ldb_result *res; + int ret; + + attrs[0] = attribute; + attrs[1] = NULL; + + ret = dsdb_module_search_dn(module, mem_ctx, &res, base, attrs, 0); + if (ret != LDB_SUCCESS) { + return ret; + } + + *dn = ldb_msg_find_attr_as_dn(ldb_module_get_ctx(module), + mem_ctx, res->msgs[0], attribute); + if (!*dn) { + talloc_free(res); + return LDB_ERR_NO_SUCH_ATTRIBUTE; + } + + talloc_free(res); + return LDB_SUCCESS; +} + +/* + find the RID Manager$ DN via the rIDManagerReference attribute in the + base DN + */ +int dsdb_module_rid_manager_dn(struct ldb_module *module, TALLOC_CTX *mem_ctx, struct ldb_dn **dn) +{ + return dsdb_module_reference_dn(module, mem_ctx, + samdb_base_dn(ldb_module_get_ctx(module)), + "rIDManagerReference", dn); +} + + +/* + update an integer attribute safely via a constrained delete/add + */ +int dsdb_module_constrainted_update_integer(struct ldb_module *module, struct ldb_dn *dn, + const char *attr, uint64_t old_val, uint64_t new_val) +{ + struct ldb_message *msg; + struct ldb_message_element *el; + struct ldb_val v1, v2; + int ret; + char *vstring; + + msg = ldb_msg_new(module); + msg->dn = dn; + + ret = ldb_msg_add_empty(msg, attr, LDB_FLAG_MOD_DELETE, &el); + if (ret != LDB_SUCCESS) { + talloc_free(msg); + return ret; + } + el->num_values = 1; + el->values = &v1; + vstring = talloc_asprintf(msg, "%llu", (unsigned long long)old_val); + if (!vstring) { + ldb_module_oom(module); + talloc_free(msg); + return LDB_ERR_OPERATIONS_ERROR; + } + v1 = data_blob_string_const(vstring); + + ret = ldb_msg_add_empty(msg, attr, LDB_FLAG_MOD_ADD, &el); + if (ret != LDB_SUCCESS) { + talloc_free(msg); + return ret; + } + el->num_values = 1; + el->values = &v2; + vstring = talloc_asprintf(msg, "%llu", (unsigned long long)new_val); + if (!vstring) { + ldb_module_oom(module); + talloc_free(msg); + return LDB_ERR_OPERATIONS_ERROR; + } + v2 = data_blob_string_const(vstring); + + ret = dsdb_module_modify(module, msg, 0); + talloc_free(msg); + return ret; +} + +/* + used to chain to the callers callback + */ +int dsdb_next_callback(struct ldb_request *req, struct ldb_reply *ares) +{ + struct ldb_request *up_req = talloc_get_type(req->context, struct ldb_request); + + talloc_steal(up_req, req); + return up_req->callback(up_req, ares); +} + + +/* + set an integer attribute + */ +int dsdb_module_set_integer(struct ldb_module *module, struct ldb_dn *dn, + const char *attr, uint64_t new_val) +{ + struct ldb_message *msg; + int ret; + + msg = ldb_msg_new(module); + msg->dn = dn; + + ret = ldb_msg_add_fmt(msg, attr, "%llu", (unsigned long long)new_val); + if (ret != LDB_SUCCESS) { + talloc_free(msg); + return ret; + } + msg->elements[0].flags = LDB_FLAG_MOD_REPLACE; + + ret = dsdb_module_modify(module, msg, 0); + talloc_free(msg); + return ret; +} + +bool dsdb_module_am_system(struct ldb_module *module) +{ + struct ldb_context *ldb = ldb_module_get_ctx(module); + struct auth_session_info *session_info + = (struct auth_session_info *)ldb_get_opaque(ldb, "sessionInfo"); + return security_session_user_level(session_info) == SECURITY_SYSTEM; +} diff --git a/source4/dsdb/samdb/ldb_modules/util.h b/source4/dsdb/samdb/ldb_modules/util.h index add39e110a..53ed9bd48e 100644 --- a/source4/dsdb/samdb/ldb_modules/util.h +++ b/source4/dsdb/samdb/ldb_modules/util.h @@ -19,9 +19,11 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. */ -struct dsdb_schema; /* predeclare schema struct */ +/* predeclare some structures used by utility functions */ +struct dsdb_schema; struct GUID; struct dsdb_attribute; +struct dsdb_fsmo_extended_op; #include "dsdb/samdb/ldb_modules/util_proto.h" @@ -32,3 +34,4 @@ struct dsdb_attribute; #define DSDB_SEARCH_SHOW_EXTENDED_DN 0x0010 #define DSDB_MODIFY_RELAX 0x0020 #define DSDB_FLAG_OWN_MODULE 0x0040 +#define DSDB_FLAG_TOP_MODULE 0x0080 diff --git a/source4/dsdb/samdb/samdb.h b/source4/dsdb/samdb/samdb.h index a05aa00f7a..6df30b2904 100644 --- a/source4/dsdb/samdb/samdb.h +++ b/source4/dsdb/samdb/samdb.h @@ -142,4 +142,12 @@ struct dsdb_extended_dn_store_format { #define DSDB_OPAQUE_PARTITION_MODULE_MSG_OPAQUE_NAME "DSDB_OPAQUE_PARTITION_MODULE_MSG" +/* this takes a struct dsdb_fsmo_extended_op */ +#define DSDB_EXTENDED_ALLOCATE_RID_POOL "1.3.6.1.4.1.7165.4.4.5" + +struct dsdb_fsmo_extended_op { + uint64_t fsmo_info; + struct GUID destination_dsa_guid; +}; + #endif /* __SAMDB_H__ */ diff --git a/source4/dsdb/schema/schema.h b/source4/dsdb/schema/schema.h index 186f5d5ddb..1a40c45b21 100644 --- a/source4/dsdb/schema/schema.h +++ b/source4/dsdb/schema/schema.h @@ -62,6 +62,7 @@ struct dsdb_attribute { uint32_t attributeID_id; struct GUID schemaIDGUID; uint32_t mAPIID; + uint32_t msDS_IntId; struct GUID attributeSecurityGUID; struct GUID objectGUID; diff --git a/source4/dsdb/schema/schema_init.c b/source4/dsdb/schema/schema_init.c index ccdf97cf2d..77b4e2a473 100644 --- a/source4/dsdb/schema/schema_init.c +++ b/source4/dsdb/schema/schema_init.c @@ -558,21 +558,19 @@ WERROR dsdb_attribute_from_ldb(struct ldb_context *ldb, /* set an invalid value */ attr->attributeID_id = 0xFFFFFFFF; } else { - /* check if msDS-IntId element is set */ - attr->attributeID_id = samdb_result_uint(msg, "msDS-IntId", 0xFFFFFFFF); - if (attr->attributeID_id == 0xFFFFFFFF) { - /* msDS-IntId is not set, make */ - status = dsdb_schema_pfm_make_attid(schema->prefixmap, - attr->attributeID_oid, - &attr->attributeID_id); - if (!W_ERROR_IS_OK(status)) { - DEBUG(0,("%s: '%s': unable to map attributeID %s: %s\n", - __location__, attr->lDAPDisplayName, attr->attributeID_oid, - win_errstr(status))); - return status; - } + status = dsdb_schema_pfm_make_attid(schema->prefixmap, + attr->attributeID_oid, + &attr->attributeID_id); + if (!W_ERROR_IS_OK(status)) { + DEBUG(0,("%s: '%s': unable to map attributeID %s: %s\n", + __location__, attr->lDAPDisplayName, attr->attributeID_oid, + win_errstr(status))); + return status; } } + /* fetch msDS-IntId to be used in resolving ATTRTYP values */ + GET_UINT32_LDB(msg, "msDS-IntId", attr, msDS_IntId); + GET_GUID_LDB(msg, "schemaIDGUID", attr, schemaIDGUID); GET_UINT32_LDB(msg, "mAPIID", attr, mAPIID); @@ -621,10 +619,14 @@ WERROR dsdb_attribute_from_ldb(struct ldb_context *ldb, attr->syntax = dsdb_syntax_for_attribute(attr); if (!attr->syntax) { + DEBUG(0,(__location__ ": Unknown schema syntax for %s\n", + attr->lDAPDisplayName)); return WERR_DS_ATT_SCHEMA_REQ_SYNTAX; } if (dsdb_schema_setup_ldb_schema_attribute(ldb, attr) != LDB_SUCCESS) { + DEBUG(0,(__location__ ": Unknown schema syntax for %s\n", + attr->lDAPDisplayName)); return WERR_DS_ATT_SCHEMA_REQ_SYNTAX; } @@ -833,6 +835,7 @@ static const struct { { "mayContain", "1.2.840.113556.1.2.25" }, { "defaultSecurityDescriptor", "1.2.840.113556.1.4.224" }, { "defaultHidingValue", "1.2.840.113556.1.4.518" }, + { "msDS-IntId", "1.2.840.113556.1.4.1716" }, }; static struct drsuapi_DsReplicaAttribute *dsdb_find_object_attr_name(struct dsdb_schema *schema, @@ -945,7 +948,7 @@ static struct drsuapi_DsReplicaAttribute *dsdb_find_object_attr_name(struct dsdb } \ } while (0) -#define GET_UINT32_DS(s, r, attr, p, elem) do { \ +#define GET_UINT32_DS(s, r, attr, p, elem, def_val) do { \ struct drsuapi_DsReplicaAttribute *_a; \ _a = dsdb_find_object_attr_name(s, r, attr, NULL); \ if (_a && _a->value_ctr.num_values >= 1 \ @@ -953,7 +956,7 @@ static struct drsuapi_DsReplicaAttribute *dsdb_find_object_attr_name(struct dsdb && _a->value_ctr.values[0].blob->length == 4) { \ (p)->elem = IVAL(_a->value_ctr.values[0].blob->data,0);\ } else { \ - (p)->elem = 0; \ + (p)->elem = def_val; \ } \ } while (0) @@ -1011,7 +1014,7 @@ WERROR dsdb_attribute_from_drsuapi(struct ldb_context *ldb, GET_STRING_DS(schema, r, "name", mem_ctx, attr, cn, true); GET_STRING_DS(schema, r, "lDAPDisplayName", mem_ctx, attr, lDAPDisplayName, true); - GET_UINT32_DS(schema, r, "attributeID", attr, attributeID_id); + GET_UINT32_DS(schema, r, "attributeID", attr, attributeID_id, 0xFFFFFFFF); status = dsdb_schema_pfm_oid_from_attid(schema->prefixmap, attr->attributeID_id, mem_ctx, &attr->attributeID_oid); if (!W_ERROR_IS_OK(status)) { @@ -1020,19 +1023,22 @@ WERROR dsdb_attribute_from_drsuapi(struct ldb_context *ldb, win_errstr(status))); return status; } + /* fetch msDS-IntId to be used in resolving ATTRTYP values */ + GET_UINT32_DS(schema, r, "msDS-IntId", attr, msDS_IntId, 0); + GET_GUID_DS(schema, r, "schemaIDGUID", mem_ctx, attr, schemaIDGUID); - GET_UINT32_DS(schema, r, "mAPIID", attr, mAPIID); + GET_UINT32_DS(schema, r, "mAPIID", attr, mAPIID, 0); GET_GUID_DS(schema, r, "attributeSecurityGUID", mem_ctx, attr, attributeSecurityGUID); attr->objectGUID = r->identifier->guid; - GET_UINT32_DS(schema, r, "searchFlags", attr, searchFlags); - GET_UINT32_DS(schema, r, "systemFlags", attr, systemFlags); + GET_UINT32_DS(schema, r, "searchFlags", attr, searchFlags, 0); + GET_UINT32_DS(schema, r, "systemFlags", attr, systemFlags, 0); GET_BOOL_DS(schema, r, "isMemberOfPartialAttributeSet", attr, isMemberOfPartialAttributeSet, false); - GET_UINT32_DS(schema, r, "linkID", attr, linkID); + GET_UINT32_DS(schema, r, "linkID", attr, linkID, 0); - GET_UINT32_DS(schema, r, "attributeSyntax", attr, attributeSyntax_id); + GET_UINT32_DS(schema, r, "attributeSyntax", attr, attributeSyntax_id, 0xFFFFFFFF); status = dsdb_schema_pfm_oid_from_attid(schema->prefixmap, attr->attributeSyntax_id, mem_ctx, &attr->attributeSyntax_oid); if (!W_ERROR_IS_OK(status)) { @@ -1041,7 +1047,7 @@ WERROR dsdb_attribute_from_drsuapi(struct ldb_context *ldb, win_errstr(status))); return status; } - GET_UINT32_DS(schema, r, "oMSyntax", attr, oMSyntax); + GET_UINT32_DS(schema, r, "oMSyntax", attr, oMSyntax, 0); GET_BLOB_DS(schema, r, "oMObjectClass", mem_ctx, attr, oMObjectClass); GET_BOOL_DS(schema, r, "isSingleValued", attr, isSingleValued, true); @@ -1049,7 +1055,7 @@ WERROR dsdb_attribute_from_drsuapi(struct ldb_context *ldb, GET_UINT32_PTR_DS(schema, r, "rangeUpper", attr, rangeUpper); GET_BOOL_DS(schema, r, "extendedCharsAllowed", attr, extendedCharsAllowed, false); - GET_UINT32_DS(schema, r, "schemaFlagsEx", attr, schemaFlagsEx); + GET_UINT32_DS(schema, r, "schemaFlagsEx", attr, schemaFlagsEx, 0); GET_BLOB_DS(schema, r, "msDs-Schema-Extensions", mem_ctx, attr, msDs_Schema_Extensions); GET_BOOL_DS(schema, r, "showInAdvancedViewOnly", attr, showInAdvancedViewOnly, false); @@ -1062,10 +1068,14 @@ WERROR dsdb_attribute_from_drsuapi(struct ldb_context *ldb, attr->syntax = dsdb_syntax_for_attribute(attr); if (!attr->syntax) { + DEBUG(0,(__location__ ": Unknown schema syntax for %s\n", + attr->lDAPDisplayName)); return WERR_DS_ATT_SCHEMA_REQ_SYNTAX; } if (dsdb_schema_setup_ldb_schema_attribute(ldb, attr) != LDB_SUCCESS) { + DEBUG(0,(__location__ ": Unknown schema syntax for %s\n", + attr->lDAPDisplayName)); return WERR_DS_ATT_SCHEMA_REQ_SYNTAX; } @@ -1084,7 +1094,7 @@ WERROR dsdb_class_from_drsuapi(struct ldb_context *ldb, GET_STRING_DS(schema, r, "name", mem_ctx, obj, cn, true); GET_STRING_DS(schema, r, "lDAPDisplayName", mem_ctx, obj, lDAPDisplayName, true); - GET_UINT32_DS(schema, r, "governsID", obj, governsID_id); + GET_UINT32_DS(schema, r, "governsID", obj, governsID_id, 0xFFFFFFFF); status = dsdb_schema_pfm_oid_from_attid(schema->prefixmap, obj->governsID_id, mem_ctx, &obj->governsID_oid); if (!W_ERROR_IS_OK(status)) { @@ -1097,7 +1107,7 @@ WERROR dsdb_class_from_drsuapi(struct ldb_context *ldb, obj->objectGUID = r->identifier->guid; - GET_UINT32_DS(schema, r, "objectClassCategory", obj, objectClassCategory); + GET_UINT32_DS(schema, r, "objectClassCategory", obj, objectClassCategory, 0); GET_STRING_DS(schema, r, "rDNAttID", mem_ctx, obj, rDNAttID, false); attr = dsdb_find_object_attr_name(schema, r, "defaultObjectCategory", NULL); @@ -1114,7 +1124,7 @@ WERROR dsdb_class_from_drsuapi(struct ldb_context *ldb, } obj->defaultObjectCategory = (char *)blob.data; - GET_UINT32_DS(schema, r, "subClassOf", obj, subClassOf_id); + GET_UINT32_DS(schema, r, "subClassOf", obj, subClassOf_id, 0); GET_UINT32_LIST_DS(schema, r, "systemAuxiliaryClass", mem_ctx, obj, systemAuxiliaryClass_ids); GET_UINT32_LIST_DS(schema, r, "auxiliaryClass", mem_ctx, obj, auxiliaryClass_ids); @@ -1129,7 +1139,7 @@ WERROR dsdb_class_from_drsuapi(struct ldb_context *ldb, GET_STRING_DS(schema, r, "defaultSecurityDescriptor", mem_ctx, obj, defaultSecurityDescriptor, false); - GET_UINT32_DS(schema, r, "schemaFlagsEx", obj, schemaFlagsEx); + GET_UINT32_DS(schema, r, "schemaFlagsEx", obj, schemaFlagsEx, 0); GET_BLOB_DS(schema, r, "msDs-Schema-Extensions", mem_ctx, obj, msDs_Schema_Extensions); GET_BOOL_DS(schema, r, "showInAdvancedViewOnly", obj, showInAdvancedViewOnly, false); diff --git a/source4/dsdb/schema/schema_query.c b/source4/dsdb/schema/schema_query.c index df17787f38..4e11e50c17 100644 --- a/source4/dsdb/schema/schema_query.c +++ b/source4/dsdb/schema/schema_query.c @@ -39,7 +39,14 @@ static int strcasecmp_with_ldb_val(const struct ldb_val *target, const char *str { int ret = strncasecmp((const char *)target->data, str, target->length); if (ret == 0) { - return (target->length - strlen(str)); + size_t len = strlen(str); + if (target->length > len) { + if (target->data[len] == 0) { + return 0; + } + return 1; + } + return (target->length - len); } return ret; } @@ -55,6 +62,15 @@ const struct dsdb_attribute *dsdb_attribute_by_attributeID_id(const struct dsdb_ */ if (id == 0xFFFFFFFF) return NULL; + /* check for msDS-IntId type attribute */ + if (dsdb_pfm_get_attid_type(id) == dsdb_attid_type_intid) { + for (c = schema->attributes; c; c = c->next) { + if (c->msDS_IntId == id) { + return c; + } + } + } + BINARY_ARRAY_SEARCH_P(schema->attributes_by_attributeID_id, schema->num_attributes, attributeID_id, id, uint32_cmp, c); return c; @@ -84,6 +100,18 @@ const struct dsdb_attribute *dsdb_attribute_by_lDAPDisplayName(const struct dsdb return c; } +const struct dsdb_attribute *dsdb_attribute_by_lDAPDisplayName_ldb_val(const struct dsdb_schema *schema, + const struct ldb_val *name) +{ + struct dsdb_attribute *a; + + if (!name) return NULL; + + BINARY_ARRAY_SEARCH_P(schema->attributes_by_lDAPDisplayName, + schema->num_attributes, lDAPDisplayName, name, strcasecmp_with_ldb_val, a); + return a; +} + const struct dsdb_attribute *dsdb_attribute_by_linkID(const struct dsdb_schema *schema, int linkID) { diff --git a/source4/dsdb/schema/schema_syntax.c b/source4/dsdb/schema/schema_syntax.c index de52b9c628..48c2031024 100644 --- a/source4/dsdb/schema/schema_syntax.c +++ b/source4/dsdb/schema/schema_syntax.c @@ -576,6 +576,57 @@ static WERROR dsdb_syntax_DATA_BLOB_ldb_to_drsuapi(struct ldb_context *ldb, return WERR_OK; } +static WERROR _dsdb_syntax_auto_OID_drsuapi_to_ldb(struct ldb_context *ldb, + const struct dsdb_schema *schema, + const struct dsdb_attribute *attr, + const struct drsuapi_DsReplicaAttribute *in, + TALLOC_CTX *mem_ctx, + struct ldb_message_element *out) +{ + uint32_t i; + + out->flags = 0; + out->name = talloc_strdup(mem_ctx, attr->lDAPDisplayName); + W_ERROR_HAVE_NO_MEMORY(out->name); + + out->num_values = in->value_ctr.num_values; + out->values = talloc_array(mem_ctx, struct ldb_val, out->num_values); + W_ERROR_HAVE_NO_MEMORY(out->values); + + for (i=0; i < out->num_values; i++) { + uint32_t v; + const struct dsdb_class *c; + const struct dsdb_attribute *a; + const char *str = NULL; + + if (in->value_ctr.values[i].blob == NULL) { + return WERR_FOOBAR; + } + + if (in->value_ctr.values[i].blob->length != 4) { + return WERR_FOOBAR; + } + + v = IVAL(in->value_ctr.values[i].blob->data, 0); + + if ((c = dsdb_class_by_governsID_id(schema, v))) { + str = talloc_strdup(out->values, c->lDAPDisplayName); + } else if ((a = dsdb_attribute_by_attributeID_id(schema, v))) { + str = talloc_strdup(out->values, a->lDAPDisplayName); + } else { + WERROR werr; + werr = dsdb_schema_pfm_oid_from_attid(schema->prefixmap, v, out->values, &str); + W_ERROR_NOT_OK_RETURN(werr); + } + W_ERROR_HAVE_NO_MEMORY(str); + + /* the values need to be reversed */ + out->values[out->num_values - (i + 1)] = data_blob_string_const(str); + } + + return WERR_OK; +} + static WERROR _dsdb_syntax_OID_obj_drsuapi_to_ldb(struct ldb_context *ldb, const struct dsdb_schema *schema, const struct dsdb_attribute *attr, @@ -711,6 +762,60 @@ static WERROR _dsdb_syntax_OID_oid_drsuapi_to_ldb(struct ldb_context *ldb, return WERR_OK; } +static WERROR _dsdb_syntax_auto_OID_ldb_to_drsuapi(struct ldb_context *ldb, + const struct dsdb_schema *schema, + const struct dsdb_attribute *attr, + const struct ldb_message_element *in, + TALLOC_CTX *mem_ctx, + struct drsuapi_DsReplicaAttribute *out) +{ + uint32_t i; + DATA_BLOB *blobs; + + out->attid= attr->attributeID_id; + out->value_ctr.num_values= in->num_values; + out->value_ctr.values= talloc_array(mem_ctx, + struct drsuapi_DsAttributeValue, + in->num_values); + W_ERROR_HAVE_NO_MEMORY(out->value_ctr.values); + + blobs = talloc_array(mem_ctx, DATA_BLOB, in->num_values); + W_ERROR_HAVE_NO_MEMORY(blobs); + + for (i=0; i < in->num_values; i++) { + const struct dsdb_class *obj_class; + const struct dsdb_attribute *obj_attr; + struct ldb_val *v; + + out->value_ctr.values[i].blob= &blobs[i]; + + blobs[i] = data_blob_talloc(blobs, NULL, 4); + W_ERROR_HAVE_NO_MEMORY(blobs[i].data); + + /* in DRS windows puts the classes in the opposite + order to the order used in ldap */ + v = &in->values[(in->num_values-1)-i]; + + if ((obj_class = dsdb_class_by_lDAPDisplayName_ldb_val(schema, v))) { + SIVAL(blobs[i].data, 0, obj_class->governsID_id); + } else if ((obj_attr = dsdb_attribute_by_lDAPDisplayName_ldb_val(schema, v))) { + SIVAL(blobs[i].data, 0, obj_attr->attributeID_id); + } else { + uint32_t attid; + WERROR werr; + werr = dsdb_schema_pfm_make_attid(schema->prefixmap, + (const char *)v->data, + &attid); + W_ERROR_NOT_OK_RETURN(werr); + SIVAL(blobs[i].data, 0, attid); + } + + } + + + return WERR_OK; +} + static WERROR _dsdb_syntax_OID_obj_ldb_to_drsuapi(struct ldb_context *ldb, const struct dsdb_schema *schema, const struct dsdb_attribute *attr, @@ -839,18 +944,19 @@ static WERROR dsdb_syntax_OID_drsuapi_to_ldb(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, struct ldb_message_element *out) { - uint32_t i; - switch (attr->attributeID_id) { case DRSUAPI_ATTRIBUTE_objectClass: case DRSUAPI_ATTRIBUTE_subClassOf: case DRSUAPI_ATTRIBUTE_auxiliaryClass: + case DRSUAPI_ATTRIBUTE_systemAuxiliaryClass: case DRSUAPI_ATTRIBUTE_systemPossSuperiors: case DRSUAPI_ATTRIBUTE_possSuperiors: return _dsdb_syntax_OID_obj_drsuapi_to_ldb(ldb, schema, attr, in, mem_ctx, out); case DRSUAPI_ATTRIBUTE_systemMustContain: case DRSUAPI_ATTRIBUTE_systemMayContain: case DRSUAPI_ATTRIBUTE_mustContain: + case DRSUAPI_ATTRIBUTE_rDNAttId: + case DRSUAPI_ATTRIBUTE_transportAddressAttribute: case DRSUAPI_ATTRIBUTE_mayContain: return _dsdb_syntax_OID_attr_drsuapi_to_ldb(ldb, schema, attr, in, mem_ctx, out); case DRSUAPI_ATTRIBUTE_governsID: @@ -859,41 +965,9 @@ static WERROR dsdb_syntax_OID_drsuapi_to_ldb(struct ldb_context *ldb, return _dsdb_syntax_OID_oid_drsuapi_to_ldb(ldb, schema, attr, in, mem_ctx, out); } - out->flags = 0; - out->name = talloc_strdup(mem_ctx, attr->lDAPDisplayName); - W_ERROR_HAVE_NO_MEMORY(out->name); - - out->num_values = in->value_ctr.num_values; - out->values = talloc_array(mem_ctx, struct ldb_val, out->num_values); - W_ERROR_HAVE_NO_MEMORY(out->values); - - for (i=0; i < out->num_values; i++) { - uint32_t v; - const char *name; - char *str; - - if (in->value_ctr.values[i].blob == NULL) { - return WERR_FOOBAR; - } - - if (in->value_ctr.values[i].blob->length != 4) { - return WERR_FOOBAR; - } - - v = IVAL(in->value_ctr.values[i].blob->data, 0); - - name = dsdb_lDAPDisplayName_by_id(schema, v); - if (!name) { - return WERR_FOOBAR; - } - - str = talloc_strdup(out->values, name); - W_ERROR_HAVE_NO_MEMORY(str); - - out->values[i] = data_blob_string_const(str); - } - - return WERR_OK; + DEBUG(0,(__location__ ": Unknown handling for attributeID_id for %s\n", + attr->lDAPDisplayName)); + return _dsdb_syntax_auto_OID_drsuapi_to_ldb(ldb, schema, attr, in, mem_ctx, out); } static WERROR dsdb_syntax_OID_ldb_to_drsuapi(struct ldb_context *ldb, @@ -903,9 +977,6 @@ static WERROR dsdb_syntax_OID_ldb_to_drsuapi(struct ldb_context *ldb, TALLOC_CTX *mem_ctx, struct drsuapi_DsReplicaAttribute *out) { - uint32_t i; - DATA_BLOB *blobs; - if (attr->attributeID_id == 0xFFFFFFFF) { return WERR_FOOBAR; } @@ -914,12 +985,15 @@ static WERROR dsdb_syntax_OID_ldb_to_drsuapi(struct ldb_context *ldb, case DRSUAPI_ATTRIBUTE_objectClass: case DRSUAPI_ATTRIBUTE_subClassOf: case DRSUAPI_ATTRIBUTE_auxiliaryClass: + case DRSUAPI_ATTRIBUTE_systemAuxiliaryClass: case DRSUAPI_ATTRIBUTE_systemPossSuperiors: case DRSUAPI_ATTRIBUTE_possSuperiors: return _dsdb_syntax_OID_obj_ldb_to_drsuapi(ldb, schema, attr, in, mem_ctx, out); case DRSUAPI_ATTRIBUTE_systemMustContain: case DRSUAPI_ATTRIBUTE_systemMayContain: case DRSUAPI_ATTRIBUTE_mustContain: + case DRSUAPI_ATTRIBUTE_rDNAttId: + case DRSUAPI_ATTRIBUTE_transportAddressAttribute: case DRSUAPI_ATTRIBUTE_mayContain: return _dsdb_syntax_OID_attr_ldb_to_drsuapi(ldb, schema, attr, in, mem_ctx, out); case DRSUAPI_ATTRIBUTE_governsID: @@ -928,30 +1002,10 @@ static WERROR dsdb_syntax_OID_ldb_to_drsuapi(struct ldb_context *ldb, return _dsdb_syntax_OID_oid_ldb_to_drsuapi(ldb, schema, attr, in, mem_ctx, out); } - out->attid = attr->attributeID_id; - out->value_ctr.num_values = in->num_values; - out->value_ctr.values = talloc_array(mem_ctx, - struct drsuapi_DsAttributeValue, - in->num_values); - W_ERROR_HAVE_NO_MEMORY(out->value_ctr.values); - - blobs = talloc_array(mem_ctx, DATA_BLOB, in->num_values); - W_ERROR_HAVE_NO_MEMORY(blobs); + DEBUG(0,(__location__ ": Unknown handling for attributeID_id for %s\n", + attr->lDAPDisplayName)); - for (i=0; i < in->num_values; i++) { - uint32_t v; - - out->value_ctr.values[i].blob = &blobs[i]; - - blobs[i] = data_blob_talloc(blobs, NULL, 4); - W_ERROR_HAVE_NO_MEMORY(blobs[i].data); - - v = strtol((const char *)in->values[i].data, NULL, 10); - - SIVAL(blobs[i].data, 0, v); - } - - return WERR_OK; + return _dsdb_syntax_auto_OID_ldb_to_drsuapi(ldb, schema, attr, in, mem_ctx, out); } static WERROR dsdb_syntax_UNICODE_drsuapi_to_ldb(struct ldb_context *ldb, diff --git a/source4/kdc/config.mk b/source4/kdc/config.mk index a9d01585f0..3ae5fe5921 100644 --- a/source4/kdc/config.mk +++ b/source4/kdc/config.mk @@ -7,7 +7,7 @@ INIT_FUNCTION = server_service_kdc_init SUBSYSTEM = service PRIVATE_DEPENDENCIES = \ HEIMDAL_KDC HDB_SAMBA4 PAC_GLUE LIBSAMBA-HOSTCONFIG \ - LIBTSOCKET + LIBTSOCKET LIBSAMBA_TSOCKET # End SUBSYSTEM KDC ####################### diff --git a/source4/kdc/hdb-samba4.c b/source4/kdc/hdb-samba4.c index 2f3c30c283..f7a72b41bc 100644 --- a/source4/kdc/hdb-samba4.c +++ b/source4/kdc/hdb-samba4.c @@ -1542,7 +1542,7 @@ krb5_error_code hdb_samba4_check_pkinit_ms_upn_match(krb5_context context, HDB * "objectSid", NULL }; - TALLOC_CTX *mem_ctx = talloc_named(db, 0, "hdb_samba4_check_constrained_delegation"); + TALLOC_CTX *mem_ctx = talloc_named(db, 0, "hdb_samba4_check_pkinit_ms_upn_match"); if (!mem_ctx) { ret = ENOMEM; diff --git a/source4/kdc/kdc.c b/source4/kdc/kdc.c index 93f1c7d6ec..026eaf4122 100644 --- a/source4/kdc/kdc.c +++ b/source4/kdc/kdc.c @@ -29,6 +29,7 @@ #include "lib/events/events.h" #include "lib/socket/socket.h" #include "lib/tsocket/tsocket.h" +#include "libcli/util/tstream.h" #include "system/network.h" #include "../lib/util/dlinklist.h" #include "lib/messaging/irpc.h" @@ -73,7 +74,9 @@ struct kdc_tcp_connection { /* the kdc_server the connection belongs to */ struct kdc_socket *kdc_socket; - struct packet_context *packet; + struct tstream_context *tstream; + + struct tevent_queue *send_queue; }; static void kdc_tcp_terminate_connection(struct kdc_tcp_connection *kdcconn, const char *reason) @@ -81,83 +84,20 @@ static void kdc_tcp_terminate_connection(struct kdc_tcp_connection *kdcconn, con stream_terminate_connection(kdcconn->conn, reason); } -/* - receive a full packet on a KDC connection -*/ -static NTSTATUS kdc_tcp_recv(void *private_data, DATA_BLOB blob) -{ - struct kdc_tcp_connection *kdcconn = talloc_get_type(private_data, - struct kdc_tcp_connection); - NTSTATUS status = NT_STATUS_UNSUCCESSFUL; - TALLOC_CTX *tmp_ctx = talloc_new(kdcconn); - int ret; - DATA_BLOB input, reply; - talloc_steal(tmp_ctx, blob.data); - - /* Call krb5 */ - input = data_blob_const(blob.data + 4, blob.length - 4); - - ret = kdcconn->kdc_socket->process(kdcconn->kdc_socket->kdc, - tmp_ctx, - &input, - &reply, - kdcconn->conn->remote_address, - kdcconn->conn->local_address, - 0 /* Not datagram */); - if (!ret) { - talloc_free(tmp_ctx); - return NT_STATUS_INTERNAL_ERROR; - } - - /* and now encode the reply */ - blob = data_blob_talloc(kdcconn, NULL, reply.length + 4); - if (!blob.data) { - talloc_free(tmp_ctx); - return NT_STATUS_NO_MEMORY; - } - - RSIVAL(blob.data, 0, reply.length); - memcpy(blob.data + 4, reply.data, reply.length); - - status = packet_send(kdcconn->packet, blob); - if (!NT_STATUS_IS_OK(status)) { - talloc_free(tmp_ctx); - return status; - } - - /* the call isn't needed any more */ - talloc_free(tmp_ctx); - return NT_STATUS_OK; -} - -/* - receive some data on a KDC connection -*/ -static void kdc_tcp_recv_handler(struct stream_connection *conn, uint16_t flags) +static void kdc_tcp_recv(struct stream_connection *conn, uint16_t flags) { struct kdc_tcp_connection *kdcconn = talloc_get_type(conn->private_data, struct kdc_tcp_connection); - packet_recv(kdcconn->packet); -} - -/* - called on a tcp recv error -*/ -static void kdc_tcp_recv_error(void *private_data, NTSTATUS status) -{ - struct kdc_tcp_connection *kdcconn = talloc_get_type(private_data, - struct kdc_tcp_connection); - kdc_tcp_terminate_connection(kdcconn, nt_errstr(status)); + /* this should never be triggered! */ + kdc_tcp_terminate_connection(kdcconn, "kdc_tcp_recv: called"); } -/* - called when we can write to a connection -*/ static void kdc_tcp_send(struct stream_connection *conn, uint16_t flags) { struct kdc_tcp_connection *kdcconn = talloc_get_type(conn->private_data, struct kdc_tcp_connection); - packet_queue_run(kdcconn->packet); + /* this should never be triggered! */ + kdc_tcp_terminate_connection(kdcconn, "kdc_tcp_send: called"); } /** @@ -214,42 +154,201 @@ static bool kdc_process(struct kdc_server *kdc, return true; } +struct kdc_tcp_call { + struct kdc_tcp_connection *kdc_conn; + DATA_BLOB in; + DATA_BLOB out; + uint8_t out_hdr[4]; + struct iovec out_iov[2]; +}; + +static void kdc_tcp_call_writev_done(struct tevent_req *subreq); + +static void kdc_tcp_call_loop(struct tevent_req *subreq) +{ + struct kdc_tcp_connection *kdc_conn = tevent_req_callback_data(subreq, + struct kdc_tcp_connection); + struct kdc_tcp_call *call; + NTSTATUS status; + bool ok; + + call = talloc(kdc_conn, struct kdc_tcp_call); + if (call == NULL) { + kdc_tcp_terminate_connection(kdc_conn, "kdc_tcp_call_loop: " + "no memory for kdc_tcp_call"); + return; + } + call->kdc_conn = kdc_conn; + + status = tstream_read_pdu_blob_recv(subreq, + call, + &call->in); + TALLOC_FREE(subreq); + if (!NT_STATUS_IS_OK(status)) { + const char *reason; + + reason = talloc_asprintf(call, "kdc_tcp_call_loop: " + "tstream_read_pdu_blob_recv() - %s", + nt_errstr(status)); + if (!reason) { + reason = nt_errstr(status); + } + + kdc_tcp_terminate_connection(kdc_conn, reason); + return; + } + + DEBUG(10,("Received krb5 TCP packet of length %lu from %s\n", + (long) call->in.length, + tsocket_address_string(kdc_conn->conn->remote_address, call))); + + /* skip length header */ + call->in.data +=4; + call->in.length -= 4; + + /* Call krb5 */ + ok = kdc_conn->kdc_socket->process(kdc_conn->kdc_socket->kdc, + call, + &call->in, + &call->out, + kdc_conn->conn->remote_address, + kdc_conn->conn->local_address, + 0 /* Stream */); + if (!ok) { + kdc_tcp_terminate_connection(kdc_conn, + "kdc_tcp_call_loop: process function failed"); + return; + } + + /* First add the length of the out buffer */ + RSIVAL(call->out_hdr, 0, call->out.length); + call->out_iov[0].iov_base = call->out_hdr; + call->out_iov[0].iov_len = 4; + + call->out_iov[1].iov_base = call->out.data; + call->out_iov[1].iov_len = call->out.length; + + subreq = tstream_writev_queue_send(call, + kdc_conn->conn->event.ctx, + kdc_conn->tstream, + kdc_conn->send_queue, + call->out_iov, 2); + if (subreq == NULL) { + kdc_tcp_terminate_connection(kdc_conn, "kdc_tcp_call_loop: " + "no memory for tstream_writev_queue_send"); + return; + } + tevent_req_set_callback(subreq, kdc_tcp_call_writev_done, call); + + /* + * The krb5 tcp pdu's has the length as 4 byte (initial_read_size), + * packet_full_request_u32 provides the pdu length then. + */ + subreq = tstream_read_pdu_blob_send(kdc_conn, + kdc_conn->conn->event.ctx, + kdc_conn->tstream, + 4, /* initial_read_size */ + packet_full_request_u32, + kdc_conn); + if (subreq == NULL) { + kdc_tcp_terminate_connection(kdc_conn, "kdc_tcp_call_loop: " + "no memory for tstream_read_pdu_blob_send"); + return; + } + tevent_req_set_callback(subreq, kdc_tcp_call_loop, kdc_conn); +} + +static void kdc_tcp_call_writev_done(struct tevent_req *subreq) +{ + struct kdc_tcp_call *call = tevent_req_callback_data(subreq, + struct kdc_tcp_call); + int sys_errno; + int rc; + + rc = tstream_writev_queue_recv(subreq, &sys_errno); + TALLOC_FREE(subreq); + if (rc == -1) { + const char *reason; + + reason = talloc_asprintf(call, "kdc_tcp_call_writev_done: " + "tstream_writev_queue_recv() - %d:%s", + sys_errno, strerror(sys_errno)); + if (!reason) { + reason = "kdc_tcp_call_writev_done: tstream_writev_queue_recv() failed"; + } + + kdc_tcp_terminate_connection(call->kdc_conn, reason); + return; + } + + /* We don't care about errors */ + + talloc_free(call); +} + /* called when we get a new connection */ static void kdc_tcp_accept(struct stream_connection *conn) { - struct kdc_socket *kdc_socket = talloc_get_type(conn->private_data, struct kdc_socket); - struct kdc_tcp_connection *kdcconn; + struct kdc_socket *kdc_socket; + struct kdc_tcp_connection *kdc_conn; + struct tevent_req *subreq; + int rc; + + kdc_conn = talloc_zero(conn, struct kdc_tcp_connection); + if (kdc_conn == NULL) { + stream_terminate_connection(conn, + "kdc_tcp_accept: out of memory"); + return; + } - kdcconn = talloc_zero(conn, struct kdc_tcp_connection); - if (!kdcconn) { - stream_terminate_connection(conn, "kdc_tcp_accept: out of memory"); + kdc_conn->send_queue = tevent_queue_create(conn, "kdc_tcp_accept"); + if (kdc_conn->send_queue == NULL) { + stream_terminate_connection(conn, + "kdc_tcp_accept: out of memory"); return; } - kdcconn->conn = conn; - kdcconn->kdc_socket = kdc_socket; - conn->private_data = kdcconn; - kdcconn->packet = packet_init(kdcconn); - if (kdcconn->packet == NULL) { - kdc_tcp_terminate_connection(kdcconn, "kdc_tcp_accept: out of memory"); + kdc_socket = talloc_get_type(conn->private_data, struct kdc_socket); + + TALLOC_FREE(conn->event.fde); + + rc = tstream_bsd_existing_socket(kdc_conn->tstream, + socket_get_fd(conn->socket), + &kdc_conn->tstream); + if (rc < 0) { + stream_terminate_connection(conn, + "kdc_tcp_accept: out of memory"); return; } - packet_set_private(kdcconn->packet, kdcconn); - packet_set_socket(kdcconn->packet, conn->socket); - packet_set_callback(kdcconn->packet, kdc_tcp_recv); - packet_set_full_request(kdcconn->packet, packet_full_request_u32); - packet_set_error_handler(kdcconn->packet, kdc_tcp_recv_error); - packet_set_event_context(kdcconn->packet, conn->event.ctx); - packet_set_fde(kdcconn->packet, conn->event.fde); - packet_set_serialise(kdcconn->packet); + + kdc_conn->conn = conn; + kdc_conn->kdc_socket = kdc_socket; + conn->private_data = kdc_conn; + + /* + * The krb5 tcp pdu's has the length as 4 byte (initial_read_size), + * packet_full_request_u32 provides the pdu length then. + */ + subreq = tstream_read_pdu_blob_send(kdc_conn, + kdc_conn->conn->event.ctx, + kdc_conn->tstream, + 4, /* initial_read_size */ + packet_full_request_u32, + kdc_conn); + if (subreq == NULL) { + kdc_tcp_terminate_connection(kdc_conn, "kdc_tcp_accept: " + "no memory for tstream_read_pdu_blob_send"); + return; + } + tevent_req_set_callback(subreq, kdc_tcp_call_loop, kdc_conn); } static const struct stream_server_ops kdc_tcp_stream_ops = { .name = "kdc_tcp", .accept_connection = kdc_tcp_accept, - .recv_handler = kdc_tcp_recv_handler, + .recv_handler = kdc_tcp_recv, .send_handler = kdc_tcp_send }; @@ -276,7 +375,7 @@ static void kdc_udp_call_loop(struct tevent_req *subreq) uint8_t *buf; ssize_t len; int sys_errno; - int ret; + bool ok; call = talloc(sock, struct kdc_udp_call); if (call == NULL) { @@ -300,14 +399,14 @@ static void kdc_udp_call_loop(struct tevent_req *subreq) tsocket_address_string(call->src, call))); /* Call krb5 */ - ret = sock->kdc_socket->process(sock->kdc_socket->kdc, - call, - &call->in, - &call->out, - call->src, - sock->kdc_socket->local_address, - 1 /* Datagram */); - if (!ret) { + ok = sock->kdc_socket->process(sock->kdc_socket->kdc, + call, + &call->in, + &call->out, + call->src, + sock->kdc_socket->local_address, + 1 /* Datagram */); + if (!ok) { talloc_free(call); goto done; } @@ -663,22 +762,22 @@ static void kdc_task_init(struct task_server *task) PLUGIN_TYPE_DATA, "hdb", &hdb_samba4); if(ret) { - task_server_terminate(task, "kdc: failed to register hdb keytab", true); + task_server_terminate(task, "kdc: failed to register hdb plugin", true); return; } ret = krb5_kt_register(kdc->smb_krb5_context->krb5_context, &hdb_kt_ops); if(ret) { - task_server_terminate(task, "kdc: failed to register hdb keytab", true); + task_server_terminate(task, "kdc: failed to register keytab plugin", true); return; } - /* Registar WinDC hooks */ + /* Register WinDC hooks */ ret = krb5_plugin_register(kdc->smb_krb5_context->krb5_context, PLUGIN_TYPE_DATA, "windc", &windc_plugin_table); if(ret) { - task_server_terminate(task, "kdc: failed to register hdb keytab", true); + task_server_terminate(task, "kdc: failed to register windc plugin", true); return; } diff --git a/source4/lib/events/events.h b/source4/lib/events/events.h index 1b2dbde32b..5fdb96794e 100644 --- a/source4/lib/events/events.h +++ b/source4/lib/events/events.h @@ -4,4 +4,5 @@ #include <../lib/tevent/tevent.h> struct tevent_context *s4_event_context_init(TALLOC_CTX *mem_ctx); struct tevent_context *event_context_find(TALLOC_CTX *mem_ctx) _DEPRECATED_; +void s4_event_context_set_default(struct tevent_context *ev); #endif /* __LIB_EVENTS_H__ */ diff --git a/source4/lib/events/tevent_s4.c b/source4/lib/events/tevent_s4.c index 1898269c2c..838f20debe 100644 --- a/source4/lib/events/tevent_s4.c +++ b/source4/lib/events/tevent_s4.c @@ -71,6 +71,16 @@ struct tevent_context *s4_event_context_init(TALLOC_CTX *mem_ctx) return ev; } +static struct tevent_context *default_tevent_context; + +/* set a default event context that will be used for + * event_context_find() if a parent event context is not found + */ +void s4_event_context_set_default(struct tevent_context *ev) +{ + default_tevent_context = ev; +} + /* find an event context that is a parent of the given memory context, or create a new event context as a child of the given context if @@ -83,7 +93,10 @@ struct tevent_context *s4_event_context_init(TALLOC_CTX *mem_ctx) struct tevent_context *event_context_find(TALLOC_CTX *mem_ctx) { struct tevent_context *ev = talloc_find_parent_bytype(mem_ctx, struct tevent_context); - if (ev == NULL) { + if (ev == NULL) { + ev = default_tevent_context; + } + if (ev == NULL) { ev = tevent_context_init(mem_ctx); } return ev; diff --git a/source4/lib/ldb-samba/ldif_handlers.c b/source4/lib/ldb-samba/ldif_handlers.c index 4611eba3f1..88888bf0a7 100644 --- a/source4/lib/ldb-samba/ldif_handlers.c +++ b/source4/lib/ldb-samba/ldif_handlers.c @@ -406,7 +406,7 @@ static int ldif_write_ntSecurityDescriptor(struct ldb_context *ldb, void *mem_ct talloc_free(sd); return -1; } - out->data = (uint8_t *)sddl_encode(mem_ctx, sd, NULL); + out->data = (uint8_t *)sddl_encode(mem_ctx, sd, samdb_domain_sid_cache_only(ldb)); talloc_free(sd); if (out->data == NULL) { return -1; @@ -700,6 +700,26 @@ static int val_to_int32(const struct ldb_val *in, int32_t *v) return LDB_SUCCESS; } +/* length limited conversion of a ldb_val to a int64_t */ +static int val_to_int64(const struct ldb_val *in, int64_t *v) +{ + char *end; + char buf[64]; + + /* make sure we don't read past the end of the data */ + if (in->length > sizeof(buf)-1) { + return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; + } + strncpy(buf, (char *)in->data, in->length); + buf[in->length] = 0; + + *v = (int64_t) strtoll(buf, &end, 0); + if (*end != 0) { + return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; + } + return LDB_SUCCESS; +} + /* Canonicalisation of two 32-bit integers */ static int ldif_canonicalise_int32(struct ldb_context *ldb, void *mem_ctx, const struct ldb_val *in, struct ldb_val *out) @@ -731,6 +751,37 @@ static int ldif_comparison_int32(struct ldb_context *ldb, void *mem_ctx, return i1 > i2? 1 : -1; } +/* Canonicalisation of two 64-bit integers */ +static int ldif_canonicalise_int64(struct ldb_context *ldb, void *mem_ctx, + const struct ldb_val *in, struct ldb_val *out) +{ + int64_t i; + int ret; + + ret = val_to_int64(in, &i); + if (ret != LDB_SUCCESS) { + return ret; + } + out->data = (uint8_t *) talloc_asprintf(mem_ctx, "%lld", (long long)i); + if (out->data == NULL) { + ldb_oom(ldb); + return LDB_ERR_OPERATIONS_ERROR; + } + out->length = strlen((char *)out->data); + return 0; +} + +/* Comparison of two 64-bit integers */ +static int ldif_comparison_int64(struct ldb_context *ldb, void *mem_ctx, + const struct ldb_val *v1, const struct ldb_val *v2) +{ + int64_t i1=0, i2=0; + val_to_int64(v1, &i1); + val_to_int64(v2, &i2); + if (i1 == i2) return 0; + return i1 > i2? 1 : -1; +} + /* convert a NDR formatted blob to a ldif formatted repsFromTo */ @@ -778,6 +829,64 @@ static int extended_dn_write_hex(struct ldb_context *ldb, void *mem_ctx, return 0; } + +/* + write a 64 bit 2-part range +*/ +static int ldif_write_range64(struct ldb_context *ldb, void *mem_ctx, + const struct ldb_val *in, struct ldb_val *out) +{ + int64_t v; + int ret; + ret = val_to_int64(in, &v); + if (ret != LDB_SUCCESS) { + return ret; + } + out->data = (uint8_t *)talloc_asprintf(mem_ctx, "%lu-%lu", + (unsigned long)(v&0xFFFFFFFF), + (unsigned long)(v>>32)); + if (out->data == NULL) { + ldb_oom(ldb); + return LDB_ERR_OPERATIONS_ERROR; + } + out->length = strlen((char *)out->data); + return LDB_SUCCESS; +} + +/* + read a 64 bit 2-part range +*/ +static int ldif_read_range64(struct ldb_context *ldb, void *mem_ctx, + const struct ldb_val *in, struct ldb_val *out) +{ + unsigned long high, low; + char buf[64]; + + if (memchr(in->data, '-', in->length) == NULL) { + return ldb_handler_copy(ldb, mem_ctx, in, out); + } + + if (in->length > sizeof(buf)-1) { + return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; + } + strncpy(buf, (const char *)in->data, in->length); + buf[in->length] = 0; + + if (sscanf(buf, "%lu-%lu", &low, &high) != 2) { + return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX; + } + + out->data = (uint8_t *)talloc_asprintf(mem_ctx, "%llu", + (unsigned long long)(((uint64_t)high)<<32) | (low)); + + if (out->data == NULL) { + ldb_oom(ldb); + return LDB_ERR_OPERATIONS_ERROR; + } + out->length = strlen((char *)out->data); + return LDB_SUCCESS; +} + static const struct ldb_schema_syntax samba_syntaxes[] = { { .name = LDB_SYNTAX_SAMBA_SID, @@ -845,6 +954,12 @@ static const struct ldb_schema_syntax samba_syntaxes[] = { .ldif_write_fn = ldb_handler_copy, .canonicalise_fn = dsdb_dn_string_canonicalise, .comparison_fn = dsdb_dn_string_comparison + },{ + .name = LDB_SYNTAX_SAMBA_RANGE64, + .ldif_read_fn = ldif_read_range64, + .ldif_write_fn = ldif_write_range64, + .canonicalise_fn = ldif_canonicalise_int64, + .comparison_fn = ldif_comparison_int64 }, }; @@ -928,6 +1043,9 @@ static const struct { { "repsTo", LDB_SYNTAX_SAMBA_REPSFROMTO }, { "replPropertyMetaData", LDB_SYNTAX_SAMBA_REPLPROPERTYMETADATA }, { "replUpToDateVector", LDB_SYNTAX_SAMBA_REPLUPTODATEVECTOR }, + { "rIDAllocationPool", LDB_SYNTAX_SAMBA_RANGE64 }, + { "rIDPreviousAllocationPool", LDB_SYNTAX_SAMBA_RANGE64 }, + { "rIDAvailablePool", LDB_SYNTAX_SAMBA_RANGE64 }, }; const struct ldb_schema_syntax *ldb_samba_syntax_by_name(struct ldb_context *ldb, const char *name) diff --git a/source4/lib/ldb-samba/ldif_handlers.h b/source4/lib/ldb-samba/ldif_handlers.h index 6906c822f9..8e4df77ffc 100644 --- a/source4/lib/ldb-samba/ldif_handlers.h +++ b/source4/lib/ldb-samba/ldif_handlers.h @@ -10,6 +10,7 @@ #define LDB_SYNTAX_SAMBA_REPSFROMTO "LDB_SYNTAX_SAMBA_REPSFROMTO" #define LDB_SYNTAX_SAMBA_REPLPROPERTYMETADATA "LDB_SYNTAX_SAMBA_REPLPROPERTYMETADATA" #define LDB_SYNTAX_SAMBA_REPLUPTODATEVECTOR "LDB_SYNTAX_SAMBA_REPLUPTODATEVECTOR" +#define LDB_SYNTAX_SAMBA_RANGE64 "LDB_SYNTAX_SAMBA_RANGE64" #include "lib/ldb-samba/ldif_handlers_proto.h" diff --git a/source4/lib/ldb/common/ldb_dn.c b/source4/lib/ldb/common/ldb_dn.c index 79953c6018..252a0c632b 100644 --- a/source4/lib/ldb/common/ldb_dn.c +++ b/source4/lib/ldb/common/ldb_dn.c @@ -103,7 +103,13 @@ struct ldb_dn *ldb_dn_from_ldb_val(void *mem_ctx, dn = talloc_zero(mem_ctx, struct ldb_dn); LDB_DN_NULL_FAILED(dn); - dn->ldb = ldb; + dn->ldb = talloc_get_type(ldb, struct ldb_context); + if (dn->ldb == NULL) { + /* the caller probably got the arguments to + ldb_dn_new() mixed up */ + talloc_free(dn); + return NULL; + } if (strdn->data && strdn->length) { const char *data = (const char *)strdn->data; diff --git a/source4/lib/ldb/ldb_tdb/ldb_index.c b/source4/lib/ldb/ldb_tdb/ldb_index.c index 52f9f00c58..01d0d6ce34 100644 --- a/source4/lib/ldb/ldb_tdb/ldb_index.c +++ b/source4/lib/ldb/ldb_tdb/ldb_index.c @@ -1104,6 +1104,8 @@ static int ltdb_index_add1(struct ldb_module *module, const char *dn, if (list->count > 0 && a->flags & LDB_ATTR_FLAG_UNIQUE_INDEX) { talloc_free(list); + ldb_asprintf_errstring(ldb, __location__ ": unique index violation on %s in %s", + el->name, dn); return LDB_ERR_ENTRY_ALREADY_EXISTS; } @@ -1168,6 +1170,10 @@ static int ltdb_index_add_all(struct ldb_module *module, const char *dn, } ret = ltdb_index_add_el(module, dn, &elements[i]); if (ret != LDB_SUCCESS) { + struct ldb_context *ldb = ldb_module_get_ctx(module); + ldb_asprintf_errstring(ldb, + __location__ ": Failed to re-index %s in %s - %s", + elements[i].name, dn, ldb_errstring(ldb)); return ret; } } @@ -1446,13 +1452,19 @@ static int delete_index(struct tdb_context *tdb, TDB_DATA key, TDB_DATA data, vo return 0; } +struct ltdb_reindex_context { + struct ldb_module *module; + int error; +}; + /* traversal function that adds @INDEX records during a re index */ static int re_index(struct tdb_context *tdb, TDB_DATA key, TDB_DATA data, void *state) { struct ldb_context *ldb; - struct ldb_module *module = (struct ldb_module *)state; + struct ltdb_reindex_context *ctx = (struct ltdb_reindex_context *)state; + struct ldb_module *module = ctx->module; struct ldb_message *msg; const char *dn = NULL; int ret; @@ -1511,9 +1523,13 @@ static int re_index(struct tdb_context *tdb, TDB_DATA key, TDB_DATA data, void * ret = ltdb_index_add_all(module, dn, msg->elements, msg->num_elements); - talloc_free(msg); + if (ret != LDB_SUCCESS) { + ctx->error = ret; + talloc_free(msg); + return -1; + } - if (ret != LDB_SUCCESS) return -1; + talloc_free(msg); return 0; } @@ -1525,6 +1541,7 @@ int ltdb_reindex(struct ldb_module *module) { struct ltdb_private *ltdb = talloc_get_type(ldb_module_get_private(module), struct ltdb_private); int ret; + struct ltdb_reindex_context ctx; if (ltdb_cache_reload(module) != 0) { return LDB_ERR_OPERATIONS_ERROR; @@ -1543,11 +1560,22 @@ int ltdb_reindex(struct ldb_module *module) return LDB_SUCCESS; } + ctx.module = module; + ctx.error = 0; + /* now traverse adding any indexes for normal LDB records */ - ret = tdb_traverse(ltdb->tdb, re_index, module); + ret = tdb_traverse(ltdb->tdb, re_index, &ctx); if (ret == -1) { + struct ldb_context *ldb = ldb_module_get_ctx(module); + ldb_asprintf_errstring(ldb, "reindexing traverse failed: %s", ldb_errstring(ldb)); return LDB_ERR_OPERATIONS_ERROR; } + if (ctx.error != LDB_SUCCESS) { + struct ldb_context *ldb = ldb_module_get_ctx(module); + ldb_asprintf_errstring(ldb, "reindexing failed: %s", ldb_errstring(ldb)); + return ctx.error; + } + return LDB_SUCCESS; } diff --git a/source4/lib/ldb/ldb_tdb/ldb_tdb.c b/source4/lib/ldb/ldb_tdb/ldb_tdb.c index a146b96b20..b8b4d399ef 100644 --- a/source4/lib/ldb/ldb_tdb/ldb_tdb.c +++ b/source4/lib/ldb/ldb_tdb/ldb_tdb.c @@ -230,7 +230,8 @@ static int ltdb_modified(struct ldb_module *module, struct ldb_dn *dn) } /* If the modify was to @OPTIONS, reload the cache */ - if (ldb_dn_is_special(dn) && + if (ret == LDB_SUCCESS && + ldb_dn_is_special(dn) && (ldb_dn_check_special(dn, LTDB_OPTIONS)) ) { ret = ltdb_cache_reload(module); } diff --git a/source4/lib/ldb/tests/python/acl.py b/source4/lib/ldb/tests/python/acl.py index 4544f60736..909adc5129 100755 --- a/source4/lib/ldb/tests/python/acl.py +++ b/source4/lib/ldb/tests/python/acl.py @@ -164,7 +164,8 @@ replace: nTSecurityDescriptor """ ldif = """ dn: """ + group_dn + """ -changetype: add +changetype: modify +add: member member: """ + member_dn _ldb.modify_ldif(ldif) diff --git a/source4/lib/ldb/tests/python/sec_descriptor.py b/source4/lib/ldb/tests/python/sec_descriptor.py index e420cec3bd..4589178a42 100755 --- a/source4/lib/ldb/tests/python/sec_descriptor.py +++ b/source4/lib/ldb/tests/python/sec_descriptor.py @@ -285,8 +285,30 @@ userAccountControl: %s""" % userAccountControl class OwnerGroupDescriptorTests(DescriptorTests): + def deleteAll(self): + if self.SAMBA: + self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser1")) + self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser2")) + self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser3")) + self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser4")) + self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser5")) + self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser6")) + self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser7")) + self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser8")) + # DOMAIN + self.delete_force(self.ldb_admin, self.get_users_domain_dn("test_domain_group1")) + self.delete_force(self.ldb_admin, "CN=test_domain_user1,OU=test_domain_ou1," + self.base_dn) + self.delete_force(self.ldb_admin, "OU=test_domain_ou2,OU=test_domain_ou1," + self.base_dn) + self.delete_force(self.ldb_admin, "OU=test_domain_ou1," + self.base_dn) + # SCHEMA + # CONFIGURATION + self.delete_force(self.ldb_admin, "CN=test-specifier1,CN=test-container1,CN=DisplaySpecifiers," \ + + self.configuration_dn) + self.delete_force(self.ldb_admin, "CN=test-container1,CN=DisplaySpecifiers," + self.configuration_dn) + def setUp(self): DescriptorTests.setUp(self) + self.deleteAll() if self.SAMBA: ### Create users # User 1 @@ -295,7 +317,8 @@ class OwnerGroupDescriptorTests(DescriptorTests): self.enable_account(user_dn) ldif = """ dn: CN=Enterprise Admins,CN=Users,""" + self.base_dn + """ -changetype: add +changetype: modify +add: member member: """ + user_dn self.ldb_admin.modify_ldif(ldif) # User 2 @@ -304,7 +327,8 @@ member: """ + user_dn self.enable_account(user_dn) ldif = """ dn: CN=Domain Admins,CN=Users,""" + self.base_dn + """ -changetype: add +changetype: modify +add: member member: """ + user_dn self.ldb_admin.modify_ldif(ldif) # User 3 @@ -313,7 +337,8 @@ member: """ + user_dn self.enable_account(user_dn) ldif = """ dn: CN=Schema Admins,CN=Users,""" + self.base_dn + """ -changetype: add +changetype: modify +add: member member: """ + user_dn self.ldb_admin.modify_ldif(ldif) # User 4 @@ -326,11 +351,13 @@ member: """ + user_dn self.enable_account(user_dn) ldif = """ dn: CN=Enterprise Admins,CN=Users,""" + self.base_dn + """ -changetype: add +changetype: modify +add: member member: """ + user_dn + """ dn: CN=Domain Admins,CN=Users,""" + self.base_dn + """ -changetype: add +changetype: modify +add: member member: """ + user_dn self.ldb_admin.modify_ldif(ldif) # User 6 @@ -339,15 +366,18 @@ member: """ + user_dn self.enable_account(user_dn) ldif = """ dn: CN=Enterprise Admins,CN=Users,""" + self.base_dn + """ -changetype: add +changetype: modify +add: member member: """ + user_dn + """ dn: CN=Domain Admins,CN=Users,""" + self.base_dn + """ -changetype: add +changetype: modify +add: member member: """ + user_dn + """ dn: CN=Schema Admins,CN=Users,""" + self.base_dn + """ -changetype: add +changetype: modify +add: member member: """ + user_dn self.ldb_admin.modify_ldif(ldif) # User 7 @@ -356,11 +386,13 @@ member: """ + user_dn self.enable_account(user_dn) ldif = """ dn: CN=Domain Admins,CN=Users,""" + self.base_dn + """ -changetype: add +changetype: modify +add: member member: """ + user_dn + """ dn: CN=Schema Admins,CN=Users,""" + self.base_dn + """ -changetype: add +changetype: modify +add: member member: """ + user_dn self.ldb_admin.modify_ldif(ldif) # User 8 @@ -369,11 +401,13 @@ member: """ + user_dn self.enable_account(user_dn) ldif = """ dn: CN=Enterprise Admins,CN=Users,""" + self.base_dn + """ -changetype: add +changetype: modify +add: member member: """ + user_dn + """ dn: CN=Schema Admins,CN=Users,""" + self.base_dn + """ -changetype: add +changetype: modify +add: member member: """ + user_dn self.ldb_admin.modify_ldif(ldif) self.results = { @@ -490,25 +524,7 @@ member: """ + user_dn self.DS_BEHAVIOR = "ds_behavior_win2008" def tearDown(self): - if self.SAMBA: - self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser1")) - self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser2")) - self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser3")) - self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser4")) - self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser5")) - self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser6")) - self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser7")) - self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser8")) - # DOMAIN - self.delete_force(self.ldb_admin, self.get_users_domain_dn("test_domain_group1")) - self.delete_force(self.ldb_admin, "CN=test_domain_user1,OU=test_domain_ou1," + self.base_dn) - self.delete_force(self.ldb_admin, "OU=test_domain_ou2,OU=test_domain_ou1," + self.base_dn) - self.delete_force(self.ldb_admin, "OU=test_domain_ou1," + self.base_dn) - # SCHEMA - # CONFIGURATION - self.delete_force(self.ldb_admin, "CN=test-specifier1,CN=test-container1,CN=DisplaySpecifiers," \ - + self.configuration_dn) - self.delete_force(self.ldb_admin, "CN=test-container1,CN=DisplaySpecifiers," + self.configuration_dn) + self.deleteAll() def check_user_belongs(self, user_dn, groups=[]): """ Test wether user is member of the expected group(s) """ @@ -1414,12 +1430,16 @@ member: """ + user_dn class DaclDescriptorTests(DescriptorTests): + def deleteAll(self): + self.delete_force(self.ldb_admin, "CN=test_inherit_group,OU=test_inherit_ou," + self.base_dn) + self.delete_force(self.ldb_admin, "OU=test_inherit_ou," + self.base_dn) + def setUp(self): DescriptorTests.setUp(self) + self.deleteAll() def tearDown(self): - self.delete_force(self.ldb_admin, "CN=test_inherit_group,OU=test_inherit_ou," + self.base_dn) - self.delete_force(self.ldb_admin, "OU=test_inherit_ou," + self.base_dn) + self.deleteAll() def create_clean_ou(self, object_dn): """ Base repeating setup for unittests to follow """ @@ -1686,12 +1706,16 @@ class DaclDescriptorTests(DescriptorTests): class SdFlagsDescriptorTests(DescriptorTests): + def deleteAll(self): + self.delete_force(self.ldb_admin, "OU=test_sdflags_ou," + self.base_dn) + def setUp(self): DescriptorTests.setUp(self) self.test_descr = "O:AUG:AUD:(D;;CC;;;LG)S:(OU;;WP;;;AU)" + self.deleteAll() def tearDown(self): - self.delete_force(self.ldb_admin, "OU=test_sdflags_ou," + self.base_dn) + self.deleteAll() def test_301(self): """ Modify a descriptor with OWNER_SECURITY_INFORMATION set. @@ -1841,8 +1865,16 @@ class SdFlagsDescriptorTests(DescriptorTests): class RightsAttributesTests(DescriptorTests): + def deleteAll(self): + if self.SAMBA: + self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser_attr")) + self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser_attr2")) + + self.delete_force(self.ldb_admin, "OU=test_domain_ou1," + self.base_dn) + def setUp(self): DescriptorTests.setUp(self) + self.deleteAll() if self.SAMBA: ### Create users # User 1 @@ -1855,17 +1887,13 @@ class RightsAttributesTests(DescriptorTests): self.enable_account(user_dn) ldif = """ dn: CN=Domain Admins,CN=Users,""" + self.base_dn + """ -changetype: add +changetype: modify +add: member member: """ + user_dn self.ldb_admin.modify_ldif(ldif) def tearDown(self): - - if self.SAMBA: - self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser_attr")) - self.delete_force(self.ldb_admin, self.get_users_domain_dn("testuser_attr2")) - - self.delete_force(self.ldb_admin, "OU=test_domain_ou1," + self.base_dn) + self.deleteAll() def test_sDRightsEffective(self): object_dn = "OU=test_domain_ou1," + self.base_dn @@ -1964,7 +1992,11 @@ member: """ + user_dn self.assertTrue("managedBy" in res[0]["allowedAttributesEffective"]) if not "://" in host: - host = "ldap://%s" % host + if os.path.isfile(host): + host = "tdb://%s" % host + else: + host = "ldap://%s" % host + ldb = Ldb(host, credentials=creds, session_info=system_session(), lp=lp, options=["modules:paged_searches"]) runner = SubunitTestRunner() diff --git a/source4/lib/ldb/tools/cmdline.c b/source4/lib/ldb/tools/cmdline.c index 39a460763c..44ae23b26c 100644 --- a/source4/lib/ldb/tools/cmdline.c +++ b/source4/lib/ldb/tools/cmdline.c @@ -33,6 +33,7 @@ #include "auth/auth.h" #include "ldb_wrap.h" #include "param/param.h" +#include "dsdb/common/proto.h" #endif static struct ldb_cmdline options; /* needs to be static for older compilers */ @@ -321,6 +322,11 @@ struct ldb_cmdline *ldb_cmdline_process(struct ldb_context *ldb, goto failed; } +#if (_SAMBA_BUILD_ >= 4) + /* get the domain SID into the cache for SDDL processing */ + samdb_domain_sid(ldb); +#endif + return ret; failed: diff --git a/source4/lib/messaging/messaging.c b/source4/lib/messaging/messaging.c index 277688e8b6..c12945b622 100644 --- a/source4/lib/messaging/messaging.c +++ b/source4/lib/messaging/messaging.c @@ -119,8 +119,15 @@ static NTSTATUS irpc_uptime(struct irpc_message *msg, */ static char *messaging_path(struct messaging_context *msg, struct server_id server_id) { - return talloc_asprintf(msg, "%s/msg.%s", msg->base_path, - cluster_id_string(msg, server_id)); + TALLOC_CTX *tmp_ctx = talloc_new(msg); + const char *id = cluster_id_string(tmp_ctx, server_id); + char *s; + if (id == NULL) { + return NULL; + } + s = talloc_asprintf(msg, "%s/msg.%s", msg->base_path, id); + talloc_steal(s, tmp_ctx); + return s; } /* @@ -261,11 +268,13 @@ static void messaging_send_handler(struct messaging_context *msg) } rec->retries = 0; if (!NT_STATUS_IS_OK(status)) { + TALLOC_CTX *tmp_ctx = talloc_new(msg); DEBUG(1,("messaging: Lost message from %s to %s of type %u - %s\n", - cluster_id_string(debug_ctx(), rec->header->from), - cluster_id_string(debug_ctx(), rec->header->to), + cluster_id_string(tmp_ctx, rec->header->from), + cluster_id_string(tmp_ctx, rec->header->to), rec->header->msg_type, nt_errstr(status))); + talloc_free(tmp_ctx); } DLIST_REMOVE(msg->pending, rec); talloc_free(rec); diff --git a/source4/lib/messaging/messaging.h b/source4/lib/messaging/messaging.h index 4ec69c8f34..08953856a0 100644 --- a/source4/lib/messaging/messaging.h +++ b/source4/lib/messaging/messaging.h @@ -32,6 +32,7 @@ struct messaging_context; #define MSG_IRPC 6 #define MSG_PVFS_NOTIFY 7 #define MSG_NTVFS_OPLOCK_BREAK 8 +#define MSG_DREPL_ALLOCATE_RID 9 /* temporary messaging endpoints are allocated above this line */ #define MSG_TMP_BASE 1000 diff --git a/source4/libcli/config.mk b/source4/libcli/config.mk index 340cd2ae41..f67250d4b0 100644 --- a/source4/libcli/config.mk +++ b/source4/libcli/config.mk @@ -8,6 +8,11 @@ LIBSAMBA-ERRORS_OBJ_FILES = $(addprefix ../libcli/util/, doserr.o ) $(libclisrcd PUBLIC_HEADERS += $(addprefix ../libcli/util/, error.h ntstatus.h doserr.h werror.h) +[SUBSYSTEM::LIBSAMBA_TSOCKET] +PUBLIC_DEPENDENCIES = LIBTSOCKET UTIL_TEVENT + +LIBSAMBA_TSOCKET_OBJ_FILES = $(addprefix ../libcli/util/, tstream.o) + [SUBSYSTEM::LIBCLI_LSA] PUBLIC_DEPENDENCIES = RPC_NDR_LSA PRIVATE_DEPENDENCIES = LIBSECURITY diff --git a/source4/libnet/libnet_become_dc.c b/source4/libnet/libnet_become_dc.c index b8fed68b59..bccdb8d7f2 100644 --- a/source4/libnet/libnet_become_dc.c +++ b/source4/libnet/libnet_become_dc.c @@ -1031,14 +1031,6 @@ static NTSTATUS becomeDC_ldap1_infrastructure_fsmo(struct libnet_BecomeDC_state struct ldb_dn *basedn; struct ldb_dn *ntds_dn; struct ldb_dn *server_dn; - static const char *_1_1_attrs[] = { - "1.1", - NULL - }; - static const char *fsmo_attrs[] = { - "fSMORoleOwner", - NULL - }; static const char *dns_attrs[] = { "dnsHostName", NULL @@ -1048,41 +1040,21 @@ static NTSTATUS becomeDC_ldap1_infrastructure_fsmo(struct libnet_BecomeDC_state NULL }; - basedn = ldb_dn_new_fmt(s, s->ldap1.ldb, "<WKGUID=2fbac1870ade11d297c400c04fd8d5cd,%s>", - s->domain.dn_str); - NT_STATUS_HAVE_NO_MEMORY(basedn); - - ret = ldb_search(s->ldap1.ldb, s, &r, basedn, LDB_SCOPE_BASE, - _1_1_attrs, "(objectClass=*)"); - talloc_free(basedn); + ret = dsdb_wellknown_dn(s->ldap1.ldb, s, samdb_base_dn(s->ldap1.ldb), + DS_GUID_INFRASTRUCTURE_CONTAINER, + &basedn); if (ret != LDB_SUCCESS) { return NT_STATUS_LDAP(ret); - } else if (r->count != 1) { - talloc_free(r); - return NT_STATUS_INVALID_NETWORK_RESPONSE; } - basedn = talloc_steal(s, r->msgs[0]->dn); - talloc_free(r); - - ret = ldb_search(s->ldap1.ldb, s, &r, basedn, LDB_SCOPE_BASE, - fsmo_attrs, "(objectClass=*)"); - talloc_free(basedn); + ret = samdb_reference_dn(s->ldap1.ldb, s, basedn, "fSMORoleOwner", &ntds_dn); if (ret != LDB_SUCCESS) { + talloc_free(basedn); return NT_STATUS_LDAP(ret); - } else if (r->count != 1) { - talloc_free(r); - return NT_STATUS_INVALID_NETWORK_RESPONSE; } - s->infrastructure_fsmo.ntds_dn_str = samdb_result_string(r->msgs[0], "fSMORoleOwner", NULL); - if (!s->infrastructure_fsmo.ntds_dn_str) return NT_STATUS_INVALID_NETWORK_RESPONSE; - talloc_steal(s, s->infrastructure_fsmo.ntds_dn_str); - - talloc_free(r); - - ntds_dn = ldb_dn_new(s, s->ldap1.ldb, s->infrastructure_fsmo.ntds_dn_str); - NT_STATUS_HAVE_NO_MEMORY(ntds_dn); + s->infrastructure_fsmo.ntds_dn_str = ldb_dn_get_linearized(ntds_dn); + NT_STATUS_HAVE_NO_MEMORY(s->infrastructure_fsmo.ntds_dn_str); server_dn = ldb_dn_get_parent(s, ntds_dn); NT_STATUS_HAVE_NO_MEMORY(server_dn); @@ -2951,55 +2923,40 @@ static NTSTATUS becomeDC_ldap2_modify_computer(struct libnet_BecomeDC_state *s) static NTSTATUS becomeDC_ldap2_move_computer(struct libnet_BecomeDC_state *s) { int ret; - struct ldb_result *r; - struct ldb_dn *basedn; struct ldb_dn *old_dn; struct ldb_dn *new_dn; - static const char *_1_1_attrs[] = { - "1.1", - NULL - }; - - basedn = ldb_dn_new_fmt(s, s->ldap2.ldb, "<WKGUID=a361b2ffffd211d1aa4b00c04fd7d83a,%s>", - s->domain.dn_str); - NT_STATUS_HAVE_NO_MEMORY(basedn); - ret = ldb_search(s->ldap2.ldb, s, &r, basedn, LDB_SCOPE_BASE, - _1_1_attrs, "(objectClass=*)"); - talloc_free(basedn); + ret = dsdb_wellknown_dn(s->ldap2.ldb, s, samdb_base_dn(s->ldap2.ldb), + DS_GUID_DOMAIN_CONTROLLERS_CONTAINER, + &new_dn); if (ret != LDB_SUCCESS) { return NT_STATUS_LDAP(ret); - } else if (r->count != 1) { - talloc_free(r); - return NT_STATUS_INVALID_NETWORK_RESPONSE; } - old_dn = ldb_dn_new(r, s->ldap2.ldb, s->dest_dsa.computer_dn_str); - NT_STATUS_HAVE_NO_MEMORY(old_dn); - - new_dn = r->msgs[0]->dn; - if (!ldb_dn_add_child_fmt(new_dn, "CN=%s", s->dest_dsa.netbios_name)) { - talloc_free(r); + talloc_free(new_dn); return NT_STATUS_NO_MEMORY; } + old_dn = ldb_dn_new(new_dn, s->ldap2.ldb, s->dest_dsa.computer_dn_str); + NT_STATUS_HAVE_NO_MEMORY(old_dn); + if (ldb_dn_compare(old_dn, new_dn) == 0) { /* we don't need to rename if the old and new dn match */ - talloc_free(r); + talloc_free(new_dn); return NT_STATUS_OK; } ret = ldb_rename(s->ldap2.ldb, old_dn, new_dn); if (ret != LDB_SUCCESS) { - talloc_free(r); + talloc_free(new_dn); return NT_STATUS_LDAP(ret); } s->dest_dsa.computer_dn_str = ldb_dn_alloc_linearized(s, new_dn); NT_STATUS_HAVE_NO_MEMORY(s->dest_dsa.computer_dn_str); - talloc_free(r); + talloc_free(new_dn); return NT_STATUS_OK; } diff --git a/source4/libnet/libnet_vampire.c b/source4/libnet/libnet_vampire.c index fa7e0bf179..37a9d7e72d 100644 --- a/source4/libnet/libnet_vampire.c +++ b/source4/libnet/libnet_vampire.c @@ -720,7 +720,7 @@ NTSTATUS libnet_Vampire(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, printf("mark ROOTDSE with isSynchronized=TRUE\n"); ldb_ret = ldb_modify(s->ldb, msg); if (ldb_ret != LDB_SUCCESS) { - printf("ldb_modify() failed: %d\n", ldb_ret); + printf("ldb_modify() failed: %d : %s\n", ldb_ret, ldb_errstring(s->ldb)); talloc_free(s); return NT_STATUS_INTERNAL_DB_ERROR; } @@ -730,7 +730,7 @@ NTSTATUS libnet_Vampire(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, triggers the writing of the linked attribute backlinks. */ if (ldb_transaction_prepare_commit(s->ldb) != LDB_SUCCESS) { - printf("Failed to prepare_commit vampire transaction\n"); + printf("Failed to prepare_commit vampire transaction: %s\n", ldb_errstring(s->ldb)); return NT_STATUS_INTERNAL_DB_ERROR; } diff --git a/source4/rpc_server/config.mk b/source4/rpc_server/config.mk index 527770a8cd..5ff1bd5722 100644 --- a/source4/rpc_server/config.mk +++ b/source4/rpc_server/config.mk @@ -188,6 +188,7 @@ dcerpc_drsuapi_OBJ_FILES = $(rpc_serversrcdir)/drsuapi/dcesrv_drsuapi.o \ $(rpc_serversrcdir)/drsuapi/updaterefs.o \ $(rpc_serversrcdir)/drsuapi/getncchanges.o \ $(rpc_serversrcdir)/drsuapi/addentry.o \ + $(rpc_serversrcdir)/drsuapi/writespn.o \ $(rpc_serversrcdir)/drsuapi/drsutil.o ################################################ diff --git a/source4/rpc_server/drsuapi/addentry.c b/source4/rpc_server/drsuapi/addentry.c index ac94daa6a6..f63a96740f 100644 --- a/source4/rpc_server/drsuapi/addentry.c +++ b/source4/rpc_server/drsuapi/addentry.c @@ -43,13 +43,15 @@ static WERROR drsuapi_add_SPNs(struct drsuapi_bind_state *b_state, for (obj = first_object; obj; obj=obj->next_object) { const char *dn_string = obj->object.identifier->dn; struct ldb_dn *dn = ldb_dn_new(mem_ctx, b_state->sam_ctx, dn_string); - struct ldb_result *res; + struct ldb_result *res, *res2; struct ldb_dn *ref_dn; struct GUID ntds_guid; struct ldb_message *msg; struct ldb_message_element *el; const char *ntds_guid_str; const char *dom_string; + const char *attrs2[] = { "dNSHostName", "cn", NULL }; + const char *dNSHostName, *cn; DEBUG(6,(__location__ ": Adding SPNs for %s\n", ldb_dn_get_linearized(dn))); @@ -78,6 +80,18 @@ static WERROR drsuapi_add_SPNs(struct drsuapi_bind_state *b_state, dom_string = lp_dnsdomain(dce_call->conn->dce_ctx->lp_ctx); + /* get the dNSHostName and cn */ + ret = ldb_search(b_state->sam_ctx, mem_ctx, &res2, + ref_dn, LDB_SCOPE_BASE, attrs2, NULL); + if (ret != LDB_SUCCESS) { + DEBUG(0,(__location__ ": Failed to find ref_dn '%s'\n", + ldb_dn_get_linearized(ref_dn))); + return WERR_DS_DRA_INTERNAL_ERROR; + } + + dNSHostName = ldb_msg_find_attr_as_string(res2->msgs[0], "dNSHostName", NULL); + cn = ldb_msg_find_attr_as_string(res2->msgs[0], "cn", NULL); + /* * construct a modify request to add the new SPNs to * the machine account @@ -94,20 +108,25 @@ static WERROR drsuapi_add_SPNs(struct drsuapi_bind_state *b_state, return WERR_NOMEM; } - el->num_values = 2; - el->values = talloc_array(msg->elements, struct ldb_val, 2); - if (el->values == NULL) { + + ldb_msg_add_steal_string(msg, "servicePrincipalName", + talloc_asprintf(el->values, + "E3514235-4B06-11D1-AB04-00C04FC2DCD2/%s/%s", + ntds_guid_str, dom_string)); + ldb_msg_add_steal_string(msg, "servicePrincipalName", + talloc_asprintf(el->values, "ldap/%s._msdcs.%s", + ntds_guid_str, dom_string)); + if (cn) { + ldb_msg_add_steal_string(msg, "servicePrincipalName", + talloc_asprintf(el->values, "ldap/%s", cn)); + } + if (dNSHostName) { + ldb_msg_add_steal_string(msg, "servicePrincipalName", + talloc_asprintf(el->values, "ldap/%s", dNSHostName)); + } + if (el->num_values < 2) { return WERR_NOMEM; } - /* the magic constant is the GUID of the DRSUAPI RPC - interface */ - el->values[0].data = (uint8_t *)talloc_asprintf(el->values, - "E3514235-4B06-11D1-AB04-00C04FC2DCD2/%s/%s", - ntds_guid_str, dom_string); - el->values[0].length = strlen((char *)el->values[0].data); - el->values[1].data = (uint8_t *)talloc_asprintf(el->values, "ldap/%s._msdcs.%s", - ntds_guid_str, dom_string); - el->values[1].length = strlen((char *)el->values[1].data); ret = ldb_modify(b_state->sam_ctx, msg); if (ret != LDB_SUCCESS) { diff --git a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c index 6a6bc8be7e..96cb58ef3e 100644 --- a/source4/rpc_server/drsuapi/dcesrv_drsuapi.c +++ b/source4/rpc_server/drsuapi/dcesrv_drsuapi.c @@ -60,7 +60,7 @@ static WERROR dcesrv_drsuapi_DsBind(struct dcesrv_call_state *dce_call, TALLOC_C /* if this is a DC connecting, give them system level access */ werr = drs_security_level_check(dce_call, NULL); if (W_ERROR_IS_OK(werr)) { - DEBUG(2,(__location__ ": doing DsBind with system_session\n")); + DEBUG(3,(__location__ ": doing DsBind with system_session\n")); auth_info = system_session(dce_call->conn->dce_ctx->lp_ctx); } else { auth_info = dce_call->conn->auth_state.session_info; @@ -378,81 +378,6 @@ static WERROR dcesrv_drsuapi_DsCrackNames(struct dcesrv_call_state *dce_call, TA return WERR_UNKNOWN_LEVEL; } -/* - drsuapi_DsWriteAccountSpn -*/ -static WERROR dcesrv_drsuapi_DsWriteAccountSpn(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, - struct drsuapi_DsWriteAccountSpn *r) -{ - struct drsuapi_bind_state *b_state; - struct dcesrv_handle *h; - - *r->out.level_out = r->in.level; - - DCESRV_PULL_HANDLE_WERR(h, r->in.bind_handle, DRSUAPI_BIND_HANDLE); - b_state = h->data; - - r->out.res = talloc(mem_ctx, union drsuapi_DsWriteAccountSpnResult); - W_ERROR_HAVE_NO_MEMORY(r->out.res); - - switch (r->in.level) { - case 1: { - struct drsuapi_DsWriteAccountSpnRequest1 *req; - struct ldb_message *msg; - int count, i, ret; - req = &r->in.req->req1; - count = req->count; - - msg = ldb_msg_new(mem_ctx); - if (msg == NULL) { - return WERR_NOMEM; - } - - msg->dn = ldb_dn_new(msg, b_state->sam_ctx, req->object_dn); - if ( ! ldb_dn_validate(msg->dn)) { - r->out.res->res1.status = WERR_OK; - return WERR_OK; - } - - /* construct mods */ - for (i = 0; i < count; i++) { - samdb_msg_add_string(b_state->sam_ctx, - msg, msg, "servicePrincipalName", - req->spn_names[i].str); - } - for (i=0;i<msg->num_elements;i++) { - switch (req->operation) { - case DRSUAPI_DS_SPN_OPERATION_ADD: - msg->elements[i].flags = LDB_FLAG_MOD_ADD; - break; - case DRSUAPI_DS_SPN_OPERATION_REPLACE: - msg->elements[i].flags = LDB_FLAG_MOD_REPLACE; - break; - case DRSUAPI_DS_SPN_OPERATION_DELETE: - msg->elements[i].flags = LDB_FLAG_MOD_DELETE; - break; - } - } - - /* Apply to database */ - - ret = ldb_modify(b_state->sam_ctx, msg); - if (ret != 0) { - DEBUG(0,("Failed to modify SPNs on %s: %s\n", - ldb_dn_get_linearized(msg->dn), - ldb_errstring(b_state->sam_ctx))); - r->out.res->res1.status = WERR_ACCESS_DENIED; - } else { - r->out.res->res1.status = WERR_OK; - } - - return WERR_OK; - } - } - - return WERR_UNKNOWN_LEVEL; -} - /* drsuapi_DsRemoveDSServer diff --git a/source4/rpc_server/drsuapi/dcesrv_drsuapi.h b/source4/rpc_server/drsuapi/dcesrv_drsuapi.h index 3a64ef5c9c..ba6bb21145 100644 --- a/source4/rpc_server/drsuapi/dcesrv_drsuapi.h +++ b/source4/rpc_server/drsuapi/dcesrv_drsuapi.h @@ -47,6 +47,8 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_ struct drsuapi_DsGetNCChanges *r); WERROR dcesrv_drsuapi_DsAddEntry(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, struct drsuapi_DsAddEntry *r); +WERROR dcesrv_drsuapi_DsWriteAccountSpn(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, + struct drsuapi_DsWriteAccountSpn *r); char *drs_ObjectIdentifier_to_string(TALLOC_CTX *mem_ctx, struct drsuapi_DsReplicaObjectIdentifier *nc); diff --git a/source4/rpc_server/drsuapi/getncchanges.c b/source4/rpc_server/drsuapi/getncchanges.c index 437dc87ae8..908060a0dd 100644 --- a/source4/rpc_server/drsuapi/getncchanges.c +++ b/source4/rpc_server/drsuapi/getncchanges.c @@ -30,6 +30,7 @@ #include "rpc_server/dcerpc_server_proto.h" #include "../libcli/drsuapi/drsuapi.h" #include "libcli/security/security.h" +#include "lib/util/binsearch.h" /* build a DsReplicaObjectIdentifier from a ldb msg @@ -57,6 +58,29 @@ static struct drsuapi_DsReplicaObjectIdentifier *get_object_identifier(TALLOC_CT return identifier; } +static int udv_compare(const struct GUID *guid1, struct GUID guid2) +{ + return GUID_compare(guid1, &guid2); +} + +/* + see if we can filter an attribute using the uptodateness_vector + */ +static bool udv_filter(const struct drsuapi_DsReplicaCursorCtrEx *udv, + const struct GUID *originating_invocation_id, + uint64_t originating_usn) +{ + const struct drsuapi_DsReplicaCursor *c; + if (udv == NULL) return false; + BINARY_ARRAY_SEARCH(udv->cursors, udv->count, source_dsa_invocation_id, + originating_invocation_id, udv_compare, c); + if (c && originating_usn <= c->highest_usn) { + return true; + } + return false; + +} + /* drsuapi_DsGetNCChanges for one object */ @@ -67,7 +91,8 @@ static WERROR get_nc_changes_build_object(struct drsuapi_DsReplicaObjectListItem struct dsdb_schema *schema, DATA_BLOB *session_key, uint64_t highest_usn, - uint32_t replica_flags) + uint32_t replica_flags, + struct drsuapi_DsReplicaCursorCtrEx *uptodateness_vector) { const struct ldb_val *md_value; int i, n; @@ -77,8 +102,10 @@ static WERROR get_nc_changes_build_object(struct drsuapi_DsReplicaObjectListItem uint32_t *attids; const char *rdn; const struct dsdb_attribute *rdn_sa; + unsigned int instanceType; - if (ldb_dn_compare(ncRoot_dn, msg->dn) == 0) { + instanceType = ldb_msg_find_attr_as_uint(msg, "instanceType", 0); + if (instanceType & INSTANCE_TYPE_IS_NC_HEAD) { obj->is_nc_prefix = true; obj->parent_object_guid = NULL; } else { @@ -156,6 +183,14 @@ static WERROR get_nc_changes_build_object(struct drsuapi_DsReplicaObjectListItem } } + /* filter by uptodateness_vector */ + if (md.ctr.ctr1.array[i].attid != DRSUAPI_ATTRIBUTE_instanceType && + udv_filter(uptodateness_vector, + &md.ctr.ctr1.array[i].originating_invocation_id, + md.ctr.ctr1.array[i].originating_usn)) { + continue; + } + obj->meta_data_ctr->meta_data[n].originating_change_time = md.ctr.ctr1.array[i].originating_change_time; obj->meta_data_ctr->meta_data[n].version = md.ctr.ctr1.array[i].version; obj->meta_data_ctr->meta_data[n].originating_invocation_id = md.ctr.ctr1.array[i].originating_invocation_id; @@ -164,11 +199,15 @@ static WERROR get_nc_changes_build_object(struct drsuapi_DsReplicaObjectListItem n++; } - /* - note that if n==0 we still need to send the change, as it - could be a rename, which changes the uSNChanged, but not any - of the replicated attributes - */ + /* ignore it if its an empty change. Note that renames always + * change the 'name' attribute, so they won't be ignored by + * this */ + if (n == 0 || + (n == 1 && attids[0] == DRSUAPI_ATTRIBUTE_instanceType)) { + talloc_free(obj->meta_data_ctr); + obj->meta_data_ctr = NULL; + return WERR_OK; + } obj->meta_data_ctr->count = n; @@ -302,7 +341,8 @@ static WERROR get_nc_changes_add_links(struct ldb_context *sam_ctx, uint32_t replica_flags, struct ldb_message *msg, struct drsuapi_DsReplicaLinkedAttribute **la_list, - uint32_t *la_count) + uint32_t *la_count, + struct drsuapi_DsReplicaCursorCtrEx *uptodateness_vector) { int i; TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx); @@ -430,6 +470,10 @@ static WERROR get_nc_changes_udv(struct ldb_context *sam_ctx, struct replUpToDateVectorBlob ouv; int i; + udv->version = 2; + udv->reserved1 = 0; + udv->reserved2 = 0; + werr = load_udv(sam_ctx, udv, ncRoot_dn, &ouv); if (!W_ERROR_IS_OK(werr)) { return werr; @@ -564,6 +608,103 @@ static int site_res_cmp_usn_order(const struct ldb_message **m1, const struct ld } +/* + handle a DRSUAPI_EXOP_FSMO_RID_ALLOC call + */ +static WERROR getncchanges_rid_alloc(struct drsuapi_bind_state *b_state, + TALLOC_CTX *mem_ctx, + struct drsuapi_DsGetNCChangesRequest8 *req8, + struct drsuapi_DsGetNCChangesCtr6 *ctr6) +{ + struct ldb_dn *rid_manager_dn, *fsmo_role_dn, *req_dn; + int ret; + struct ldb_context *ldb = b_state->sam_ctx; + struct ldb_result *ext_res; + struct ldb_dn *base_dn; + struct dsdb_fsmo_extended_op *exop; + + /* + steps: + - verify that the DN being asked for is the RID Manager DN + - verify that we are the RID Manager + */ + + /* work out who is the RID Manager */ + ret = samdb_rid_manager_dn(ldb, mem_ctx, &rid_manager_dn); + if (ret != LDB_SUCCESS) { + DEBUG(0, (__location__ ": Failed to find RID Manager object - %s\n", ldb_errstring(ldb))); + return WERR_DS_DRA_INTERNAL_ERROR; + } + + req_dn = ldb_dn_new(mem_ctx, ldb, req8->naming_context->dn); + if (!req_dn || + !ldb_dn_validate(req_dn) || + ldb_dn_compare(req_dn, rid_manager_dn) != 0) { + /* that isn't the RID Manager DN */ + DEBUG(0,(__location__ ": RID Alloc request for wrong DN %s\n", + req8->naming_context->dn)); + ctr6->extended_ret = DRSUAPI_EXOP_ERR_MISMATCH; + return WERR_OK; + } + + /* find the DN of the RID Manager */ + ret = samdb_reference_dn(ldb, mem_ctx, rid_manager_dn, "fSMORoleOwner", &fsmo_role_dn); + if (ret != LDB_SUCCESS) { + DEBUG(0,(__location__ ": Failed to find fSMORoleOwner in RID Manager object - %s\n", + ldb_errstring(ldb))); + ctr6->extended_ret = DRSUAPI_EXOP_ERR_FSMO_NOT_OWNER; + return WERR_DS_DRA_INTERNAL_ERROR; + } + + if (ldb_dn_compare(samdb_ntds_settings_dn(ldb), fsmo_role_dn) != 0) { + /* we're not the RID Manager - go away */ + DEBUG(0,(__location__ ": RID Alloc request when not RID Manager\n")); + ctr6->extended_ret = DRSUAPI_EXOP_ERR_FSMO_NOT_OWNER; + return WERR_OK; + } + + exop = talloc(mem_ctx, struct dsdb_fsmo_extended_op); + W_ERROR_HAVE_NO_MEMORY(exop); + + exop->fsmo_info = req8->fsmo_info; + exop->destination_dsa_guid = req8->destination_dsa_guid; + + ret = ldb_transaction_start(ldb); + if (ret != LDB_SUCCESS) { + DEBUG(0,(__location__ ": Failed transaction start - %s\n", + ldb_errstring(ldb))); + return WERR_DS_DRA_INTERNAL_ERROR; + } + + ret = ldb_extended(ldb, DSDB_EXTENDED_ALLOCATE_RID_POOL, exop, &ext_res); + if (ret != LDB_SUCCESS) { + DEBUG(0,(__location__ ": Failed extended allocation RID pool operation - %s\n", + ldb_errstring(ldb))); + ldb_transaction_cancel(ldb); + return WERR_DS_DRA_INTERNAL_ERROR; + } + + ret = ldb_transaction_commit(ldb); + if (ret != LDB_SUCCESS) { + DEBUG(0,(__location__ ": Failed transaction commit - %s\n", + ldb_errstring(ldb))); + return WERR_DS_DRA_INTERNAL_ERROR; + } + + talloc_free(ext_res); + + base_dn = samdb_base_dn(ldb); + + DEBUG(2,("Allocated RID pool for server %s\n", + GUID_string(mem_ctx, &req8->destination_dsa_guid))); + + ctr6->extended_ret = DRSUAPI_EXOP_ERR_SUCCESS; + + return WERR_OK; +} + + + /* state of a partially completed getncchanges call */ struct drsuapi_getncchanges_state { struct ldb_result *site_res; @@ -574,6 +715,7 @@ struct drsuapi_getncchanges_state { struct ldb_dn *last_dn; struct drsuapi_DsReplicaLinkedAttribute *la_list; uint32_t la_count; + struct drsuapi_DsReplicaCursorCtrEx *uptodateness_vector; }; /* @@ -609,6 +751,7 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_ struct drsuapi_DsGetNCChangesRequest8 *req8; uint32_t options; uint32_t max_objects; + struct ldb_dn *search_dn = NULL; DCESRV_PULL_HANDLE_WERR(h, r->in.bind_handle, DRSUAPI_BIND_HANDLE); b_state = h->data; @@ -669,6 +812,28 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_ return werr; } + /* we don't yet support extended operations */ + switch (req8->extended_op) { + case DRSUAPI_EXOP_NONE: + break; + + case DRSUAPI_EXOP_FSMO_RID_ALLOC: + werr = getncchanges_rid_alloc(b_state, mem_ctx, req8, &r->out.ctr->ctr6); + W_ERROR_NOT_OK_RETURN(werr); + search_dn = samdb_base_dn(b_state->sam_ctx); + break; + + case DRSUAPI_EXOP_FSMO_REQ_ROLE: + case DRSUAPI_EXOP_FSMO_RID_REQ_ROLE: + case DRSUAPI_EXOP_FSMO_REQ_PDC: + case DRSUAPI_EXOP_FSMO_ABANDON_ROLE: + case DRSUAPI_EXOP_REPL_OBJ: + case DRSUAPI_EXOP_REPL_SECRET: + DEBUG(0,(__location__ ": Request for DsGetNCChanges unsupported extended op 0x%x\n", + (unsigned)req8->extended_op)); + return WERR_DS_DRA_NOT_SUPPORTED; + } + getnc_state = b_state->getncchanges_state; /* see if a previous replication has been abandoned */ @@ -706,13 +871,6 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_ return WERR_DS_DRA_INTERNAL_ERROR; } - /* we don't yet support extended operations */ - if (req8->extended_op != DRSUAPI_EXOP_NONE) { - DEBUG(0,(__location__ ": Request for DsGetNCChanges extended op 0x%x\n", - (unsigned)req8->extended_op)); - return WERR_DS_DRA_NOT_SUPPORTED; - } - /* TODO: MS-DRSR section 4.1.10.1.1 Work out if this is the start of a new cycle */ @@ -745,10 +903,14 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_ scope = LDB_SCOPE_BASE; } + if (!search_dn) { + search_dn = getnc_state->ncRoot_dn; + } + DEBUG(1,(__location__ ": getncchanges on %s using filter %s\n", ldb_dn_get_linearized(getnc_state->ncRoot_dn), search_filter)); ret = drsuapi_search_with_extended_dn(b_state->sam_ctx, getnc_state, &getnc_state->site_res, - getnc_state->ncRoot_dn, scope, attrs, + search_dn, scope, attrs, search_filter); if (ret != LDB_SUCCESS) { return WERR_DS_DRA_INTERNAL_ERROR; @@ -766,6 +928,14 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_ (comparison_fn_t)site_res_cmp_usn_order); } + getnc_state->uptodateness_vector = talloc_steal(getnc_state, req8->uptodateness_vector); + if (getnc_state->uptodateness_vector) { + /* make sure its sorted */ + qsort(getnc_state->uptodateness_vector->cursors, + getnc_state->uptodateness_vector->count, + sizeof(getnc_state->uptodateness_vector->cursors[0]), + (comparison_fn_t)drsuapi_DsReplicaCursor_compare); + } } /* Prefix mapping */ @@ -821,7 +991,7 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_ werr = get_nc_changes_build_object(obj, msg, b_state->sam_ctx, getnc_state->ncRoot_dn, schema, &session_key, getnc_state->min_usn, - req8->replica_flags); + req8->replica_flags, getnc_state->uptodateness_vector); if (!W_ERROR_IS_OK(werr)) { return werr; } @@ -832,7 +1002,8 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_ req8->replica_flags, msg, &getnc_state->la_list, - &getnc_state->la_count); + &getnc_state->la_count, + getnc_state->uptodateness_vector); if (!W_ERROR_IS_OK(werr)) { return werr; } @@ -846,7 +1017,7 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_ } if (obj->meta_data_ctr == NULL) { - DEBUG(0,(__location__ ": getncchanges skipping send of object %s\n", + DEBUG(8,(__location__ ": getncchanges skipping send of object %s\n", ldb_dn_get_linearized(msg->dn))); /* no attributes to send */ talloc_free(obj); @@ -902,10 +1073,6 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_ b_state->sam_ctx, (ldb_qsort_cmp_fn_t)linked_attribute_compare); r->out.ctr->ctr6.uptodateness_vector = talloc(mem_ctx, struct drsuapi_DsReplicaCursor2CtrEx); - r->out.ctr->ctr6.uptodateness_vector->version = 2; - r->out.ctr->ctr6.uptodateness_vector->reserved1 = 0; - r->out.ctr->ctr6.uptodateness_vector->reserved2 = 0; - r->out.ctr->ctr6.new_highwatermark.highest_usn = r->out.ctr->ctr6.new_highwatermark.tmp_highest_usn; werr = get_nc_changes_udv(b_state->sam_ctx, getnc_state->ncRoot_dn, @@ -919,6 +1086,12 @@ WERROR dcesrv_drsuapi_DsGetNCChanges(struct dcesrv_call_state *dce_call, TALLOC_ b_state->getncchanges_state = NULL; } + if (req8->extended_op != DRSUAPI_EXOP_NONE) { + r->out.ctr->ctr6.uptodateness_vector = NULL; + r->out.ctr->ctr6.nc_object_count = 0; + ZERO_STRUCT(r->out.ctr->ctr6.new_highwatermark); + } + DEBUG(r->out.ctr->ctr6.more_data?2:1, ("DsGetNCChanges with uSNChanged >= %llu flags 0x%08x on %s gave %u objects (done %d/%d la=%d)\n", (unsigned long long)(req8->highwatermark.highest_usn+1), diff --git a/source4/rpc_server/drsuapi/writespn.c b/source4/rpc_server/drsuapi/writespn.c new file mode 100644 index 0000000000..8e20c88fae --- /dev/null +++ b/source4/rpc_server/drsuapi/writespn.c @@ -0,0 +1,145 @@ +/* + Unix SMB/CIFS implementation. + + implement the DsWriteAccountSpn call + + Copyright (C) Stefan Metzmacher 2009 + Copyright (C) Andrew Tridgell 2010 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "includes.h" +#include "rpc_server/dcerpc_server.h" +#include "dsdb/samdb/samdb.h" +#include "rpc_server/drsuapi/dcesrv_drsuapi.h" + +/* + drsuapi_DsWriteAccountSpn +*/ +WERROR dcesrv_drsuapi_DsWriteAccountSpn(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, + struct drsuapi_DsWriteAccountSpn *r) +{ + struct drsuapi_bind_state *b_state; + struct dcesrv_handle *h; + + *r->out.level_out = r->in.level; + + DCESRV_PULL_HANDLE_WERR(h, r->in.bind_handle, DRSUAPI_BIND_HANDLE); + b_state = h->data; + + r->out.res = talloc(mem_ctx, union drsuapi_DsWriteAccountSpnResult); + W_ERROR_HAVE_NO_MEMORY(r->out.res); + + switch (r->in.level) { + case 1: { + struct drsuapi_DsWriteAccountSpnRequest1 *req; + struct ldb_message *msg; + int count, i, ret; + struct ldb_result *res; + const char *attrs[] = { "servicePrincipalName", NULL }; + struct ldb_message_element *el; + unsigned spn_count=0; + + req = &r->in.req->req1; + count = req->count; + + msg = ldb_msg_new(mem_ctx); + if (msg == NULL) { + return WERR_NOMEM; + } + + msg->dn = ldb_dn_new(msg, b_state->sam_ctx, req->object_dn); + if ( ! ldb_dn_validate(msg->dn)) { + r->out.res->res1.status = WERR_OK; + return WERR_OK; + } + + /* load the existing SPNs, as these are + * ignored for adds and deletes (see MS-DRSR + * section 4.1.28.3) + */ + ret = ldb_search(b_state->sam_ctx, msg, &res, msg->dn, LDB_SCOPE_BASE, + attrs, NULL); + if (ret != LDB_SUCCESS) { + DEBUG(0,("Failed to load existing SPNs on %s: %s\n", + ldb_dn_get_linearized(msg->dn), + ldb_errstring(b_state->sam_ctx))); + r->out.res->res1.status = WERR_DS_OBJ_NOT_FOUND; + return WERR_OK; + } + el = ldb_msg_find_element(res->msgs[0], "servicePrincipalName"); + + /* construct mods */ + for (i = 0; i < count; i++) { + bool found = false; + int j; + for (j=0; el && j<el->num_values; j++) { + if (samdb_ldb_val_case_cmp(req->spn_names[i].str, &el->values[j]) == 0) { + found = true; + break; + } + } + if ((req->operation == DRSUAPI_DS_SPN_OPERATION_ADD && found) || + (req->operation == DRSUAPI_DS_SPN_OPERATION_DELETE && !found)) { + continue; + } + ret = samdb_msg_add_string(b_state->sam_ctx, + msg, msg, "servicePrincipalName", + req->spn_names[i].str); + if (ret != LDB_SUCCESS) { + return WERR_NOMEM; + } + spn_count++; + } + + if (msg->num_elements == 0) { + DEBUG(2,("No SPNs need changing on %s\n", ldb_dn_get_linearized(msg->dn))); + r->out.res->res1.status = WERR_OK; + return WERR_OK; + } + + for (i=0;i<msg->num_elements;i++) { + switch (req->operation) { + case DRSUAPI_DS_SPN_OPERATION_ADD: + msg->elements[i].flags = LDB_FLAG_MOD_ADD; + break; + case DRSUAPI_DS_SPN_OPERATION_REPLACE: + msg->elements[i].flags = LDB_FLAG_MOD_REPLACE; + break; + case DRSUAPI_DS_SPN_OPERATION_DELETE: + msg->elements[i].flags = LDB_FLAG_MOD_DELETE; + break; + } + } + + /* Apply to database */ + + ret = ldb_modify(b_state->sam_ctx, msg); + if (ret != 0) { + DEBUG(0,("Failed to modify SPNs on %s: %s\n", + ldb_dn_get_linearized(msg->dn), + ldb_errstring(b_state->sam_ctx))); + r->out.res->res1.status = WERR_ACCESS_DENIED; + } else { + DEBUG(2,("Modified %u SPNs on %s\n", spn_count, ldb_dn_get_linearized(msg->dn))); + r->out.res->res1.status = WERR_OK; + } + + return WERR_OK; + } + } + + return WERR_UNKNOWN_LEVEL; +} diff --git a/source4/scripting/bin/setup_dns.sh b/source4/scripting/bin/setup_dns.sh index f20ad145c1..de4485fc07 100755 --- a/source4/scripting/bin/setup_dns.sh +++ b/source4/scripting/bin/setup_dns.sh @@ -16,7 +16,7 @@ RSUFFIX=$(echo $DOMAIN | sed s/[\.]/,DC=/g) PRIVATEDIR=$(bin/testparm --section-name=global --parameter-name='private dir' --suppress-prompt 2> /dev/null) } -OBJECTGUID=$(bin/ldbsearch -H "$PRIVATEDIR/sam.ldb" -b "CN=NTDS Settings,CN=$HOSTNAME,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=$RSUFFIX" objectguid|grep ^objectGUID| cut -d: -f2) +OBJECTGUID=$(bin/ldbsearch -s base -H "$PRIVATEDIR/sam.ldb" -b "CN=NTDS Settings,CN=$HOSTNAME,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=$RSUFFIX" objectguid|grep ^objectGUID| cut -d: -f2) echo "Found objectGUID $OBJECTGUID" diff --git a/source4/scripting/bin/upgradeprovision b/source4/scripting/bin/upgradeprovision index da827ace42..23980cd3da 100755 --- a/source4/scripting/bin/upgradeprovision +++ b/source4/scripting/bin/upgradeprovision @@ -66,8 +66,10 @@ GUESS = 0x04 PROVISION = 0x08 CHANGEALL = 0xff -# Attributes that not copied from the reference provision even if they do not exists in the destination object -# This is most probably because they are populated automatcally when object is created +# Attributes that are never copied from the reference provision (even if they +# do not exist in the destination object). +# This is most probably because they are populated automatcally when object is +# created hashAttrNotCopied = { "dn": 1,"whenCreated": 1,"whenChanged": 1,"objectGUID": 1,"replPropertyMetaData": 1,"uSNChanged": 1,\ "uSNCreated": 1,"parentGUID": 1,"objectCategory": 1,"distinguishedName": 1,\ "showInAdvancedViewOnly": 1,"instanceType": 1, "cn": 1, "msDS-Behavior-Version":1, "nextRid":1,\ @@ -75,8 +77,9 @@ hashAttrNotCopied = { "dn": 1,"whenCreated": 1,"whenChanged": 1,"objectGUID": 1 "dBCSPwd":1,"supplementalCredentials":1,"gPCUserExtensionNames":1, "gPCMachineExtensionNames":1,\ "maxPwdAge":1, "mail":1, "secret":1,"possibleInferiors":1, "sAMAccountType":1} -# Usually for an object that already exists we do not overwrite attributes as they might have been changed for good -# reasons. Anyway for a few of thems it's mandatory to replace them otherwise the provision will be broken somehow. +# Usually for an object that already exists we do not overwrite attributes as +# they might have been changed for good reasons. Anyway for a few of them it's +# mandatory to replace them otherwise the provision will be broken somehow. hashOverwrittenAtt = { "prefixMap": replace, "systemMayContain": replace,"systemOnly":replace, "searchFlags":replace,\ "mayContain":replace, "systemFlags":replace,"description":replace, "oEMInformation":replace, "operatingSystemVersion":replace, "adminPropertyPages":replace, @@ -167,11 +170,13 @@ def get_paths(targetdir=None,smbconf=None): lp = param.LoadParm() lp.load(smbconf) -# Normaly we need the domain name for this function but for our needs it's pointless +# Normally we need the domain name for this function but for our needs it's +# pointless paths = provision_paths_from_lp(lp,"foo") return paths -# This function guess(fetch) informations needed to make a fresh provision from the current provision +# This function guesses (fetches) informations needed to make a fresh provision +# from the current provision # It includes: realm, workgroup, partitions, netbiosname, domain guid, ... def guess_names_from_current_provision(credentials,session_info,paths): lp = param.LoadParm() @@ -191,11 +196,13 @@ def guess_names_from_current_provision(credentials,session_info,paths): names.netbiosname = str(res[0]["sAMAccountName"]).replace("$","") names.smbconf = smbconf - #It's important here to let ldb load with the old module or it's quite certain that the LDB won't load ... + # It's important here to let ldb load with the old module or it's quite + # certain that the LDB won't load ... samdb = Ldb(paths.samdb, session_info=session_info, credentials=credentials, lp=lp, options=["modules:samba_dsdb"]) - # That's a bit simplistic but it's ok as long as we have only 3 partitions + # That's a bit simplistic but it's ok as long as we have only 3 + # partitions attrs2 = ["defaultNamingContext", "schemaNamingContext","configurationNamingContext","rootDomainNamingContext"] current = samdb.search(expression="(objectClass=*)",base="", scope=SCOPE_BASE, attrs=attrs2) @@ -311,9 +318,10 @@ def newprovision(names,setup_dir,creds,session,smbconf): ldap_dryrun_mode=None) return provdir -# This function sorts two dn in the lexicographical order and put higher level DN before -# So given the dns cn=bar,cn=foo and cn=foo the later will be return as smaller (-1) as it has less -# level +# This function sorts two DNs in the lexicographical order and put higher level +# DN before. +# So given the dns cn=bar,cn=foo and cn=foo the later will be return as smaller +# (-1) as it has less level def dn_sort(x,y): p = re.compile(r'(?<!\\),') tab1 = p.split(str(x)) @@ -343,7 +351,7 @@ def dn_sort(x,y): return -1 return ret -# check from security descriptors modifications return 1 if it is 0 otherwise +# Check for security descriptors modifications return 1 if it is and 0 otherwise # it also populate hash structure for later use in the upgrade process def handle_security_desc(ischema,att,msgElt,hashallSD,old,new): if ischema == 1 and att == "defaultSecurityDescriptor" and msgElt.flags() == ldb.FLAG_MOD_REPLACE: @@ -361,8 +369,8 @@ def handle_security_desc(ischema,att,msgElt,hashallSD,old,new): return 1 return 0 -# Hangle special cases ... That's when we want to update an attribute only -# if it has a certain value or if it's for a certain object or +# Handle special cases ... That's when we want to update a particular attribute +# only, e.g. if it has a certain value or if it's for a certain object or # a class of object. # It can be also if we want to do a merge of value instead of a simple replace def handle_special_case(att,delta,new,old,ischema): @@ -431,7 +439,8 @@ def update_secrets(newpaths,paths,creds,session): for i in range(0,len(reference)): hash_new[str(reference[i]["dn"]).lower()] = reference[i]["dn"] - # Create a hash for speeding the search of existing object in the current provision + # Create a hash for speeding the search of existing object in the + # current provision for i in range(0,len(current)): hash[str(current[i]["dn"]).lower()] = current[i]["dn"] @@ -486,9 +495,9 @@ def update_secrets(newpaths,paths,creds,session): # Check difference between the current provision and the reference provision. -# It looks for all object which base DN is name if ischema is false then scan is done in -# cross partition mode. -# If ischema is true, then special handling is done for dealing with schema +# It looks for all objects which base DN is name. If ischema is "false" then +# the scan is done in cross partition mode. +# If "ischema" is true, then special handling is done for dealing with schema def check_diff_name(newpaths,paths,creds,session,basedn,names,ischema): hash_new = {} hash = {} @@ -497,7 +506,8 @@ def check_diff_name(newpaths,paths,creds,session,basedn,names,ischema): listPresent = [] reference = [] current = [] - # Connect to the reference provision and get all the attribute in the partition referred by name + # Connect to the reference provision and get all the attribute in the + # partition referred by name newsam_ldb = Ldb(newpaths.samdb, session_info=session, credentials=creds,lp=lp) sam_ldb = Ldb(paths.samdb, session_info=session, credentials=creds,lp=lp, options=["modules:samba_dsdb"]) sam_ldb.transaction_start() @@ -513,7 +523,8 @@ def check_diff_name(newpaths,paths,creds,session,basedn,names,ischema): for i in range(0,len(reference)): hash_new[str(reference[i]["dn"]).lower()] = reference[i]["dn"] - # Create a hash for speeding the search of existing object in the current provision + # Create a hash for speeding the search of existing object in the + # current provision for i in range(0,len(current)): hash[str(current[i]["dn"]).lower()] = current[i]["dn"] @@ -523,40 +534,78 @@ def check_diff_name(newpaths,paths,creds,session,basedn,names,ischema): else: listPresent.append(hash_new[k]) - # Sort the missing object in order to have object of the lowest level first (which can be - # containers for higher level objects) + # Sort the missing object in order to have object of the lowest level + # first (which can be containers for higher level objects) listMissing.sort(dn_sort) listPresent.sort(dn_sort) if ischema: - # The following lines (up to the for loop) is to load the up to date schema into our current LDB - # a complete schema is needed as the insertion of attributes and class is done against it + # The following lines (up to the for loop) is to load the up to + # date schema into our current LDB + # a complete schema is needed as the insertion of attributes + # and class is done against it # and the schema is self validated - # The double ldb open and schema validation is taken from the initial provision script + # The double ldb open and schema validation is taken from the + # initial provision script # it's not certain that it is really needed .... sam_ldb = Ldb(session_info=session, credentials=creds, lp=lp) schema = Schema(setup_path, names.domainsid, schemadn=basedn, serverdn=str(names.serverdn)) # Load the schema from the one we computed earlier sam_ldb.set_schema_from_ldb(schema.ldb) - # And now we can connect to the DB - the schema won't be loaded from the DB + # And now we can connect to the DB - the schema won't be loaded + # from the DB sam_ldb.connect(paths.samdb) else: sam_ldb = Ldb(paths.samdb, session_info=session, credentials=creds,lp=lp, options=["modules:samba_dsdb"]) sam_ldb.transaction_start() - empty = ldb.Message() - message(SIMPLE,"There are %d missing objects"%(len(listMissing))) - for dn in listMissing: - reference = newsam_ldb.search(expression="dn=%s"%(str(dn)),base=basedn, scope=SCOPE_SUBTREE,controls=["search_options:1:2"]) - delta = sam_ldb.msg_diff(empty,reference[0]) - for att in hashAttrNotCopied.keys(): - delta.remove(att) - for att in backlinked: - delta.remove(att) - delta.dn = dn + err_num = 0 + err_msg = "" + while len(listMissing) > 0: + listMissing2 = [] + + empty = ldb.Message() + message(SIMPLE,"There are still %d objects missing"%(len(listMissing))) - sam_ldb.add(delta,["relax:0"]) + for dn in listMissing: + reference = newsam_ldb.search(expression="dn=%s" % (str(dn)), + base=basedn, scope=SCOPE_SUBTREE, + controls=["search_options:1:2"]) + delta = sam_ldb.msg_diff(empty,reference[0]) + for att in hashAttrNotCopied.keys(): + delta.remove(att) + for att in backlinked: + delta.remove(att) + delta.dn = dn + + try: + sam_ldb.add(delta,["relax:0"]) + # This is needed here since otherwise the + # "replmd_meta_data" module doesn't see the + # updated data + sam_ldb.transaction_commit() + sam_ldb.transaction_start() + except LdbError, (num, msg): + # An exception can happen if a linked object + # doesn't exist which can happen if it is also + # to be added + err_num = num + err_msg = msg + listMissing2.append(dn) + + if len(listMissing2) == len(listMissing): + # We couldn't add any object in this iteration -> + # we have to resign and hope that the user manually + # fixes the damage + + message(ERROR, "The script isn't capable to do the upgrade fully automatically!") + message(ERROR, "Often this happens when important system objects moved their location. Please look for them (for example doable using the displayed 'sAMAccountName' attribute), backup if personally changed and remove them.") + message(ERROR, "Reinvoke this script and reapply eventual modifications done before. It is possible to get this error more than once (for each problematic object).") + + raise LdbError(err_num, err_msg) + + listMissing = listMissing2 changed = 0 for dn in listPresent: @@ -626,7 +675,8 @@ def check_updated_sd(newpaths,paths,creds,session,names): print "%s new sddl/sddl in ref"%key print "%s\n%s"%(sddl,hash_new[key]) -# Simple update method for updating the SD that rely on the fact that nobody should have modified the SD +# Simple update method for updating the SD that rely on the fact that nobody +# should have modified the SD # This assumption is safe right now (alpha9) but should be removed asap def update_sd(paths,creds,session,names): sam_ldb = Ldb(paths.samdb, session_info=session, credentials=creds,lp=lp,options=["modules:samba_dsdb"]) @@ -748,7 +798,7 @@ def update_machine_account_password(paths,creds,session,names): secretsdb_self_join(secrets_ldb, domain=names.domain, realm=names.realm, - domainsid=names.domainsid, + domainsid=names.domainsid, dnsdomain=names.dnsdomain, netbiosname=names.netbiosname, machinepass=machinepass, diff --git a/source4/scripting/devel/tmpfs.sh b/source4/scripting/devel/tmpfs.sh new file mode 100755 index 0000000000..5604f68dd7 --- /dev/null +++ b/source4/scripting/devel/tmpfs.sh @@ -0,0 +1,13 @@ +#!/bin/bash + +# This sets up bin/ and st/ as tmpfs filesystems, which saves a lot of +# time waiting on the disk! + +rm -rf bin st +mkdir -p bin st || exit 1 +sudo mount -t tmpfs /dev/null bin || exit 1 +sudo chown $USER bin || exit 1 +echo "tmpfs setup for bin/" +sudo mount -t tmpfs /dev/null st || exit 1 +sudo chown $USER st || exit 1 +echo "tmpfs setup for st/" diff --git a/source4/scripting/python/samba/__init__.py b/source4/scripting/python/samba/__init__.py index 5d61c1bd8c..d7df6b979b 100644 --- a/source4/scripting/python/samba/__init__.py +++ b/source4/scripting/python/samba/__init__.py @@ -255,7 +255,10 @@ class Ldb(ldb.Ldb): :param ldif: LDIF text. """ for changetype, msg in self.parse_ldif(ldif): - self.modify(msg, controls) + if (changetype == ldb.CHANGETYPE_ADD): + self.add(msg, controls) + else: + self.modify(msg, controls) def set_domain_sid(self, sid): """Change the domain SID used by this LDB. diff --git a/source4/scripting/python/samba/ms_schema.py b/source4/scripting/python/samba/ms_schema.py index a4eed581c6..9f5ebcf8cc 100644 --- a/source4/scripting/python/samba/ms_schema.py +++ b/source4/scripting/python/samba/ms_schema.py @@ -229,6 +229,8 @@ def __transform_entry(entry, objectClass): entry.insert(1, ["objectClass", ["top", objectClass]]) entry.insert(2, ["cn", cn]) entry.insert(2, ["objectGUID", str(uuid.uuid4())]) + entry.insert(2, ["adminDescription", cn]) + entry.insert(2, ["adminDisplayName", cn]) for l in entry: key = l[0].lower() diff --git a/source4/scripting/python/samba/provision.py b/source4/scripting/python/samba/provision.py index d7d0a790ca..a71b561a86 100644 --- a/source4/scripting/python/samba/provision.py +++ b/source4/scripting/python/samba/provision.py @@ -793,9 +793,9 @@ def setup_self_join(samdb, names, "DEFAULTSITE": names.sitename, "DNSNAME": "%s.%s" % (names.hostname, names.dnsdomain), "MACHINEPASS_B64": b64encode(machinepass), - "DNSPASS_B64": b64encode(dnspass), "REALM": names.realm, "DOMAIN": names.domain, + "DOMAINSID": str(domainsid), "DNSDOMAIN": names.dnsdomain, "SAMBA_VERSION_STRING": version, "NTDSGUID": ntdsguid_line, @@ -824,7 +824,8 @@ def setup_self_join(samdb, names, "DEFAULTSITE": names.sitename, "SERVERDN": names.serverdn, "NETBIOSNAME": names.netbiosname, - "NTDSGUID": names.ntdsguid + "NTDSGUID": names.ntdsguid, + "DNSPASS_B64": b64encode(dnspass), }) @@ -892,10 +893,7 @@ def setup_samdb(path, setup_path, session_info, provision_backend, lp, samdb.set_opaque_integer("domainControllerFunctionality", domainControllerFunctionality) samdb.set_domain_sid(str(domainsid)) - if serverrole == "domain controller": - samdb.set_invocation_id(invocationid) - # NOTE: the invocationid for standalone and member server - # cases is setup in the sambd_dsdb module init function + samdb.set_invocation_id(invocationid) message("Adding DomainDN: %s" % names.domaindn) @@ -945,6 +943,14 @@ def setup_samdb(path, setup_path, session_info, provision_backend, lp, setup_add_ldif(samdb, setup_path("aggregate_schema.ldif"), {"SCHEMADN": names.schemadn}) + message("Reopening sam.ldb with new schema"); + samdb.transaction_commit() + samdb = Ldb(session_info=session_info, + credentials=provision_backend.credentials, lp=lp) + samdb.connect(path) + samdb.transaction_start() + samdb.set_invocation_id(invocationid) + message("Setting up sam.ldb configuration data") setup_add_ldif(samdb, setup_path("provision_configuration.ldif"), { "CONFIGDN": names.configdn, @@ -1003,21 +1009,20 @@ def setup_samdb(path, setup_path, session_info, provision_backend, lp, "KRBTGTPASS_B64": b64encode(krbtgtpass), }) - if serverrole == "domain controller": - message("Setting up self join") - setup_self_join(samdb, names=names, invocationid=invocationid, - dnspass=dnspass, - machinepass=machinepass, - domainsid=domainsid, policyguid=policyguid, - policyguid_dc=policyguid_dc, - setup_path=setup_path, - domainControllerFunctionality=domainControllerFunctionality, - ntdsguid=ntdsguid) - - ntds_dn = "CN=NTDS Settings,CN=%s,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,%s" % (names.hostname, names.domaindn) - names.ntdsguid = samdb.searchone(basedn=ntds_dn, - attribute="objectGUID", expression="", scope=SCOPE_BASE) - assert isinstance(names.ntdsguid, str) + message("Setting up self join") + setup_self_join(samdb, names=names, invocationid=invocationid, + dnspass=dnspass, + machinepass=machinepass, + domainsid=domainsid, policyguid=policyguid, + policyguid_dc=policyguid_dc, + setup_path=setup_path, + domainControllerFunctionality=domainControllerFunctionality, + ntdsguid=ntdsguid) + + ntds_dn = "CN=NTDS Settings,CN=%s,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,%s" % (names.hostname, names.domaindn) + names.ntdsguid = samdb.searchone(basedn=ntds_dn, + attribute="objectGUID", expression="", scope=SCOPE_BASE) + assert isinstance(names.ntdsguid, str) except: samdb.transaction_cancel() @@ -1136,7 +1141,7 @@ def provision(setup_dir, message, session_info, serverrole = lp.get("server role") assert serverrole in ("domain controller", "member server", "standalone") - if invocationid is None and serverrole == "domain controller": + if invocationid is None: invocationid = str(uuid.uuid4()) if not os.path.exists(paths.private_dir): diff --git a/source4/scripting/python/samba/schema.py b/source4/scripting/python/samba/schema.py index 8913e53b00..f702e9829f 100644 --- a/source4/scripting/python/samba/schema.py +++ b/source4/scripting/python/samba/schema.py @@ -35,16 +35,20 @@ from ldb import SCOPE_SUBTREE, SCOPE_ONELEVEL, SCOPE_BASE import os def get_schema_descriptor(domain_sid): - sddl = "O:SAG:SAD:(A;CI;RPLCLORC;;;AU)(A;CI;RPWPCRCCLCLORCWOWDSW;;;SA)" \ - "(A;CI;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)" \ - "(OA;;CR;1131f6ad-9c07-11d1-f79f-00c04fc2dcd2;;ED)" \ - "(OA;;CR;89e95b76-444d-4c62-991a-0facbeda640c;;ED)" \ - "(OA;;CR;1131f6ad-9c07-11d1-f79f-00c04fc2dcd2;;BA)" \ - "(OA;;CR;89e95b76-444d-4c62-991a-0facbeda640c;;BA)" \ - "S:(AU;SA;WPCCDCWOWDSDDTSW;;;WD)" \ - "(AU;CISA;WP;;;WD)(AU;SA;CR;;;BA)" \ - "(AU;SA;CR;;;DU)(OU;SA;CR;e12b56b6-0a95-11d1-adbb-00c04fd8d5cd;;WD)" \ - "(OU;SA;CR;45ec5156-db7e-47bb-b53f-dbeb2d03c40f;;WD)" + sddl = "O:SAG:SAD:AI(OA;;CR;89e95b76-444d-4c62-991a-0facbeda640c" \ + ";;ER)(OA;;CR;1131f6aa-9c07-11d1-f79f-00c04fc2dcd2;;ER)(OA;;CR;1131f6ad-9c07-1" \ + "1d1-f79f-00c04fc2dcd2;;ER)(OA;;CR;e12b56b6-0a95-11d1-adbb-00c04fd8d5cd;;SA)(O" \ + "A;;CR;89e95b76-444d-4c62-991a-0facbeda640c;;BA)(OA;;CR;1131f6aa-9c07-11d1-f79" \ + "f-00c04fc2dcd2;;BA)(OA;;CR;1131f6ab-9c07-11d1-f79f-00c04fc2dcd2;;BA)(OA;;CR;1" \ + "131f6ac-9c07-11d1-f79f-00c04fc2dcd2;;BA)(OA;;CR;1131f6ad-9c07-11d1-f79f-00c04" \ + "fc2dcd2;;BA)(OA;;CR;89e95b76-444d-4c62-991a-0facbeda640c;;ED)(OA;;CR;1131f6aa" \ + "-9c07-11d1-f79f-00c04fc2dcd2;;ED)(OA;;CR;1131f6ab-9c07-11d1-f79f-00c04fc2dcd2" \ + ";;ED)(OA;;CR;1131f6ac-9c07-11d1-f79f-00c04fc2dcd2;;ED)(OA;;CR;1131f6ad-9c07-1" \ + "1d1-f79f-00c04fc2dcd2;;ED)(A;;RPWPCCDCLCLORCWOWDSDDTSW;;;LA)(A;CI;RPWPCRCCLCL" \ + "ORCWOWDSW;;;SA)(A;CI;RPLCLORC;;;AU)(A;CI;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)S:(O" \ + "U;SA;CR;45ec5156-db7e-47bb-b53f-dbeb2d03c40f;;WD)(OU;SA;CR;e12b56b6-0a95-11d1" \ + "-adbb-00c04fd8d5cd;;WD)(AU;SA;CR;;;DU)(AU;SA;CR;;;BA)(AU;SA;WPCCDCWOWDSDDTSW;" \ + ";;WD)(AU;CISA;WP;;;WD)" sec = security.descriptor.from_sddl(sddl, domain_sid) return ndr_pack(sec) @@ -64,8 +68,8 @@ class Schema(object): self.schemadn = schemadn self.ldb = Ldb() - self.schema_data = read_ms_schema(setup_path('ad-schema/MS-AD_Schema_2K8_Attributes.txt'), - setup_path('ad-schema/MS-AD_Schema_2K8_Classes.txt')) + self.schema_data = read_ms_schema(setup_path('ad-schema/MS-AD_Schema_2K8_R2_Attributes.txt'), + setup_path('ad-schema/MS-AD_Schema_2K8_R2_Classes.txt')) if files is not None: for file in files: diff --git a/source4/selftest/knownfail b/source4/selftest/knownfail index 93a9f38cd2..0c3fd7ca98 100644 --- a/source4/selftest/knownfail +++ b/source4/selftest/knownfail @@ -40,6 +40,7 @@ rpc.netlogon.*.DatabaseRedo rpc.netlogon.*.ServerGetTrustInfo rpc.netlogon.*.GetDomainInfo # Also fails against W2K8 (but in a different way) samba4.rpc.samr.passwords.pwdlastset # Not provided by Samba 4 yet +samba4.rpc.samr.passwords.badpwdcount # Not provided by Samba 4 yet samba4.rpc.samr.users.privileges samba4.rpc.spoolss # Not provided by Samba 4 yet base.charset.*.Testing partial surrogate diff --git a/source4/setup/ad-schema/MS-AD_Schema_2K8_R2_Attributes.txt b/source4/setup/ad-schema/MS-AD_Schema_2K8_R2_Attributes.txt new file mode 100644 index 0000000000..fef134794e --- /dev/null +++ b/source4/setup/ad-schema/MS-AD_Schema_2K8_R2_Attributes.txt @@ -0,0 +1,16060 @@ +#Intellectual Property Rights Notice for Protocol Documentation +#• Copyrights. This protocol documentation is covered by Microsoft copyrights. Regardless of any other terms that are contained in the terms of use for the Microsoft website that hosts this documentation, you may make copies of it in order to develop implementations of the protocols, and may distribute portions of it in your implementations of the protocols or your documentation as necessary to properly document the implementation. You may also distribute in your implementation, with or without modification, any schema, IDL’s, or code samples that are included in the documentation. This permission also applies to any documents that are referenced in the protocol documentation. +#• No Trade Secrets. Microsoft does not claim any trade secret rights in this documentation. +#• Patents. Microsoft has patents that may cover your implementations of the protocols. Neither this notice nor Microsoft's delivery of the documentation grants any licenses under those or any other Microsoft patents. However, the protocols may be covered by Microsoft’s Open Specification Promise (available here: http://www.microsoft.com/interop/osp). If you would prefer a written license, or if the protocols are not covered by the OSP, patent licenses are available by contacting protocol@microsoft.com. +#• Trademarks. The names of companies and products contained in this documentation may be covered by trademarks or similar intellectual property rights. This notice does not grant any licenses under those rights. +#Reservation of Rights. All other rights are reserved, and this notice does not grant any rights other than specifically described above, whether by implication, estoppel, or otherwise. +#Tools. This protocol documentation is intended for use in conjunction with publicly available standard specifications and network programming art, and assumes that the reader either is familiar with the aforementioned material or has immediate access to it. A protocol specification does not require the use of Microsoft programming tools or programming environments in order for you to develop an implementation. If you have access to Microsoft programming tools and environments you are free to take advantage of them. +# + + +cn: Account-Expires +ldapDisplayName: accountExpires +attributeId: 1.2.840.113556.1.4.159 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf967915-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +attributeSecurityGuid: 4c164200-20c0-11d0-a768-00aa006e0529 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Account-Name-History +ldapDisplayName: accountNameHistory +attributeId: 1.2.840.113556.1.4.1307 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 031952ec-3b72-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Aggregate-Token-Rate-Per-User +ldapDisplayName: aCSAggregateTokenRatePerUser +attributeId: 1.2.840.113556.1.4.760 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 7f56127d-5301-11d1-a9c5-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Allocable-RSVP-Bandwidth +ldapDisplayName: aCSAllocableRSVPBandwidth +attributeId: 1.2.840.113556.1.4.766 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 7f561283-5301-11d1-a9c5-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Cache-Timeout +ldapDisplayName: aCSCacheTimeout +attributeId: 1.2.840.113556.1.4.779 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 1cb355a1-56d0-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Direction +ldapDisplayName: aCSDirection +attributeId: 1.2.840.113556.1.4.757 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 7f56127a-5301-11d1-a9c5-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-DSBM-DeadTime +ldapDisplayName: aCSDSBMDeadTime +attributeId: 1.2.840.113556.1.4.778 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 1cb355a0-56d0-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-DSBM-Priority +ldapDisplayName: aCSDSBMPriority +attributeId: 1.2.840.113556.1.4.776 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 1cb3559e-56d0-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-DSBM-Refresh +ldapDisplayName: aCSDSBMRefresh +attributeId: 1.2.840.113556.1.4.777 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 1cb3559f-56d0-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Enable-ACS-Service +ldapDisplayName: aCSEnableACSService +attributeId: 1.2.840.113556.1.4.770 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 7f561287-5301-11d1-a9c5-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Enable-RSVP-Accounting +ldapDisplayName: aCSEnableRSVPAccounting +attributeId: 1.2.840.113556.1.4.899 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: f072230e-aef5-11d1-bdcf-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Enable-RSVP-Message-Logging +ldapDisplayName: aCSEnableRSVPMessageLogging +attributeId: 1.2.840.113556.1.4.768 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 7f561285-5301-11d1-a9c5-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Event-Log-Level +ldapDisplayName: aCSEventLogLevel +attributeId: 1.2.840.113556.1.4.769 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 7f561286-5301-11d1-a9c5-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Identity-Name +ldapDisplayName: aCSIdentityName +attributeId: 1.2.840.113556.1.4.784 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: dab029b6-ddf7-11d1-90a5-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Max-Aggregate-Peak-Rate-Per-User +ldapDisplayName: aCSMaxAggregatePeakRatePerUser +attributeId: 1.2.840.113556.1.4.897 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: f072230c-aef5-11d1-bdcf-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Max-Duration-Per-Flow +ldapDisplayName: aCSMaxDurationPerFlow +attributeId: 1.2.840.113556.1.4.761 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 7f56127e-5301-11d1-a9c5-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Maximum-SDU-Size +ldapDisplayName: aCSMaximumSDUSize +attributeId: 1.2.840.113556.1.4.1314 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 87a2d8f9-3b90-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Max-No-Of-Account-Files +ldapDisplayName: aCSMaxNoOfAccountFiles +attributeId: 1.2.840.113556.1.4.901 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: f0722310-aef5-11d1-bdcf-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Max-No-Of-Log-Files +ldapDisplayName: aCSMaxNoOfLogFiles +attributeId: 1.2.840.113556.1.4.774 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 1cb3559c-56d0-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Max-Peak-Bandwidth +ldapDisplayName: aCSMaxPeakBandwidth +attributeId: 1.2.840.113556.1.4.767 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 7f561284-5301-11d1-a9c5-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Max-Peak-Bandwidth-Per-Flow +ldapDisplayName: aCSMaxPeakBandwidthPerFlow +attributeId: 1.2.840.113556.1.4.759 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 7f56127c-5301-11d1-a9c5-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Max-Size-Of-RSVP-Account-File +ldapDisplayName: aCSMaxSizeOfRSVPAccountFile +attributeId: 1.2.840.113556.1.4.902 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: f0722311-aef5-11d1-bdcf-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Max-Size-Of-RSVP-Log-File +ldapDisplayName: aCSMaxSizeOfRSVPLogFile +attributeId: 1.2.840.113556.1.4.775 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 1cb3559d-56d0-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Max-Token-Bucket-Per-Flow +ldapDisplayName: aCSMaxTokenBucketPerFlow +attributeId: 1.2.840.113556.1.4.1313 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 81f6e0df-3b90-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Max-Token-Rate-Per-Flow +ldapDisplayName: aCSMaxTokenRatePerFlow +attributeId: 1.2.840.113556.1.4.758 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 7f56127b-5301-11d1-a9c5-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Minimum-Delay-Variation +ldapDisplayName: aCSMinimumDelayVariation +attributeId: 1.2.840.113556.1.4.1317 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 9c65329b-3b90-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Minimum-Latency +ldapDisplayName: aCSMinimumLatency +attributeId: 1.2.840.113556.1.4.1316 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 9517fefb-3b90-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Minimum-Policed-Size +ldapDisplayName: aCSMinimumPolicedSize +attributeId: 1.2.840.113556.1.4.1315 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 8d0e7195-3b90-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Non-Reserved-Max-SDU-Size +ldapDisplayName: aCSNonReservedMaxSDUSize +attributeId: 1.2.840.113556.1.4.1320 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: aec2cfe3-3b90-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Non-Reserved-Min-Policed-Size +ldapDisplayName: aCSNonReservedMinPolicedSize +attributeId: 1.2.840.113556.1.4.1321 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: b6873917-3b90-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Non-Reserved-Peak-Rate +ldapDisplayName: aCSNonReservedPeakRate +attributeId: 1.2.840.113556.1.4.1318 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: a331a73f-3b90-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Non-Reserved-Token-Size +ldapDisplayName: aCSNonReservedTokenSize +attributeId: 1.2.840.113556.1.4.1319 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: a916d7c9-3b90-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Non-Reserved-Tx-Limit +ldapDisplayName: aCSNonReservedTxLimit +attributeId: 1.2.840.113556.1.4.780 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 1cb355a2-56d0-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Non-Reserved-Tx-Size +ldapDisplayName: aCSNonReservedTxSize +attributeId: 1.2.840.113556.1.4.898 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: f072230d-aef5-11d1-bdcf-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Permission-Bits +ldapDisplayName: aCSPermissionBits +attributeId: 1.2.840.113556.1.4.765 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 7f561282-5301-11d1-a9c5-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Policy-Name +ldapDisplayName: aCSPolicyName +attributeId: 1.2.840.113556.1.4.772 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 1cb3559a-56d0-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Priority +ldapDisplayName: aCSPriority +attributeId: 1.2.840.113556.1.4.764 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 7f561281-5301-11d1-a9c5-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-RSVP-Account-Files-Location +ldapDisplayName: aCSRSVPAccountFilesLocation +attributeId: 1.2.840.113556.1.4.900 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f072230f-aef5-11d1-bdcf-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-RSVP-Log-Files-Location +ldapDisplayName: aCSRSVPLogFilesLocation +attributeId: 1.2.840.113556.1.4.773 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 1cb3559b-56d0-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Server-List +ldapDisplayName: aCSServerList +attributeId: 1.2.840.113556.1.4.1312 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 7cbd59a5-3b90-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Service-Type +ldapDisplayName: aCSServiceType +attributeId: 1.2.840.113556.1.4.762 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 7f56127f-5301-11d1-a9c5-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Time-Of-Day +ldapDisplayName: aCSTimeOfDay +attributeId: 1.2.840.113556.1.4.756 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 7f561279-5301-11d1-a9c5-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Total-No-Of-Flows +ldapDisplayName: aCSTotalNoOfFlows +attributeId: 1.2.840.113556.1.4.763 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 7f561280-5301-11d1-a9c5-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Additional-Information +ldapDisplayName: notes +attributeId: 1.2.840.113556.1.4.265 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 6d05fb41-246b-11d0-a9c8-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 32768 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Additional-Trusted-Service-Names +ldapDisplayName: additionalTrustedServiceNames +attributeId: 1.2.840.113556.1.4.889 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 032160be-9824-11d1-aec0-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Address +ldapDisplayName: streetAddress +attributeId: 1.2.840.113556.1.2.256 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f0f8ff84-1191-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 1024 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 14889 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Address-Book-Roots +ldapDisplayName: addressBookRoots +attributeId: 1.2.840.113556.1.4.1244 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: f70b6e48-06f4-11d2-aa53-00c04fd7d83a +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Address-Book-Roots2 +ldapDisplayName: addressBookRoots2 +attributeId: 1.2.840.113556.1.4.2046 +attributeSyntax: 2.5.5.1 +linkID: 2122 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 508ca374-a511-4e4e-9f4f-856f61a6b7e4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Address-Entry-Display-Table +ldapDisplayName: addressEntryDisplayTable +attributeId: 1.2.840.113556.1.2.324 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 5fd42461-1262-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 32768 +mapiID: 32791 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Address-Entry-Display-Table-MSDOS +ldapDisplayName: addressEntryDisplayTableMSDOS +attributeId: 1.2.840.113556.1.2.400 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 5fd42462-1262-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 32768 +mapiID: 32839 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Address-Home +ldapDisplayName: homePostalAddress +attributeId: 1.2.840.113556.1.2.617 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 16775781-47f3-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 4096 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 14941 +systemFlags: 0 + +cn: Address-Syntax +ldapDisplayName: addressSyntax +attributeId: 1.2.840.113556.1.2.255 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 5fd42463-1262-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 4096 +mapiID: 32792 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Address-Type +ldapDisplayName: addressType +attributeId: 1.2.840.113556.1.2.350 +attributeSyntax: 2.5.5.4 +omSyntax: 20 +isSingleValued: TRUE +schemaIdGuid: 5fd42464-1262-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 32 +mapiID: 32840 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Admin-Context-Menu +ldapDisplayName: adminContextMenu +attributeId: 1.2.840.113556.1.4.614 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 553fd038-f32e-11d0-b0bc-00c04fd8dca6 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Admin-Count +ldapDisplayName: adminCount +attributeId: 1.2.840.113556.1.4.150 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967918-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Admin-Description +ldapDisplayName: adminDescription +attributeId: 1.2.840.113556.1.2.226 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967919-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 1024 +attributeSecurityGuid: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +mapiID: 32842 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Admin-Display-Name +ldapDisplayName: adminDisplayName +attributeId: 1.2.840.113556.1.2.194 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf96791a-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 +mapiID: 32843 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Admin-Multiselect-Property-Pages +ldapDisplayName: adminMultiselectPropertyPages +attributeId: 1.2.840.113556.1.4.1690 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 18f9b67d-5ac6-4b3b-97db-d0a406afb7ba +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Admin-Property-Pages +ldapDisplayName: adminPropertyPages +attributeId: 1.2.840.113556.1.4.562 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 52458038-ca6a-11d0-afff-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Allowed-Attributes +ldapDisplayName: allowedAttributes +attributeId: 1.2.840.113556.1.4.913 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: FALSE +schemaIdGuid: 9a7ad940-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +searchFlags: 0 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED |FLAG_DOMAIN_DISALLOW_RENAME +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Allowed-Attributes-Effective +ldapDisplayName: allowedAttributesEffective +attributeId: 1.2.840.113556.1.4.914 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: FALSE +schemaIdGuid: 9a7ad941-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +searchFlags: 0 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED |FLAG_DOMAIN_DISALLOW_RENAME +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Allowed-Child-Classes +ldapDisplayName: allowedChildClasses +attributeId: 1.2.840.113556.1.4.911 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: FALSE +schemaIdGuid: 9a7ad942-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +searchFlags: 0 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED |FLAG_DOMAIN_DISALLOW_RENAME +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Allowed-Child-Classes-Effective +ldapDisplayName: allowedChildClassesEffective +attributeId: 1.2.840.113556.1.4.912 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: FALSE +schemaIdGuid: 9a7ad943-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +searchFlags: 0 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED |FLAG_DOMAIN_DISALLOW_RENAME +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Alt-Security-Identities +ldapDisplayName: altSecurityIdentities +attributeId: 1.2.840.113556.1.4.867 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 00fbf30c-91fe-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: fATTINDEX +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ANR +ldapDisplayName: aNR +attributeId: 1.2.840.113556.1.4.1208 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 45b01500-c419-11d1-bbc9-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED |FLAG_DOMAIN_DISALLOW_RENAME +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Application-Name +ldapDisplayName: applicationName +attributeId: 1.2.840.113556.1.4.218 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: dd712226-10e4-11d0-a05f-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Applies-To +ldapDisplayName: appliesTo +attributeId: 1.2.840.113556.1.4.341 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 8297931d-86d3-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 36 +rangeUpper: 36 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: App-Schema-Version +ldapDisplayName: appSchemaVersion +attributeId: 1.2.840.113556.1.4.848 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 96a7dd65-9118-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Asset-Number +ldapDisplayName: assetNumber +attributeId: 1.2.840.113556.1.4.283 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: ba305f75-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Assistant +ldapDisplayName: assistant +attributeId: 1.2.840.113556.1.4.652 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 0296c11c-40da-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +searchFlags: fCOPY +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: associatedDomain +ldapDisplayName: associatedDomain +attributeId: 0.9.2342.19200300.100.1.37 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: 3320fc38-c379-4c17-a510-1bdf6133c5da +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 256 + +cn: associatedName +ldapDisplayName: associatedName +attributeId: 0.9.2342.19200300.100.1.38 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: f7fbfc45-85ab-42a4-a435-780e62f7858b +systemOnly: FALSE +searchFlags: 0 + +cn: Assoc-NT-Account +ldapDisplayName: assocNTAccount +attributeId: 1.2.840.113556.1.4.1213 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 398f63c0-ca60-11d1-bbd1-0000f81f10c0 +systemOnly: FALSE +searchFlags: 0 + +cn: attributeCertificateAttribute +ldapDisplayName: attributeCertificateAttribute +attributeId: 2.5.4.58 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: fa4693bb-7bc2-4cb9-81a8-c99c43b7905e +systemOnly: FALSE +searchFlags: 0 +systemFlags: 0 + +cn: Attribute-Display-Names +ldapDisplayName: attributeDisplayNames +attributeId: 1.2.840.113556.1.4.748 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: cb843f80-48d9-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Attribute-ID +ldapDisplayName: attributeID +attributeId: 1.2.840.113556.1.2.30 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: TRUE +schemaIdGuid: bf967922-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags:fPRESERVEONDELETE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Attribute-Security-GUID +ldapDisplayName: attributeSecurityGUID +attributeId: 1.2.840.113556.1.4.149 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf967924-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 16 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Attribute-Syntax +ldapDisplayName: attributeSyntax +attributeId: 1.2.840.113556.1.2.32 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: TRUE +schemaIdGuid: bf967925-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags:fPRESERVEONDELETE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Attribute-Types +ldapDisplayName: attributeTypes +attributeId: 2.5.21.5 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 9a7ad944-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED |FLAG_DOMAIN_DISALLOW_RENAME +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: audio +ldapDisplayName: audio +attributeId: 0.9.2342.19200300.100.1.55 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: d0e1d224-e1a0-42ce-a2da-793ba5244f35 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 250000 +showInAdvancedViewOnly: FALSE +systemFlags: 0 + +cn: Auditing-Policy +ldapDisplayName: auditingPolicy +attributeId: 1.2.840.113556.1.4.202 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 6da8a4fe-0e52-11d0-a286-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Authentication-Options +ldapDisplayName: authenticationOptions +attributeId: 1.2.840.113556.1.4.11 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967928-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Authority-Revocation-List +ldapDisplayName: authorityRevocationList +attributeId: 2.5.4.38 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 1677578d-47f3-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 10485760 +mapiID: 32806 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Auxiliary-Class +ldapDisplayName: auxiliaryClass +attributeId: 1.2.840.113556.1.2.351 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: FALSE +schemaIdGuid: bf96792c-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Bad-Password-Time +ldapDisplayName: badPasswordTime +attributeId: 1.2.840.113556.1.4.49 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf96792d-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Bad-Pwd-Count +ldapDisplayName: badPwdCount +attributeId: 1.2.840.113556.1.4.12 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf96792e-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Birth-Location +ldapDisplayName: birthLocation +attributeId: 1.2.840.113556.1.4.332 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 1f0075f9-7e40-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 32 +rangeUpper: 32 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: BootFile +ldapDisplayName: bootFile +attributeId: 1.3.6.1.1.1.1.24 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: e3f3cb4e-0f20-42eb-9703-d2ff26e52667 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 10240 + +cn: BootParameter +ldapDisplayName: bootParameter +attributeId: 1.3.6.1.1.1.1.23 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: d72a0750-8c7c-416e-8714-e65f11e908be +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 10240 + +cn: Bridgehead-Server-List-BL +ldapDisplayName: bridgeheadServerListBL +attributeId: 1.2.840.113556.1.4.820 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: d50c2cdb-8951-11d1-aebc-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +linkID: 99 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Bridgehead-Transport-List +ldapDisplayName: bridgeheadTransportList +attributeId: 1.2.840.113556.1.4.819 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: d50c2cda-8951-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +linkID: 98 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: buildingName +ldapDisplayName: buildingName +attributeId: 0.9.2342.19200300.100.1.48 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: f87fa54b-b2c5-4fd7-88c0-daccb21d93c5 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 + +cn: Builtin-Creation-Time +ldapDisplayName: builtinCreationTime +attributeId: 1.2.840.113556.1.4.13 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf96792f-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Builtin-Modified-Count +ldapDisplayName: builtinModifiedCount +attributeId: 1.2.840.113556.1.4.14 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf967930-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Business-Category +ldapDisplayName: businessCategory +attributeId: 2.5.4.15 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf967931-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 128 +mapiID: 32855 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Bytes-Per-Minute +ldapDisplayName: bytesPerMinute +attributeId: 1.2.840.113556.1.4.284 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ba305f76-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: CA-Certificate +ldapDisplayName: cACertificate +attributeId: 2.5.4.37 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: bf967932-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 32768 +mapiID: 32771 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: CA-Certificate-DN +ldapDisplayName: cACertificateDN +attributeId: 1.2.840.113556.1.4.697 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 963d2740-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: CA-Connect +ldapDisplayName: cAConnect +attributeId: 1.2.840.113556.1.4.687 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 963d2735-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Canonical-Name +ldapDisplayName: canonicalName +attributeId: 1.2.840.113556.1.4.916 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 9a7ad945-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED |FLAG_DOMAIN_DISALLOW_RENAME +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Can-Upgrade-Script +ldapDisplayName: canUpgradeScript +attributeId: 1.2.840.113556.1.4.815 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: d9e18314-8939-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: carLicense +ldapDisplayName: carLicense +attributeId: 2.16.840.1.113730.3.1.1 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: d4159c92-957d-4a87-8a67-8d2934e01649 +systemOnly: FALSE +searchFlags: 0 +showInAdvancedViewOnly: FALSE +systemFlags: 0 + +cn: Catalogs +ldapDisplayName: catalogs +attributeId: 1.2.840.113556.1.4.675 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 7bfdcb81-4807-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Categories +ldapDisplayName: categories +attributeId: 1.2.840.113556.1.4.672 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 7bfdcb7e-4807-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 36 +rangeUpper: 36 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Category-Id +ldapDisplayName: categoryId +attributeId: 1.2.840.113556.1.4.322 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 7d6c0e94-7e20-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 16 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: CA-Usages +ldapDisplayName: cAUsages +attributeId: 1.2.840.113556.1.4.690 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 963d2738-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: CA-WEB-URL +ldapDisplayName: cAWEBURL +attributeId: 1.2.840.113556.1.4.688 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 963d2736-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Certificate-Authority-Object +ldapDisplayName: certificateAuthorityObject +attributeId: 1.2.840.113556.1.4.684 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 963d2732-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Certificate-Revocation-List +ldapDisplayName: certificateRevocationList +attributeId: 2.5.4.39 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 1677579f-47f3-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 10485760 +mapiID: 32790 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Certificate-Templates +ldapDisplayName: certificateTemplates +attributeId: 1.2.840.113556.1.4.823 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 2a39c5b1-8960-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Class-Display-Name +ldapDisplayName: classDisplayName +attributeId: 1.2.840.113556.1.4.610 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 548e1c22-dea6-11d0-b010-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Code-Page +ldapDisplayName: codePage +attributeId: 1.2.840.113556.1.4.16 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967938-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +rangeLower: 0 +rangeUpper: 65535 +attributeSecurityGuid: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: COM-ClassID +ldapDisplayName: cOMClassID +attributeId: 1.2.840.113556.1.4.19 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf96793b-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: COM-CLSID +ldapDisplayName: cOMCLSID +attributeId: 1.2.840.113556.1.4.249 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 281416d9-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 36 +rangeUpper: 36 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: COM-InterfaceID +ldapDisplayName: cOMInterfaceID +attributeId: 1.2.840.113556.1.4.20 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf96793c-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 36 +rangeUpper: 36 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Comment +ldapDisplayName: info +attributeId: 1.2.840.113556.1.2.81 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf96793e-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 1024 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 12292 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Common-Name +ldapDisplayName: cn +attributeId: 2.5.4.3 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf96793f-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 14863 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: COM-Other-Prog-Id +ldapDisplayName: cOMOtherProgId +attributeId: 1.2.840.113556.1.4.253 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 281416dd-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Company +ldapDisplayName: company +attributeId: 1.2.840.113556.1.2.146 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f0f8ff88-1191-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: fCOPY +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 14870 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: COM-ProgID +ldapDisplayName: cOMProgID +attributeId: 1.2.840.113556.1.4.21 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf96793d-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: COM-Treat-As-Class-Id +ldapDisplayName: cOMTreatAsClassId +attributeId: 1.2.840.113556.1.4.251 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 281416db-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 36 +rangeUpper: 36 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: COM-Typelib-Id +ldapDisplayName: cOMTypelibId +attributeId: 1.2.840.113556.1.4.254 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 281416de-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 36 +rangeUpper: 36 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: COM-Unique-LIBID +ldapDisplayName: cOMUniqueLIBID +attributeId: 1.2.840.113556.1.4.250 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 281416da-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 36 +rangeUpper: 36 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Content-Indexing-Allowed +ldapDisplayName: contentIndexingAllowed +attributeId: 1.2.840.113556.1.4.24 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: bf967943-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Context-Menu +ldapDisplayName: contextMenu +attributeId: 1.2.840.113556.1.4.499 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 4d8601ee-ac85-11d0-afe3-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Control-Access-Rights +ldapDisplayName: controlAccessRights +attributeId: 1.2.840.113556.1.4.200 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 6da8a4fc-0e52-11d0-a286-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 16 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Cost +ldapDisplayName: cost +attributeId: 1.2.840.113556.1.2.135 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967944-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +mapiID: 32872 +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Country-Code +ldapDisplayName: countryCode +attributeId: 1.2.840.113556.1.4.25 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 5fd42471-1262-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: fCOPY +rangeLower: 0 +rangeUpper: 65535 +attributeSecurityGuid: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Country-Name +ldapDisplayName: c +attributeId: 2.5.4.6 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967945-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +rangeLower: 1 +rangeUpper: 3 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 32873 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Create-Dialog +ldapDisplayName: createDialog +attributeId: 1.2.840.113556.1.4.810 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 2b09958a-8931-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Create-Time-Stamp +ldapDisplayName: createTimeStamp +attributeId: 2.5.18.1 +attributeSyntax: 2.5.5.11 +omSyntax: 24 +isSingleValued: TRUE +schemaIdGuid: 2df90d73-009f-11d2-aa4c-00c04fd7d83a +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED |FLAG_DOMAIN_DISALLOW_RENAME +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Create-Wizard-Ext +ldapDisplayName: createWizardExt +attributeId: 1.2.840.113556.1.4.812 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 2b09958b-8931-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Creation-Time +ldapDisplayName: creationTime +attributeId: 1.2.840.113556.1.4.26 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf967946-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Creation-Wizard +ldapDisplayName: creationWizard +attributeId: 1.2.840.113556.1.4.498 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 4d8601ed-ac85-11d0-afe3-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Creator +ldapDisplayName: creator +attributeId: 1.2.840.113556.1.4.679 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 7bfdcb85-4807-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: CRL-Object +ldapDisplayName: cRLObject +attributeId: 1.2.840.113556.1.4.689 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 963d2737-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: CRL-Partitioned-Revocation-List +ldapDisplayName: cRLPartitionedRevocationList +attributeId: 1.2.840.113556.1.4.683 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 963d2731-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 10485760 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Cross-Certificate-Pair +ldapDisplayName: crossCertificatePair +attributeId: 2.5.4.40 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 167757b2-47f3-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 32768 +mapiID: 32805 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Current-Location +ldapDisplayName: currentLocation +attributeId: 1.2.840.113556.1.4.335 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 1f0075fc-7e40-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 32 +rangeUpper: 32 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Current-Parent-CA +ldapDisplayName: currentParentCA +attributeId: 1.2.840.113556.1.4.696 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 963d273f-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Current-Value +ldapDisplayName: currentValue +attributeId: 1.2.840.113556.1.4.27 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf967947-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Curr-Machine-Id +ldapDisplayName: currMachineId +attributeId: 1.2.840.113556.1.4.337 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 1f0075fe-7e40-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 16 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: DBCS-Pwd +ldapDisplayName: dBCSPwd +attributeId: 1.2.840.113556.1.4.55 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf96799c-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Default-Class-Store +ldapDisplayName: defaultClassStore +attributeId: 1.2.840.113556.1.4.213 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: bf967948-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Default-Group +ldapDisplayName: defaultGroup +attributeId: 1.2.840.113556.1.4.480 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 720bc4e2-a54a-11d0-afdf-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Default-Hiding-Value +ldapDisplayName: defaultHidingValue +attributeId: 1.2.840.113556.1.4.518 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: b7b13116-b82e-11d0-afee-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Default-Local-Policy-Object +ldapDisplayName: defaultLocalPolicyObject +attributeId: 1.2.840.113556.1.4.57 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: bf96799f-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Default-Object-Category +ldapDisplayName: defaultObjectCategory +attributeId: 1.2.840.113556.1.4.783 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 26d97367-6070-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Default-Priority +ldapDisplayName: defaultPriority +attributeId: 1.2.840.113556.1.4.232 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 281416c8-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Default-Security-Descriptor +ldapDisplayName: defaultSecurityDescriptor +attributeId: 1.2.840.113556.1.4.224 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 807a6d30-1669-11d0-a064-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Delta-Revocation-List +ldapDisplayName: deltaRevocationList +attributeId: 2.5.4.53 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 167757b5-47f3-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 10485760 +mapiID: 35910 + +cn: Department +ldapDisplayName: department +attributeId: 1.2.840.113556.1.2.141 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf96794f-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 14872 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: departmentNumber +ldapDisplayName: departmentNumber +attributeId: 2.16.840.1.113730.3.1.2 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: be9ef6ee-cbc7-4f22-b27b-96967e7ee585 +systemOnly: FALSE +searchFlags: 0 +showInAdvancedViewOnly: FALSE +systemFlags: 0 + +cn: Description +ldapDisplayName: description +attributeId: 2.5.4.13 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf967950-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 1024 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 32879 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Desktop-Profile +ldapDisplayName: desktopProfile +attributeId: 1.2.840.113556.1.4.346 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: eea65906-8ac6-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Destination-Indicator +ldapDisplayName: destinationIndicator +attributeId: 2.5.4.27 +attributeSyntax: 2.5.5.5 +omSyntax: 19 +isSingleValued: FALSE +schemaIdGuid: bf967951-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 128 +mapiID: 32880 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-Classes +ldapDisplayName: dhcpClasses +attributeId: 1.2.840.113556.1.4.715 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 963d2750-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-Flags +ldapDisplayName: dhcpFlags +attributeId: 1.2.840.113556.1.4.700 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 963d2741-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-Identification +ldapDisplayName: dhcpIdentification +attributeId: 1.2.840.113556.1.4.701 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 963d2742-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-Mask +ldapDisplayName: dhcpMask +attributeId: 1.2.840.113556.1.4.706 +attributeSyntax: 2.5.5.5 +omSyntax: 19 +isSingleValued: FALSE +schemaIdGuid: 963d2747-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-MaxKey +ldapDisplayName: dhcpMaxKey +attributeId: 1.2.840.113556.1.4.719 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 963d2754-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-Obj-Description +ldapDisplayName: dhcpObjDescription +attributeId: 1.2.840.113556.1.4.703 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 963d2744-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-Obj-Name +ldapDisplayName: dhcpObjName +attributeId: 1.2.840.113556.1.4.702 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 963d2743-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-Options +ldapDisplayName: dhcpOptions +attributeId: 1.2.840.113556.1.4.714 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 963d274f-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-Properties +ldapDisplayName: dhcpProperties +attributeId: 1.2.840.113556.1.4.718 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 963d2753-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-Ranges +ldapDisplayName: dhcpRanges +attributeId: 1.2.840.113556.1.4.707 +attributeSyntax: 2.5.5.5 +omSyntax: 19 +isSingleValued: FALSE +schemaIdGuid: 963d2748-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-Reservations +ldapDisplayName: dhcpReservations +attributeId: 1.2.840.113556.1.4.709 +attributeSyntax: 2.5.5.5 +omSyntax: 19 +isSingleValued: FALSE +schemaIdGuid: 963d274a-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-Servers +ldapDisplayName: dhcpServers +attributeId: 1.2.840.113556.1.4.704 +attributeSyntax: 2.5.5.5 +omSyntax: 19 +isSingleValued: FALSE +schemaIdGuid: 963d2745-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +extendedCharsAllowed: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-Sites +ldapDisplayName: dhcpSites +attributeId: 1.2.840.113556.1.4.708 +attributeSyntax: 2.5.5.5 +omSyntax: 19 +isSingleValued: FALSE +schemaIdGuid: 963d2749-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-State +ldapDisplayName: dhcpState +attributeId: 1.2.840.113556.1.4.717 +attributeSyntax: 2.5.5.5 +omSyntax: 19 +isSingleValued: FALSE +schemaIdGuid: 963d2752-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-Subnets +ldapDisplayName: dhcpSubnets +attributeId: 1.2.840.113556.1.4.705 +attributeSyntax: 2.5.5.5 +omSyntax: 19 +isSingleValued: FALSE +schemaIdGuid: 963d2746-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-Type +ldapDisplayName: dhcpType +attributeId: 1.2.840.113556.1.4.699 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 963d273b-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-Unique-Key +ldapDisplayName: dhcpUniqueKey +attributeId: 1.2.840.113556.1.4.698 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 963d273a-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: dhcp-Update-Time +ldapDisplayName: dhcpUpdateTime +attributeId: 1.2.840.113556.1.4.720 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 963d2755-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Display-Name +ldapDisplayName: displayName +attributeId: 1.2.840.113556.1.2.13 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967953-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fANR | fATTINDEX +rangeLower: 0 +rangeUpper: 256 +attributeSecurityGuid: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Display-Name-Printable +ldapDisplayName: displayNamePrintable +attributeId: 1.2.840.113556.1.2.353 +attributeSyntax: 2.5.5.5 +omSyntax: 19 +isSingleValued: TRUE +schemaIdGuid: bf967954-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 14847 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: DIT-Content-Rules +ldapDisplayName: dITContentRules +attributeId: 2.5.21.2 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 9a7ad946-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED |FLAG_DOMAIN_DISALLOW_RENAME +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Division +ldapDisplayName: division +attributeId: 1.2.840.113556.1.4.261 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: fe6136a0-2073-11d0-a9c2-00aa006c33ed +systemOnly: FALSE +searchFlags: fCOPY +rangeLower: 0 +rangeUpper: 256 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: DMD-Location +ldapDisplayName: dMDLocation +attributeId: 1.2.840.113556.1.2.36 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: f0f8ff8b-1191-11d0-a060-00aa006c33ed +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: DMD-Name +ldapDisplayName: dmdName +attributeId: 1.2.840.113556.1.2.598 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 167757b9-47f3-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 1024 +mapiID: 35926 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: DN-Reference-Update +ldapDisplayName: dNReferenceUpdate +attributeId: 1.2.840.113556.1.4.1242 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 2df90d86-009f-11d2-aa4c-00c04fd7d83a +systemOnly: TRUE +searchFlags:fPRESERVEONDELETE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Dns-Allow-Dynamic +ldapDisplayName: dnsAllowDynamic +attributeId: 1.2.840.113556.1.4.378 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: e0fa1e65-9b45-11d0-afdd-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Dns-Allow-XFR +ldapDisplayName: dnsAllowXFR +attributeId: 1.2.840.113556.1.4.379 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: e0fa1e66-9b45-11d0-afdd-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: DNS-Host-Name +ldapDisplayName: dNSHostName +attributeId: 1.2.840.113556.1.4.619 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 72e39547-7b18-11d1-adef-00c04fd8d5cd +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 2048 +attributeSecurityGuid: 72e39547-7b18-11d1-adef-00c04fd8d5cd +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Dns-Notify-Secondaries +ldapDisplayName: dnsNotifySecondaries +attributeId: 1.2.840.113556.1.4.381 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: FALSE +schemaIdGuid: e0fa1e68-9b45-11d0-afdd-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: DNS-Property +ldapDisplayName: dNSProperty +attributeId: 1.2.840.113556.1.4.1306 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 675a15fe-3b70-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Dns-Record +ldapDisplayName: dnsRecord +attributeId: 1.2.840.113556.1.4.382 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: e0fa1e69-9b45-11d0-afdd-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Dns-Root +ldapDisplayName: dnsRoot +attributeId: 1.2.840.113556.1.4.28 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf967959-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 1 +rangeUpper: 255 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Dns-Secure-Secondaries +ldapDisplayName: dnsSecureSecondaries +attributeId: 1.2.840.113556.1.4.380 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: FALSE +schemaIdGuid: e0fa1e67-9b45-11d0-afdd-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: DNS-Tombstoned +ldapDisplayName: dNSTombstoned +attributeId: 1.2.840.113556.1.4.1414 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: d5eb2eb7-be4e-463b-a214-634a44d7392e +systemOnly: FALSE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: documentAuthor +ldapDisplayName: documentAuthor +attributeId: 0.9.2342.19200300.100.1.14 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: f18a8e19-af5f-4478-b096-6f35c27eb83f +systemOnly: FALSE +searchFlags: 0 + +cn: documentIdentifier +ldapDisplayName: documentIdentifier +attributeId: 0.9.2342.19200300.100.1.11 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 0b21ce82-ff63-46d9-90fb-c8b9f24e97b9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 + +cn: documentLocation +ldapDisplayName: documentLocation +attributeId: 0.9.2342.19200300.100.1.15 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: b958b14e-ac6d-4ec4-8892-be70b69f7281 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 + +cn: documentPublisher +ldapDisplayName: documentPublisher +attributeId: 0.9.2342.19200300.100.1.56 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 170f09d7-eb69-448a-9a30-f1afecfd32d7 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 + +cn: documentTitle +ldapDisplayName: documentTitle +attributeId: 0.9.2342.19200300.100.1.12 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: de265a9c-ff2c-47b9-91dc-6e6fe2c43062 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 + +cn: documentVersion +ldapDisplayName: documentVersion +attributeId: 0.9.2342.19200300.100.1.13 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 94b3a8a9-d613-4cec-9aad-5fbcc1046b43 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 + +cn: Domain-Certificate-Authorities +ldapDisplayName: domainCAs +attributeId: 1.2.840.113556.1.4.668 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 7bfdcb7a-4807-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Domain-Component +ldapDisplayName: dc +attributeId: 0.9.2342.19200300.100.1.25 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 19195a55-6da0-11d0-afd3-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 255 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Domain-Cross-Ref +ldapDisplayName: domainCrossRef +attributeId: 1.2.840.113556.1.4.472 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: b000ea7b-a086-11d0-afdd-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Domain-ID +ldapDisplayName: domainID +attributeId: 1.2.840.113556.1.4.686 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 963d2734-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Domain-Identifier +ldapDisplayName: domainIdentifier +attributeId: 1.2.840.113556.1.4.755 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 7f561278-5301-11d1-a9c5-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Domain-Policy-Object +ldapDisplayName: domainPolicyObject +attributeId: 1.2.840.113556.1.4.32 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: bf96795d-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Domain-Policy-Reference +ldapDisplayName: domainPolicyReference +attributeId: 1.2.840.113556.1.4.422 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 80a67e2a-9f22-11d0-afdd-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: a29b89fe-c7e8-11d0-9bae-00c04fd92ef5 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Domain-Replica +ldapDisplayName: domainReplica +attributeId: 1.2.840.113556.1.4.158 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf96795e-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 +attributeSecurityGuid: b8119fd0-04f6-4762-ab7a-4986c76b3f9a +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Domain-Wide-Policy +ldapDisplayName: domainWidePolicy +attributeId: 1.2.840.113556.1.4.421 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 80a67e29-9f22-11d0-afdd-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: a29b89fd-c7e8-11d0-9bae-00c04fd92ef5 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: drink +ldapDisplayName: drink +attributeId: 0.9.2342.19200300.100.1.5 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 1a1aa5b5-262e-4df6-af04-2cf6b0d80048 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 + +cn: Driver-Name +ldapDisplayName: driverName +attributeId: 1.2.840.113556.1.4.229 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 281416c5-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Driver-Version +ldapDisplayName: driverVersion +attributeId: 1.2.840.113556.1.4.276 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ba305f6e-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: DSA-Signature +ldapDisplayName: dSASignature +attributeId: 1.2.840.113556.1.2.74 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 167757bc-47f3-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +mapiID: 32887 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: DS-Core-Propagation-Data +ldapDisplayName: dSCorePropagationData +attributeId: 1.2.840.113556.1.4.1357 +attributeSyntax: 2.5.5.11 +omSyntax: 24 +isSingleValued: FALSE +schemaIdGuid: d167aa4b-8b08-11d2-9939-0000f87a57d4 +systemOnly: TRUE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: DS-Heuristics +ldapDisplayName: dSHeuristics +attributeId: 1.2.840.113556.1.2.212 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f0f8ff86-1191-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: DS-UI-Admin-Maximum +ldapDisplayName: dSUIAdminMaximum +attributeId: 1.2.840.113556.1.4.1344 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ee8d0ae0-6f91-11d2-9905-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: DS-UI-Admin-Notification +ldapDisplayName: dSUIAdminNotification +attributeId: 1.2.840.113556.1.4.1343 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: f6ea0a94-6f91-11d2-9905-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: DS-UI-Shell-Maximum +ldapDisplayName: dSUIShellMaximum +attributeId: 1.2.840.113556.1.4.1345 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: fcca766a-6f91-11d2-9905-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Dynamic-LDAP-Server +ldapDisplayName: dynamicLDAPServer +attributeId: 1.2.840.113556.1.4.537 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 52458021-ca6a-11d0-afff-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: EFSPolicy +ldapDisplayName: eFSPolicy +attributeId: 1.2.840.113556.1.4.268 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 8e4eb2ec-4712-11d0-a1a0-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: a29b89fd-c7e8-11d0-9bae-00c04fd92ef5 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: E-mail-Addresses +ldapDisplayName: mail +attributeId: 0.9.2342.19200300.100.1.3 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967961-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 0 +rangeUpper: 256 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 14846 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Employee-ID +ldapDisplayName: employeeID +attributeId: 1.2.840.113556.1.4.35 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967962-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Employee-Number +ldapDisplayName: employeeNumber +attributeId: 1.2.840.113556.1.2.610 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: a8df73ef-c5ea-11d1-bbcb-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 512 +mapiID: 35943 +systemFlags: 0 + +cn: Employee-Type +ldapDisplayName: employeeType +attributeId: 1.2.840.113556.1.2.613 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: a8df73f0-c5ea-11d1-bbcb-0080c76670c0 +systemOnly: FALSE +searchFlags: fCOPY +rangeLower: 1 +rangeUpper: 256 +mapiID: 35945 +systemFlags: 0 + +cn: Enabled +ldapDisplayName: Enabled +attributeId: 1.2.840.113556.1.2.557 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: a8df73f2-c5ea-11d1-bbcb-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +mapiID: 35873 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Enabled-Connection +ldapDisplayName: enabledConnection +attributeId: 1.2.840.113556.1.4.36 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: bf967963-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Enrollment-Providers +ldapDisplayName: enrollmentProviders +attributeId: 1.2.840.113556.1.4.825 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 2a39c5b3-8960-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Entry-TTL +ldapDisplayName: entryTTL +attributeId: 1.3.6.1.4.1.1466.101.119.3 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: d213decc-d81a-4384-aac2-dcfcfd631cf8 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 31557600 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED + +cn: Extended-Attribute-Info +ldapDisplayName: extendedAttributeInfo +attributeId: 1.2.840.113556.1.4.909 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 9a7ad947-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED |FLAG_DOMAIN_DISALLOW_RENAME +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Extended-Chars-Allowed +ldapDisplayName: extendedCharsAllowed +attributeId: 1.2.840.113556.1.2.380 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: bf967966-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +mapiID: 32935 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Extended-Class-Info +ldapDisplayName: extendedClassInfo +attributeId: 1.2.840.113556.1.4.908 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 9a7ad948-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED |FLAG_DOMAIN_DISALLOW_RENAME +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Extension-Name +ldapDisplayName: extensionName +attributeId: 1.2.840.113556.1.2.227 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf967972-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 255 +mapiID: 32937 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Extra-Columns +ldapDisplayName: extraColumns +attributeId: 1.2.840.113556.1.4.1687 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: d24e2846-1dd9-4bcf-99d7-a6227cc86da7 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Facsimile-Telephone-Number +ldapDisplayName: facsimileTelephoneNumber +attributeId: 2.5.4.23 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967974-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 14883 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: File-Ext-Priority +ldapDisplayName: fileExtPriority +attributeId: 1.2.840.113556.1.4.816 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: d9e18315-8939-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Flags +ldapDisplayName: flags +attributeId: 1.2.840.113556.1.4.38 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967976-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Flat-Name +ldapDisplayName: flatName +attributeId: 1.2.840.113556.1.4.511 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: b7b13117-b82e-11d0-afee-0000f80367c1 +systemOnly: FALSE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Force-Logoff +ldapDisplayName: forceLogoff +attributeId: 1.2.840.113556.1.4.39 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf967977-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: b8119fd0-04f6-4762-ab7a-4986c76b3f9a +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Foreign-Identifier +ldapDisplayName: foreignIdentifier +attributeId: 1.2.840.113556.1.4.356 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 3e97891e-8c01-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Friendly-Names +ldapDisplayName: friendlyNames +attributeId: 1.2.840.113556.1.4.682 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 7bfdcb88-4807-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: From-Entry +ldapDisplayName: fromEntry +attributeId: 1.2.840.113556.1.4.910 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: FALSE +schemaIdGuid: 9a7ad949-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED |FLAG_DOMAIN_DISALLOW_RENAME +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: From-Server +ldapDisplayName: fromServer +attributeId: 1.2.840.113556.1.4.40 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: bf967979-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Frs-Computer-Reference +ldapDisplayName: frsComputerReference +attributeId: 1.2.840.113556.1.4.869 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 2a132578-9373-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +linkID: 102 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER + +cn: Frs-Computer-Reference-BL +ldapDisplayName: frsComputerReferenceBL +attributeId: 1.2.840.113556.1.4.870 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 2a132579-9373-11d1-aebc-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +linkID: 103 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: FRS-Control-Data-Creation +ldapDisplayName: fRSControlDataCreation +attributeId: 1.2.840.113556.1.4.871 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 2a13257a-9373-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Control-Inbound-Backlog +ldapDisplayName: fRSControlInboundBacklog +attributeId: 1.2.840.113556.1.4.872 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 2a13257b-9373-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Control-Outbound-Backlog +ldapDisplayName: fRSControlOutboundBacklog +attributeId: 1.2.840.113556.1.4.873 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 2a13257c-9373-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Directory-Filter +ldapDisplayName: fRSDirectoryFilter +attributeId: 1.2.840.113556.1.4.484 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 1be8f171-a9ff-11d0-afe2-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 2048 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-DS-Poll +ldapDisplayName: fRSDSPoll +attributeId: 1.2.840.113556.1.4.490 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 1be8f177-a9ff-11d0-afe2-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Extensions +ldapDisplayName: fRSExtensions +attributeId: 1.2.840.113556.1.4.536 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 52458020-ca6a-11d0-afff-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 65536 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Fault-Condition +ldapDisplayName: fRSFaultCondition +attributeId: 1.2.840.113556.1.4.491 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 1be8f178-a9ff-11d0-afe2-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-File-Filter +ldapDisplayName: fRSFileFilter +attributeId: 1.2.840.113556.1.4.483 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 1be8f170-a9ff-11d0-afe2-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 2048 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Flags +ldapDisplayName: fRSFlags +attributeId: 1.2.840.113556.1.4.874 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 2a13257d-9373-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Level-Limit +ldapDisplayName: fRSLevelLimit +attributeId: 1.2.840.113556.1.4.534 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 5245801e-ca6a-11d0-afff-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Member-Reference +ldapDisplayName: fRSMemberReference +attributeId: 1.2.840.113556.1.4.875 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 2a13257e-9373-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +linkID: 104 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER + +cn: FRS-Member-Reference-BL +ldapDisplayName: fRSMemberReferenceBL +attributeId: 1.2.840.113556.1.4.876 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 2a13257f-9373-11d1-aebc-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +linkID: 105 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: FRS-Partner-Auth-Level +ldapDisplayName: fRSPartnerAuthLevel +attributeId: 1.2.840.113556.1.4.877 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 2a132580-9373-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Primary-Member +ldapDisplayName: fRSPrimaryMember +attributeId: 1.2.840.113556.1.4.878 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 2a132581-9373-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +linkID: 106 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Replica-Set-GUID +ldapDisplayName: fRSReplicaSetGUID +attributeId: 1.2.840.113556.1.4.533 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 5245801a-ca6a-11d0-afff-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 16 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Replica-Set-Type +ldapDisplayName: fRSReplicaSetType +attributeId: 1.2.840.113556.1.4.31 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 26d9736b-6070-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Root-Path +ldapDisplayName: fRSRootPath +attributeId: 1.2.840.113556.1.4.487 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 1be8f174-a9ff-11d0-afe2-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 2048 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Root-Security +ldapDisplayName: fRSRootSecurity +attributeId: 1.2.840.113556.1.4.535 +attributeSyntax: 2.5.5.15 +omSyntax: 66 +isSingleValued: TRUE +schemaIdGuid: 5245801f-ca6a-11d0-afff-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 65535 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Service-Command +ldapDisplayName: fRSServiceCommand +attributeId: 1.2.840.113556.1.4.500 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: ddac0cee-af8f-11d0-afeb-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 512 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Service-Command-Status +ldapDisplayName: fRSServiceCommandStatus +attributeId: 1.2.840.113556.1.4.879 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 2a132582-9373-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 512 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Staging-Path +ldapDisplayName: fRSStagingPath +attributeId: 1.2.840.113556.1.4.488 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 1be8f175-a9ff-11d0-afe2-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 2048 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Time-Last-Command +ldapDisplayName: fRSTimeLastCommand +attributeId: 1.2.840.113556.1.4.880 +attributeSyntax: 2.5.5.11 +omSyntax: 23 +isSingleValued: TRUE +schemaIdGuid: 2a132583-9373-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Time-Last-Config-Change +ldapDisplayName: fRSTimeLastConfigChange +attributeId: 1.2.840.113556.1.4.881 +attributeSyntax: 2.5.5.11 +omSyntax: 23 +isSingleValued: TRUE +schemaIdGuid: 2a132584-9373-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Update-Timeout +ldapDisplayName: fRSUpdateTimeout +attributeId: 1.2.840.113556.1.4.485 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 1be8f172-a9ff-11d0-afe2-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Version +ldapDisplayName: fRSVersion +attributeId: 1.2.840.113556.1.4.882 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 2a132585-9373-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Version-GUID +ldapDisplayName: fRSVersionGUID +attributeId: 1.2.840.113556.1.4.43 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 26d9736c-6070-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 16 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FRS-Working-Path +ldapDisplayName: fRSWorkingPath +attributeId: 1.2.840.113556.1.4.486 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 1be8f173-a9ff-11d0-afe2-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 2048 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: FSMO-Role-Owner +ldapDisplayName: fSMORoleOwner +attributeId: 1.2.840.113556.1.4.369 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 66171887-8f3c-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Garbage-Coll-Period +ldapDisplayName: garbageCollPeriod +attributeId: 1.2.840.113556.1.2.301 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 5fd424a1-1262-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +mapiID: 32943 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Gecos +ldapDisplayName: gecos +attributeId: 1.3.6.1.1.1.1.2 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: TRUE +schemaIdGuid: a3e03f1f-1d55-4253-a0af-30c2a784e46e +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 10240 + +cn: Generated-Connection +ldapDisplayName: generatedConnection +attributeId: 1.2.840.113556.1.4.41 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: bf96797a-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Generation-Qualifier +ldapDisplayName: generationQualifier +attributeId: 2.5.4.44 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 16775804-47f3-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +mapiID: 35923 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: GidNumber +ldapDisplayName: gidNumber +attributeId: 1.3.6.1.1.1.1.1 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: c5b95f0c-ec9e-41c4-849c-b46597ed6696 +systemOnly: FALSE +searchFlags: fATTINDEX + +cn: Given-Name +ldapDisplayName: givenName +attributeId: 2.5.4.42 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f0f8ff8e-1191-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: fANR | fATTINDEX +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 14854 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Global-Address-List +ldapDisplayName: globalAddressList +attributeId: 1.2.840.113556.1.4.1245 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: f754c748-06f4-11d2-aa53-00c04fd7d83a +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Global-Address-List2 +ldapDisplayName: globalAddressList2 +attributeId: 1.2.840.113556.1.4.2047 +attributeSyntax: 2.5.5.1 +linkID: 2124 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 4898f63d-4112-477c-8826-3ca00bd8277d +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Governs-ID +ldapDisplayName: governsID +attributeId: 1.2.840.113556.1.2.22 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: TRUE +schemaIdGuid: bf96797d-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags:fPRESERVEONDELETE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: GPC-File-Sys-Path +ldapDisplayName: gPCFileSysPath +attributeId: 1.2.840.113556.1.4.894 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f30e3bc1-9ff0-11d1-b603-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: GPC-Functionality-Version +ldapDisplayName: gPCFunctionalityVersion +attributeId: 1.2.840.113556.1.4.893 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: f30e3bc0-9ff0-11d1-b603-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: GPC-Machine-Extension-Names +ldapDisplayName: gPCMachineExtensionNames +attributeId: 1.2.840.113556.1.4.1348 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 32ff8ecc-783f-11d2-9916-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: GPC-User-Extension-Names +ldapDisplayName: gPCUserExtensionNames +attributeId: 1.2.840.113556.1.4.1349 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 42a75fc6-783f-11d2-9916-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: GPC-WQL-Filter +ldapDisplayName: gPCWQLFilter +attributeId: 1.2.840.113556.1.4.1694 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 7bd4c7a6-1add-4436-8c04-3999a880154c +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: GP-Link +ldapDisplayName: gPLink +attributeId: 1.2.840.113556.1.4.891 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f30e3bbe-9ff0-11d1-b603-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: GP-Options +ldapDisplayName: gPOptions +attributeId: 1.2.840.113556.1.4.892 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: f30e3bbf-9ff0-11d1-b603-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Group-Attributes +ldapDisplayName: groupAttributes +attributeId: 1.2.840.113556.1.4.152 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf96797e-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Group-Membership-SAM +ldapDisplayName: groupMembershipSAM +attributeId: 1.2.840.113556.1.4.166 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf967980-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Group-Priority +ldapDisplayName: groupPriority +attributeId: 1.2.840.113556.1.4.345 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: eea65905-8ac6-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Groups-to-Ignore +ldapDisplayName: groupsToIgnore +attributeId: 1.2.840.113556.1.4.344 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: eea65904-8ac6-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Group-Type +ldapDisplayName: groupType +attributeId: 1.2.840.113556.1.4.750 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 9a9a021e-4a5b-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags:fPRESERVEONDELETE | fATTINDEX +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Has-Master-NCs +ldapDisplayName: hasMasterNCs +attributeId: 1.2.840.113556.1.2.14 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: bf967982-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +linkID: 76 +mapiID: 32950 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Has-Partial-Replica-NCs +ldapDisplayName: hasPartialReplicaNCs +attributeId: 1.2.840.113556.1.2.15 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: bf967981-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +linkID: 74 +mapiID: 32949 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Help-Data16 +ldapDisplayName: helpData16 +attributeId: 1.2.840.113556.1.2.402 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 5fd424a7-1262-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 32768 +mapiID: 32826 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Help-Data32 +ldapDisplayName: helpData32 +attributeId: 1.2.840.113556.1.2.9 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 5fd424a8-1262-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 32768 +mapiID: 32784 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Help-File-Name +ldapDisplayName: helpFileName +attributeId: 1.2.840.113556.1.2.327 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 5fd424a9-1262-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 13 +mapiID: 32827 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Hide-From-AB +ldapDisplayName: hideFromAB +attributeId: 1.2.840.113556.1.4.1780 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: ec05b750-a977-4efe-8e8d-ba6c1a6e33a8 +systemOnly: FALSE +searchFlags: 0 +systemFlags: 0 + +cn: Home-Directory +ldapDisplayName: homeDirectory +attributeId: 1.2.840.113556.1.4.44 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967985-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +attributeSecurityGuid: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Home-Drive +ldapDisplayName: homeDrive +attributeId: 1.2.840.113556.1.4.45 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967986-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +attributeSecurityGuid: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: host +ldapDisplayName: host +attributeId: 0.9.2342.19200300.100.1.9 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 6043df71-fa48-46cf-ab7c-cbd54644b22d +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 + +cn: houseIdentifier +ldapDisplayName: houseIdentifier +attributeId: 2.5.4.51 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: a45398b7-c44a-4eb6-82d3-13c10946dbfe +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 32768 + +cn: Icon-Path +ldapDisplayName: iconPath +attributeId: 1.2.840.113556.1.4.219 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: f0f8ff83-1191-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 2048 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Implemented-Categories +ldapDisplayName: implementedCategories +attributeId: 1.2.840.113556.1.4.320 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 7d6c0e92-7e20-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 16 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: IndexedScopes +ldapDisplayName: indexedScopes +attributeId: 1.2.840.113556.1.4.681 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 7bfdcb87-4807-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Initial-Auth-Incoming +ldapDisplayName: initialAuthIncoming +attributeId: 1.2.840.113556.1.4.539 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 52458023-ca6a-11d0-afff-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Initial-Auth-Outgoing +ldapDisplayName: initialAuthOutgoing +attributeId: 1.2.840.113556.1.4.540 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 52458024-ca6a-11d0-afff-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Initials +ldapDisplayName: initials +attributeId: 2.5.4.43 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f0f8ff90-1191-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 6 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 14858 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Install-Ui-Level +ldapDisplayName: installUiLevel +attributeId: 1.2.840.113556.1.4.847 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 96a7dd64-9118-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Instance-Type +ldapDisplayName: instanceType +attributeId: 1.2.840.113556.1.2.1 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf96798c-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags:fPRESERVEONDELETE +mapiID: 32957 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: International-ISDN-Number +ldapDisplayName: internationalISDNNumber +attributeId: 2.5.4.25 +attributeSyntax: 2.5.5.6 +omSyntax: 18 +isSingleValued: FALSE +schemaIdGuid: bf96798d-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 16 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 32958 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Inter-Site-Topology-Failover +ldapDisplayName: interSiteTopologyFailover +attributeId: 1.2.840.113556.1.4.1248 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: b7c69e60-2cc7-11d2-854e-00a0c983f608 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Inter-Site-Topology-Generator +ldapDisplayName: interSiteTopologyGenerator +attributeId: 1.2.840.113556.1.4.1246 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: b7c69e5e-2cc7-11d2-854e-00a0c983f608 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Inter-Site-Topology-Renew +ldapDisplayName: interSiteTopologyRenew +attributeId: 1.2.840.113556.1.4.1247 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: b7c69e5f-2cc7-11d2-854e-00a0c983f608 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Invocation-Id +ldapDisplayName: invocationId +attributeId: 1.2.840.113556.1.2.115 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf96798e-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: fATTINDEX +mapiID: 32959 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: IpHostNumber +ldapDisplayName: ipHostNumber +attributeId: 1.3.6.1.1.1.1.19 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: de8bb721-85dc-4fde-b687-9657688e667e +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 128 + +cn: IpNetmaskNumber +ldapDisplayName: ipNetmaskNumber +attributeId: 1.3.6.1.1.1.1.21 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: TRUE +schemaIdGuid: 6ff64fcd-462e-4f62-b44a-9a5347659eb9 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 128 + +cn: IpNetworkNumber +ldapDisplayName: ipNetworkNumber +attributeId: 1.3.6.1.1.1.1.20 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: TRUE +schemaIdGuid: 4e3854f4-3087-42a4-a813-bb0c528958d3 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 128 + +cn: IpProtocolNumber +ldapDisplayName: ipProtocolNumber +attributeId: 1.3.6.1.1.1.1.17 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ebf5c6eb-0e2d-4415-9670-1081993b4211 +systemOnly: FALSE +searchFlags: 0 + +cn: Ipsec-Data +ldapDisplayName: ipsecData +attributeId: 1.2.840.113556.1.4.623 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: b40ff81f-427a-11d1-a9c2-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Ipsec-Data-Type +ldapDisplayName: ipsecDataType +attributeId: 1.2.840.113556.1.4.622 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: b40ff81e-427a-11d1-a9c2-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Ipsec-Filter-Reference +ldapDisplayName: ipsecFilterReference +attributeId: 1.2.840.113556.1.4.629 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: b40ff823-427a-11d1-a9c2-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Ipsec-ID +ldapDisplayName: ipsecID +attributeId: 1.2.840.113556.1.4.621 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: b40ff81d-427a-11d1-a9c2-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Ipsec-ISAKMP-Reference +ldapDisplayName: ipsecISAKMPReference +attributeId: 1.2.840.113556.1.4.626 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: b40ff820-427a-11d1-a9c2-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Ipsec-Name +ldapDisplayName: ipsecName +attributeId: 1.2.840.113556.1.4.620 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: b40ff81c-427a-11d1-a9c2-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: IPSEC-Negotiation-Policy-Action +ldapDisplayName: iPSECNegotiationPolicyAction +attributeId: 1.2.840.113556.1.4.888 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 07383075-91df-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Ipsec-Negotiation-Policy-Reference +ldapDisplayName: ipsecNegotiationPolicyReference +attributeId: 1.2.840.113556.1.4.628 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: b40ff822-427a-11d1-a9c2-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: IPSEC-Negotiation-Policy-Type +ldapDisplayName: iPSECNegotiationPolicyType +attributeId: 1.2.840.113556.1.4.887 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 07383074-91df-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Ipsec-NFA-Reference +ldapDisplayName: ipsecNFAReference +attributeId: 1.2.840.113556.1.4.627 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: b40ff821-427a-11d1-a9c2-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Ipsec-Owners-Reference +ldapDisplayName: ipsecOwnersReference +attributeId: 1.2.840.113556.1.4.624 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: b40ff824-427a-11d1-a9c2-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Ipsec-Policy-Reference +ldapDisplayName: ipsecPolicyReference +attributeId: 1.2.840.113556.1.4.517 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: b7b13118-b82e-11d0-afee-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: IpServicePort +ldapDisplayName: ipServicePort +attributeId: 1.3.6.1.1.1.1.15 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ff2daebf-f463-495a-8405-3e483641eaa2 +systemOnly: FALSE +searchFlags: 0 + +cn: IpServiceProtocol +ldapDisplayName: ipServiceProtocol +attributeId: 1.3.6.1.1.1.1.16 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: cd96ec0b-1ed6-43b4-b26b-f170b645883f +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 1024 + +cn: Is-Critical-System-Object +ldapDisplayName: isCriticalSystemObject +attributeId: 1.2.840.113556.1.4.868 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 00fbf30d-91fe-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Is-Defunct +ldapDisplayName: isDefunct +attributeId: 1.2.840.113556.1.4.661 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 28630ebe-41d5-11d1-a9c1-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Is-Deleted +ldapDisplayName: isDeleted +attributeId: 1.2.840.113556.1.2.48 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: bf96798f-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +mapiID: 32960 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Is-Ephemeral +ldapDisplayName: isEphemeral +attributeId: 1.2.840.113556.1.4.1212 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: f4c453f0-c5f1-11d1-bbcb-0080c76670c0 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Is-Member-Of-DL +ldapDisplayName: memberOf +attributeId: 1.2.840.113556.1.2.102 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: bf967991-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: fCOPY +attributeSecurityGuid: bc0ac240-79a9-11d0-9020-00c04fc2d4cf +linkID: 3 +mapiID: 32776 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Is-Member-Of-Partial-Attribute-Set +ldapDisplayName: isMemberOfPartialAttributeSet +attributeId: 1.2.840.113556.1.4.639 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 19405b9d-3cfa-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Is-Privilege-Holder +ldapDisplayName: isPrivilegeHolder +attributeId: 1.2.840.113556.1.4.638 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 19405b9c-3cfa-11d1-a9c0-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +linkID: 71 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: Is-Recycled +ldapDisplayName: isRecycled +attributeId: 1.2.840.113556.1.4.2058 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 8fb59256-55f1-444b-aacb-f5b482fe3459 +systemOnly: TRUE +searchFlags: fPRESERVEONDELETE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL +isMemberOfPartialAttributeSet: TRUE + +cn: Is-Single-Valued +ldapDisplayName: isSingleValued +attributeId: 1.2.840.113556.1.2.33 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: bf967992-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +mapiID: 32961 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: jpegPhoto +ldapDisplayName: jpegPhoto +attributeId: 0.9.2342.19200300.100.1.60 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: bac80572-09c4-4fa9-9ae6-7628d7adbe0e +systemOnly: FALSE +searchFlags: 0 +showInAdvancedViewOnly: FALSE +systemFlags: 0 + +cn: Keywords +ldapDisplayName: keywords +attributeId: 1.2.840.113556.1.4.48 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf967993-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 1 +rangeUpper: 256 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Knowledge-Information +ldapDisplayName: knowledgeInformation +attributeId: 2.5.4.2 +attributeSyntax: 2.5.5.4 +omSyntax: 20 +isSingleValued: FALSE +schemaIdGuid: 1677581f-47f3-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +mapiID: 32963 + +cn: labeledURI +ldapDisplayName: labeledURI +attributeId: 1.3.6.1.4.1.250.1.57 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: c569bb46-c680-44bc-a273-e6c227d71b45 +systemOnly: FALSE +searchFlags: 0 +showInAdvancedViewOnly: FALSE +systemFlags: 0 + +cn: Last-Backup-Restoration-Time +ldapDisplayName: lastBackupRestorationTime +attributeId: 1.2.840.113556.1.4.519 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 1fbb0be8-ba63-11d0-afef-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Last-Content-Indexed +ldapDisplayName: lastContentIndexed +attributeId: 1.2.840.113556.1.4.50 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf967995-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Last-Known-Parent +ldapDisplayName: lastKnownParent +attributeId: 1.2.840.113556.1.4.781 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 52ab8670-5709-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Last-Logoff +ldapDisplayName: lastLogoff +attributeId: 1.2.840.113556.1.4.51 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf967996-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Last-Logon +ldapDisplayName: lastLogon +attributeId: 1.2.840.113556.1.4.52 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf967997-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Last-Logon-Timestamp +ldapDisplayName: lastLogonTimestamp +attributeId: 1.2.840.113556.1.4.1696 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: c0e20a04-0e5a-4ff3-9482-5efeaecd7060 +systemOnly: FALSE +searchFlags: fATTINDEX +attributeSecurityGuid: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL +isMemberOfPartialAttributeSet: TRUE + +cn: Last-Set-Time +ldapDisplayName: lastSetTime +attributeId: 1.2.840.113556.1.4.53 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf967998-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Last-Update-Sequence +ldapDisplayName: lastUpdateSequence +attributeId: 1.2.840.113556.1.4.330 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 7d6c0e9c-7e20-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: LDAP-Admin-Limits +ldapDisplayName: lDAPAdminLimits +attributeId: 1.2.840.113556.1.4.843 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 7359a352-90f7-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: LDAP-Display-Name +ldapDisplayName: lDAPDisplayName +attributeId: 1.2.840.113556.1.2.460 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf96799a-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags:fPRESERVEONDELETE | fATTINDEX +rangeLower: 1 +rangeUpper: 256 +mapiID: 33137 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: LDAP-IPDeny-List +ldapDisplayName: lDAPIPDenyList +attributeId: 1.2.840.113556.1.4.844 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 7359a353-90f7-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Legacy-Exchange-DN +ldapDisplayName: legacyExchangeDN +attributeId: 1.2.840.113556.1.4.655 +attributeSyntax: 2.5.5.4 +omSyntax: 20 +isSingleValued: TRUE +schemaIdGuid: 28630ebc-41d5-11d1-a9c1-0000f80367c1 +systemOnly: FALSE +searchFlags:fPRESERVEONDELETE| fANR | fATTINDEX +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Link-ID +ldapDisplayName: linkID +attributeId: 1.2.840.113556.1.2.50 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf96799b-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +mapiID: 32965 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Link-Track-Secret +ldapDisplayName: linkTrackSecret +attributeId: 1.2.840.113556.1.4.269 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 2ae80fe2-47b4-11d0-a1a4-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Lm-Pwd-History +ldapDisplayName: lmPwdHistory +attributeId: 1.2.840.113556.1.4.160 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: bf96799d-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Locale-ID +ldapDisplayName: localeID +attributeId: 1.2.840.113556.1.4.58 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: FALSE +schemaIdGuid: bf9679a1-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Locality-Name +ldapDisplayName: l +attributeId: 2.5.4.7 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf9679a2-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY | fATTINDEX +rangeLower: 1 +rangeUpper: 128 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 14887 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Localization-Display-Id +ldapDisplayName: localizationDisplayId +attributeId: 1.2.840.113556.1.4.1353 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: a746f0d1-78d0-11d2-9916-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Localized-Description +ldapDisplayName: localizedDescription +attributeId: 1.2.840.113556.1.4.817 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: d9e18316-8939-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Local-Policy-Flags +ldapDisplayName: localPolicyFlags +attributeId: 1.2.840.113556.1.4.56 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf96799e-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Local-Policy-Reference +ldapDisplayName: localPolicyReference +attributeId: 1.2.840.113556.1.4.457 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 80a67e4d-9f22-11d0-afdd-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: a29b8a01-c7e8-11d0-9bae-00c04fd92ef5 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Location +ldapDisplayName: location +attributeId: 1.2.840.113556.1.4.222 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 09dcb79f-165f-11d0-a064-00aa006c33ed +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 0 +rangeUpper: 1024 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Lockout-Duration +ldapDisplayName: lockoutDuration +attributeId: 1.2.840.113556.1.4.60 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf9679a5-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: c7407360-20bf-11d0-a768-00aa006e0529 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Lock-Out-Observation-Window +ldapDisplayName: lockOutObservationWindow +attributeId: 1.2.840.113556.1.4.61 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf9679a4-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: c7407360-20bf-11d0-a768-00aa006e0529 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Lockout-Threshold +ldapDisplayName: lockoutThreshold +attributeId: 1.2.840.113556.1.4.73 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf9679a6-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 65535 +attributeSecurityGuid: c7407360-20bf-11d0-a768-00aa006e0529 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Lockout-Time +ldapDisplayName: lockoutTime +attributeId: 1.2.840.113556.1.4.662 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 28630ebf-41d5-11d1-a9c1-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: LoginShell +ldapDisplayName: loginShell +attributeId: 1.3.6.1.1.1.1.4 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: TRUE +schemaIdGuid: a553d12c-3231-4c5e-8adf-8d189697721e +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 1024 + +cn: Logo +ldapDisplayName: thumbnailLogo +attributeId: 2.16.840.1.113730.3.1.36 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf9679a9-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 32767 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Logon-Count +ldapDisplayName: logonCount +attributeId: 1.2.840.113556.1.4.169 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf9679aa-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Logon-Hours +ldapDisplayName: logonHours +attributeId: 1.2.840.113556.1.4.64 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf9679ab-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +attributeSecurityGuid: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Logon-Workstation +ldapDisplayName: logonWorkstation +attributeId: 1.2.840.113556.1.4.65 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf9679ac-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +attributeSecurityGuid: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: LSA-Creation-Time +ldapDisplayName: lSACreationTime +attributeId: 1.2.840.113556.1.4.66 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf9679ad-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: LSA-Modified-Count +ldapDisplayName: lSAModifiedCount +attributeId: 1.2.840.113556.1.4.67 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf9679ae-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MacAddress +ldapDisplayName: macAddress +attributeId: 1.3.6.1.1.1.1.22 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: e6a522dd-9770-43e1-89de-1de5044328f7 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 128 + +cn: Machine-Architecture +ldapDisplayName: machineArchitecture +attributeId: 1.2.840.113556.1.4.68 +attributeSyntax: 2.5.5.9 +omSyntax: 10 +isSingleValued: FALSE +schemaIdGuid: bf9679af-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Machine-Password-Change-Interval +ldapDisplayName: machinePasswordChangeInterval +attributeId: 1.2.840.113556.1.4.520 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: c9b6358e-bb38-11d0-afef-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: a29b89fe-c7e8-11d0-9bae-00c04fd92ef5 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Machine-Role +ldapDisplayName: machineRole +attributeId: 1.2.840.113556.1.4.71 +attributeSyntax: 2.5.5.9 +omSyntax: 10 +isSingleValued: TRUE +schemaIdGuid: bf9679b2-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Machine-Wide-Policy +ldapDisplayName: machineWidePolicy +attributeId: 1.2.840.113556.1.4.459 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 80a67e4f-9f22-11d0-afdd-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: a29b8a01-c7e8-11d0-9bae-00c04fd92ef5 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Managed-By +ldapDisplayName: managedBy +attributeId: 1.2.840.113556.1.4.653 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 0296c120-40da-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +linkID: 72 +mapiID: 32780 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Managed-Objects +ldapDisplayName: managedObjects +attributeId: 1.2.840.113556.1.4.654 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 0296c124-40da-11d1-a9c0-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +linkID: 73 +mapiID: 32804 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: Manager +ldapDisplayName: manager +attributeId: 0.9.2342.19200300.100.1.10 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: bf9679b5-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +linkID: 42 +mapiID: 32773 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MAPI-ID +ldapDisplayName: mAPIID +attributeId: 1.2.840.113556.1.2.49 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf9679b7-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +mapiID: 32974 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Marshalled-Interface +ldapDisplayName: marshalledInterface +attributeId: 1.2.840.113556.1.4.72 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: bf9679b9-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Mastered-By +ldapDisplayName: masteredBy +attributeId: 1.2.840.113556.1.4.1409 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: e48e64e0-12c9-11d3-9102-00c04fd91ab1 +systemOnly: TRUE +searchFlags: 0 +linkID: 77 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Max-Pwd-Age +ldapDisplayName: maxPwdAge +attributeId: 1.2.840.113556.1.4.74 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf9679bb-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: c7407360-20bf-11d0-a768-00aa006e0529 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Max-Renew-Age +ldapDisplayName: maxRenewAge +attributeId: 1.2.840.113556.1.4.75 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf9679bc-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Max-Storage +ldapDisplayName: maxStorage +attributeId: 1.2.840.113556.1.4.76 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf9679bd-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Max-Ticket-Age +ldapDisplayName: maxTicketAge +attributeId: 1.2.840.113556.1.4.77 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf9679be-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: May-Contain +ldapDisplayName: mayContain +attributeId: 1.2.840.113556.1.2.25 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: FALSE +schemaIdGuid: bf9679bf-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: meetingAdvertiseScope +ldapDisplayName: meetingAdvertiseScope +attributeId: 1.2.840.113556.1.4.582 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 11b6cc8b-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingApplication +ldapDisplayName: meetingApplication +attributeId: 1.2.840.113556.1.4.573 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 11b6cc83-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingBandwidth +ldapDisplayName: meetingBandwidth +attributeId: 1.2.840.113556.1.4.589 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: FALSE +schemaIdGuid: 11b6cc92-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingBlob +ldapDisplayName: meetingBlob +attributeId: 1.2.840.113556.1.4.590 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 11b6cc93-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingContactInfo +ldapDisplayName: meetingContactInfo +attributeId: 1.2.840.113556.1.4.578 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 11b6cc87-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingDescription +ldapDisplayName: meetingDescription +attributeId: 1.2.840.113556.1.4.567 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 11b6cc7e-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingEndTime +ldapDisplayName: meetingEndTime +attributeId: 1.2.840.113556.1.4.588 +attributeSyntax: 2.5.5.11 +omSyntax: 23 +isSingleValued: FALSE +schemaIdGuid: 11b6cc91-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingID +ldapDisplayName: meetingID +attributeId: 1.2.840.113556.1.4.565 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 11b6cc7c-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingIP +ldapDisplayName: meetingIP +attributeId: 1.2.840.113556.1.4.580 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 11b6cc89-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingIsEncrypted +ldapDisplayName: meetingIsEncrypted +attributeId: 1.2.840.113556.1.4.585 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 11b6cc8e-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingKeyword +ldapDisplayName: meetingKeyword +attributeId: 1.2.840.113556.1.4.568 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 11b6cc7f-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingLanguage +ldapDisplayName: meetingLanguage +attributeId: 1.2.840.113556.1.4.574 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 11b6cc84-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingLocation +ldapDisplayName: meetingLocation +attributeId: 1.2.840.113556.1.4.569 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 11b6cc80-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingMaxParticipants +ldapDisplayName: meetingMaxParticipants +attributeId: 1.2.840.113556.1.4.576 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 11b6cc85-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingName +ldapDisplayName: meetingName +attributeId: 1.2.840.113556.1.4.566 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 11b6cc7d-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingOriginator +ldapDisplayName: meetingOriginator +attributeId: 1.2.840.113556.1.4.577 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 11b6cc86-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingOwner +ldapDisplayName: meetingOwner +attributeId: 1.2.840.113556.1.4.579 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 11b6cc88-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingProtocol +ldapDisplayName: meetingProtocol +attributeId: 1.2.840.113556.1.4.570 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 11b6cc81-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingRating +ldapDisplayName: meetingRating +attributeId: 1.2.840.113556.1.4.584 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 11b6cc8d-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingRecurrence +ldapDisplayName: meetingRecurrence +attributeId: 1.2.840.113556.1.4.586 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 11b6cc8f-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingScope +ldapDisplayName: meetingScope +attributeId: 1.2.840.113556.1.4.581 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 11b6cc8a-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingStartTime +ldapDisplayName: meetingStartTime +attributeId: 1.2.840.113556.1.4.587 +attributeSyntax: 2.5.5.11 +omSyntax: 23 +isSingleValued: FALSE +schemaIdGuid: 11b6cc90-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingType +ldapDisplayName: meetingType +attributeId: 1.2.840.113556.1.4.571 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 11b6cc82-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: meetingURL +ldapDisplayName: meetingURL +attributeId: 1.2.840.113556.1.4.583 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 11b6cc8c-48c4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Member +ldapDisplayName: member +attributeId: 2.5.4.31 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: bf9679c0-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: bc0ac240-79a9-11d0-9020-00c04fc2d4cf +linkID: 2 +mapiID: 32777 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: MemberNisNetgroup +ldapDisplayName: memberNisNetgroup +attributeId: 1.3.6.1.1.1.1.13 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: 0f6a17dc-53e5-4be8-9442-8f3ce2f9012a +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 153600 + +cn: MemberUid +ldapDisplayName: memberUid +attributeId: 1.3.6.1.1.1.1.12 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: 03dab236-672e-4f61-ab64-f77d2dc2ffab +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 256000 + +cn: MHS-OR-Address +ldapDisplayName: mhsORAddress +attributeId: 1.2.840.113556.1.4.650 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 0296c122-40da-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Min-Pwd-Age +ldapDisplayName: minPwdAge +attributeId: 1.2.840.113556.1.4.78 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf9679c2-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: c7407360-20bf-11d0-a768-00aa006e0529 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Min-Pwd-Length +ldapDisplayName: minPwdLength +attributeId: 1.2.840.113556.1.4.79 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf9679c3-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: c7407360-20bf-11d0-a768-00aa006e0529 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Min-Ticket-Age +ldapDisplayName: minTicketAge +attributeId: 1.2.840.113556.1.4.80 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf9679c4-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Modified-Count +ldapDisplayName: modifiedCount +attributeId: 1.2.840.113556.1.4.168 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf9679c5-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: b8119fd0-04f6-4762-ab7a-4986c76b3f9a +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Modified-Count-At-Last-Prom +ldapDisplayName: modifiedCountAtLastProm +attributeId: 1.2.840.113556.1.4.81 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf9679c6-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Modify-Time-Stamp +ldapDisplayName: modifyTimeStamp +attributeId: 2.5.18.2 +attributeSyntax: 2.5.5.11 +omSyntax: 24 +isSingleValued: TRUE +schemaIdGuid: 9a7ad94a-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED |FLAG_DOMAIN_DISALLOW_RENAME +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Moniker +ldapDisplayName: moniker +attributeId: 1.2.840.113556.1.4.82 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: bf9679c7-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Moniker-Display-Name +ldapDisplayName: monikerDisplayName +attributeId: 1.2.840.113556.1.4.83 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf9679c8-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Move-Tree-State +ldapDisplayName: moveTreeState +attributeId: 1.2.840.113556.1.4.1305 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 1f2ac2c8-3b71-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-COM-DefaultPartitionLink +ldapDisplayName: msCOM-DefaultPartitionLink +attributeId: 1.2.840.113556.1.4.1427 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 998b10f7-aa1a-4364-b867-753d197fe670 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-COM-ObjectId +ldapDisplayName: msCOM-ObjectId +attributeId: 1.2.840.113556.1.4.1428 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 430f678b-889f-41f2-9843-203b5a65572f +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-COM-PartitionLink +ldapDisplayName: msCOM-PartitionLink +attributeId: 1.2.840.113556.1.4.1423 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 09abac62-043f-4702-ac2b-6ca15eee5754 +systemOnly: FALSE +searchFlags: 0 +linkID: 1040 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-COM-PartitionSetLink +ldapDisplayName: msCOM-PartitionSetLink +attributeId: 1.2.840.113556.1.4.1424 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 67f121dc-7d02-4c7d-82f5-9ad4c950ac34 +systemOnly: TRUE +searchFlags: 0 +linkID: 1041 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: ms-COM-UserLink +ldapDisplayName: msCOM-UserLink +attributeId: 1.2.840.113556.1.4.1425 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 9e6f3a4d-242c-4f37-b068-36b57f9fc852 +systemOnly: TRUE +searchFlags: 0 +linkID: 1049 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: ms-COM-UserPartitionSetLink +ldapDisplayName: msCOM-UserPartitionSetLink +attributeId: 1.2.840.113556.1.4.1426 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 8e940c8a-e477-4367-b08d-ff2ff942dcd7 +systemOnly: FALSE +searchFlags: 0 +linkID: 1048 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Mscope-Id +ldapDisplayName: mscopeId +attributeId: 1.2.840.113556.1.4.716 +attributeSyntax: 2.5.5.5 +omSyntax: 19 +isSingleValued: TRUE +schemaIdGuid: 963d2751-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DFS-Comment-v2 +ldapDisplayName: msDFS-Commentv2 +attributeId: 1.2.840.113556.1.4.2036 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: b786cec9-61fd-4523-b2c1-5ceb3860bb32 +isMemberOfPartialAttributeSet: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32766 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DFS-Generation-GUID-v2 +ldapDisplayName: msDFS-GenerationGUIDv2 +attributeId: 1.2.840.113556.1.4.2032 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 35b8b3d9-c58f-43d6-930e-5040f2f1a781 +isMemberOfPartialAttributeSet: FALSE +searchFlags: 0 +rangeLower: 16 +rangeUpper: 16 +systemFlags: 16 + +cn: ms-DFS-Last-Modified-v2 +ldapDisplayName: msDFS-LastModifiedv2 +attributeId: 1.2.840.113556.1.4.2034 +attributeSyntax: 2.5.5.11 +omSyntax: 24 +isSingleValued: TRUE +schemaIdGuid: 3c095e8a-314e-465b-83f5-ab8277bcf29b +isMemberOfPartialAttributeSet: FALSE +searchFlags: 0 +systemFlags: 16 + +cn: ms-DFS-Link-Identity-GUID-v2 +ldapDisplayName: msDFS-LinkIdentityGUIDv2 +attributeId: 1.2.840.113556.1.4.2041 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: edb027f3-5726-4dee-8d4e-dbf07e1ad1f1 +isMemberOfPartialAttributeSet: FALSE +searchFlags: 0 +rangeLower:16 +rangeUpper: 16 +systemFlags: 16 + +cn: ms-DFS-Link-Path-v2 +ldapDisplayName: msDFS-LinkPathv2 +attributeId: 1.2.840.113556.1.4.2039 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 86b021f6-10ab-40a2-a252-1dc0cc3be6a9 +isMemberOfPartialAttributeSet: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32766 +systemFlags: 16 + +cn: ms-DFS-Link-Security-Descriptor-v2 +ldapDisplayName: msDFS-LinkSecurityDescriptorv2 +attributeId: 1.2.840.113556.1.4.2040 +attributeSyntax: 2.5.5.15 +omSyntax: 66 +isSingleValued: TRUE +schemaIdGuid: 57cf87f7-3426-4841-b322-02b3b6e9eba8 +isMemberOfPartialAttributeSet: FALSE +searchFlags: 0 +systemFlags: 16 + +cn: ms-DFS-Namespace-Identity-GUID-v2 +ldapDisplayName: msDFS-NamespaceIdentityGUIDv2 +attributeId: 1.2.840.113556.1.4.2033 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 200432ce-ec5f-4931-a525-d7f4afe34e68 +isMemberOfPartialAttributeSet: FALSE +searchFlags: 0 +rangeLower: 16 +rangeUpper: 16 +systemFlags: 16 + +cn: ms-DFS-Properties-v2 +ldapDisplayName: msDFS-Propertiesv2 +attributeId: 1.2.840.113556.1.4.2037 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 0c3e5bc5-eb0e-40f5-9b53-334e958dffdb +isMemberOfPartialAttributeSet: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 1024 +systemFlags: 16 + +cn: ms-DFSR-CachePolicy +ldapDisplayName: msDFSR-CachePolicy +attributeId: 1.2.840.113556.1.6.13.3.29 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: db7a08e7-fc76-4569-a45f-f5ecb66a88b5 +searchFlags: 0 + +cn: ms-DFSR-CommonStagingPath +ldapDisplayName: msDFSR-CommonStagingPath +attributeId: 1.2.840.113556.1.6.13.3.38 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 936eac41-d257-4bb9-bd55-f310a3cf09ad +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 + +cn: ms-DFSR-CommonStagingSizeInMb +ldapDisplayName: msDFSR-CommonStagingSizeInMb +attributeId: 1.2.840.113556.1.6.13.3.39 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 135eb00e-4846-458b-8ea2-a37559afd405 +searchFlags: 0 +rangeLower: 0 +rangeUpper: -1 + +cn: ms-DFSR-ComputerReference +ldapDisplayName: msDFSR-ComputerReference +attributeId: 1.2.840.113556.1.6.13.3.101 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 6c7b5785-3d21-41bf-8a8a-627941544d5a +searchFlags: 0 +linkID: 2050 + +cn: ms-DFSR-ComputerReferenceBL +ldapDisplayName: msDFSR-ComputerReferenceBL +attributeId: 1.2.840.113556.1.6.13.3.103 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 5eb526d7-d71b-44ae-8cc6-95460052e6ac +searchFlags: 0 +linkID: 2051 +systemFlags: FLAG_ATTR_NOT_REPLICATED + +cn: ms-DFSR-ConflictPath +ldapDisplayName: msDFSR-ConflictPath +attributeId: 1.2.840.113556.1.6.13.3.7 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 5cf0bcc8-60f7-4bff-bda6-aea0344eb151 +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 + +cn: ms-DFSR-ConflictSizeInMb +ldapDisplayName: msDFSR-ConflictSizeInMb +attributeId: 1.2.840.113556.1.6.13.3.8 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 9ad33fc9-aacf-4299-bb3e-d1fc6ea88e49 +searchFlags: 0 +rangeLower: 0 +rangeUpper: -1 + +cn: ms-DFSR-ContentSetGuid +ldapDisplayName: msDFSR-ContentSetGuid +attributeId: 1.2.840.113556.1.6.13.3.18 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 1035a8e1-67a8-4c21-b7bb-031cdf99d7a0 +searchFlags: 0 +rangeLower: 16 +rangeUpper: 16 + +cn: ms-DFSR-DefaultCompressionExclusionFilter +ldapDisplayName: msDFSR-DefaultCompressionExclusionFilter +attributeId: 1.2.840.113556.1.6.13.3.34 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 87811bd5-cd8b-45cb-9f5d-980f3a9e0c97 +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 + +cn: ms-DFSR-DeletedPath +ldapDisplayName: msDFSR-DeletedPath +attributeId: 1.2.840.113556.1.6.13.3.26 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 817cf0b8-db95-4914-b833-5a079ef65764 +searchFlags: 0 +rangeUpper: 32767 + +cn: ms-DFSR-DeletedSizeInMb +ldapDisplayName: msDFSR-DeletedSizeInMb +attributeId: 1.2.840.113556.1.6.13.3.27 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 53ed9ad1-9975-41f4-83f5-0c061a12553a +searchFlags: 0 +rangeUpper: -1 + +cn: ms-DFSR-DfsLinkTarget +ldapDisplayName: msDFSR-DfsLinkTarget +attributeId: 1.2.840.113556.1.6.13.3.24 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f7b85ba9-3bf9-428f-aab4-2eee6d56f063 +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 + +cn: ms-DFSR-DfsPath +ldapDisplayName: msDFSR-DfsPath +attributeId: 1.2.840.113556.1.6.13.3.21 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 2cc903e2-398c-443b-ac86-ff6b01eac7ba +searchFlags: fATTINDEX +rangeLower: 0 +rangeUpper: 32767 + +cn: ms-DFSR-DirectoryFilter +ldapDisplayName: msDFSR-DirectoryFilter +attributeId: 1.2.840.113556.1.6.13.3.13 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 93c7b477-1f2e-4b40-b7bf-007e8d038ccf +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 + +cn: ms-DFSR-DisablePacketPrivacy +ldapDisplayName: msDFSR-DisablePacketPrivacy +attributeId: 1.2.840.113556.1.6.13.3.32 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 6a84ede5-741e-43fd-9dd6-aa0f61578621 +searchFlags: 0 + +cn: ms-DFSR-Enabled +ldapDisplayName: msDFSR-Enabled +attributeId: 1.2.840.113556.1.6.13.3.9 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 03726ae7-8e7d-4446-8aae-a91657c00993 +searchFlags: 0 + +cn: ms-DFSR-Extension +ldapDisplayName: msDFSR-Extension +attributeId: 1.2.840.113556.1.6.13.3.2 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 78f011ec-a766-4b19-adcf-7b81ed781a4d +searchFlags: 0 +rangeLower: 0 +rangeUpper: 65536 + +cn: ms-DFSR-FileFilter +ldapDisplayName: msDFSR-FileFilter +attributeId: 1.2.840.113556.1.6.13.3.12 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: d68270ac-a5dc-4841-a6ac-cd68be38c181 +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 + +cn: ms-DFSR-Flags +ldapDisplayName: msDFSR-Flags +attributeId: 1.2.840.113556.1.6.13.3.16 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: fe515695-3f61-45c8-9bfa-19c148c57b09 +searchFlags: 0 + +cn: ms-DFSR-Keywords +ldapDisplayName: msDFSR-Keywords +attributeId: 1.2.840.113556.1.6.13.3.15 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 048b4692-6227-4b67-a074-c4437083e14b +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 + +cn: ms-DFSR-MaxAgeInCacheInMin +ldapDisplayName: msDFSR-MaxAgeInCacheInMin +attributeId: 1.2.840.113556.1.6.13.3.31 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 2ab0e48d-ac4e-4afc-83e5-a34240db6198 +searchFlags: 0 +rangeUpper: 2147483647 + +cn: ms-DFSR-MemberReference +ldapDisplayName: msDFSR-MemberReference +attributeId: 1.2.840.113556.1.6.13.3.100 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 261337aa-f1c3-44b2-bbea-c88d49e6f0c7 +searchFlags: 0 +linkID: 2052 + +cn: ms-DFSR-MemberReferenceBL +ldapDisplayName: msDFSR-MemberReferenceBL +attributeId: 1.2.840.113556.1.6.13.3.102 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: adde62c6-1880-41ed-bd3c-30b7d25e14f0 +searchFlags: 0 +linkID: 2053 +systemFlags: FLAG_ATTR_NOT_REPLICATED + +cn: ms-DFSR-MinDurationCacheInMin +ldapDisplayName: msDFSR-MinDurationCacheInMin +attributeId: 1.2.840.113556.1.6.13.3.30 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 4c5d607a-ce49-444a-9862-82a95f5d1fcc +searchFlags: 0 +rangeUpper: 2147483647 + +cn: ms-DFSR-OnDemandExclusionDirectoryFilter +ldapDisplayName: msDFSR-OnDemandExclusionDirectoryFilter +attributeId: 1.2.840.113556.1.6.13.3.36 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 7d523aff-9012-49b2-9925-f922a0018656 +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 + +cn: ms-DFSR-OnDemandExclusionFileFilter +ldapDisplayName: msDFSR-OnDemandExclusionFileFilter +attributeId: 1.2.840.113556.1.6.13.3.35 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: a68359dc-a581-4ee6-9015-5382c60f0fb4 +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 + +cn: ms-DFSR-Options +ldapDisplayName: msDFSR-Options +attributeId: 1.2.840.113556.1.6.13.3.17 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: d6d67084-c720-417d-8647-b696237a114c +searchFlags: 0 + +cn: ms-DFSR-Options2 +ldapDisplayName: msDFSR-Options2 +attributeId: 1.2.840.113556.1.6.13.3.37 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 11e24318-4ca6-4f49-9afe-e5eb1afa3473 +searchFlags: 0 + +cn: ms-DFSR-Priority +ldapDisplayName: msDFSR-Priority +attributeId: 1.2.840.113556.1.6.13.3.25 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: eb20e7d6-32ad-42de-b141-16ad2631b01b +searchFlags: 0 + +cn: ms-DFSR-RdcEnabled +ldapDisplayName: msDFSR-RdcEnabled +attributeId: 1.2.840.113556.1.6.13.3.19 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: e3b44e05-f4a7-4078-a730-f48670a743f8 +searchFlags: 0 + +cn: ms-DFSR-RdcMinFileSizeInKb +ldapDisplayName: msDFSR-RdcMinFileSizeInKb +attributeId: 1.2.840.113556.1.6.13.3.20 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: f402a330-ace5-4dc1-8cc9-74d900bf8ae0 +searchFlags: 0 +rangeLower: 0 +rangeUpper: -1 + +cn: ms-DFSR-ReadOnly +ldapDisplayName: msDFSR-ReadOnly +attributeId: 1.2.840.113556.1.6.13.3.28 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 5ac48021-e447-46e7-9d23-92c0c6a90dfb +searchFlags: 0 + +cn: ms-DFSR-ReplicationGroupGuid +ldapDisplayName: msDFSR-ReplicationGroupGuid +attributeId: 1.2.840.113556.1.6.13.3.23 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 2dad8796-7619-4ff8-966e-0a5cc67b287f +searchFlags: fATTINDEX +rangeLower: 16 +rangeUpper: 16 + +cn: ms-DFSR-ReplicationGroupType +ldapDisplayName: msDFSR-ReplicationGroupType +attributeId: 1.2.840.113556.1.6.13.3.10 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: eeed0fc8-1001-45ed-80cc-bbf744930720 +searchFlags: 0 + +cn: ms-DFSR-RootFence +ldapDisplayName: msDFSR-RootFence +attributeId: 1.2.840.113556.1.6.13.3.22 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 51928e94-2cd8-4abe-b552-e50412444370 +searchFlags: 0 + +cn: ms-DFSR-RootPath +ldapDisplayName: msDFSR-RootPath +attributeId: 1.2.840.113556.1.6.13.3.3 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: d7d5e8c1-e61f-464f-9fcf-20bbe0a2ec54 +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 + +cn: ms-DFSR-RootSizeInMb +ldapDisplayName: msDFSR-RootSizeInMb +attributeId: 1.2.840.113556.1.6.13.3.4 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 90b769ac-4413-43cf-ad7a-867142e740a3 +searchFlags: 0 +rangeLower: 0 + +cn: ms-DFSR-Schedule +ldapDisplayName: msDFSR-Schedule +attributeId: 1.2.840.113556.1.6.13.3.14 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 4699f15f-a71f-48e2-9ff5-5897c0759205 +searchFlags: 0 +rangeLower: 336 +rangeUpper: 336 + +cn: ms-DFSR-StagingCleanupTriggerInPercent +ldapDisplayName: msDFSR-StagingCleanupTriggerInPercent +attributeId: 1.2.840.113556.1.6.13.3.40 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: d64b9c23-e1fa-467b-b317-6964d744d633 +searchFlags: 0 + +cn: ms-DFSR-StagingPath +ldapDisplayName: msDFSR-StagingPath +attributeId: 1.2.840.113556.1.6.13.3.5 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 86b9a69e-f0a6-405d-99bb-77d977992c2a +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 + +cn: ms-DFSR-StagingSizeInMb +ldapDisplayName: msDFSR-StagingSizeInMb +attributeId: 1.2.840.113556.1.6.13.3.6 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 250a8f20-f6fc-4559-ae65-e4b24c67aebe +searchFlags: 0 +rangeLower: 0 +rangeUpper: -1 + +cn: ms-DFSR-TombstoneExpiryInMin +ldapDisplayName: msDFSR-TombstoneExpiryInMin +attributeId: 1.2.840.113556.1.6.13.3.11 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 23e35d4c-e324-4861-a22f-e199140dae00 +searchFlags: 0 +rangeLower: 0 +rangeUpper: 2147483647 + +cn: ms-DFSR-Version +ldapDisplayName: msDFSR-Version +attributeId: 1.2.840.113556.1.6.13.3.1 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 1a861408-38c3-49ea-ba75-85481a77c655 +searchFlags: 0 +rangeUpper: 256 + +cn: ms-DFS-Schema-Major-Version +ldapDisplayName: msDFS-SchemaMajorVersion +attributeId: 1.2.840.113556.1.4.2030 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ec6d7855-704a-4f61-9aa6-c49a7c1d54c7 +isMemberOfPartialAttributeSet: FALSE +searchFlags: 0 +rangeLower: 2 +rangeUpper: 2 +systemFlags: 16 + +cn: ms-DFS-Schema-Minor-Version +ldapDisplayName: msDFS-SchemaMinorVersion +attributeId: 1.2.840.113556.1.4.2031 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: fef9a725-e8f1-43ab-bd86-6a0115ce9e38 +isMemberOfPartialAttributeSet: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 0 +systemFlags: 16 + +cn: ms-DFS-Short-Name-Link-Path-v2 +ldapDisplayName: msDFS-ShortNameLinkPathv2 +attributeId: 1.2.840.113556.1.4.2042 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 2d7826f0-4cf7-42e9-a039-1110e0d9ca99 +isMemberOfPartialAttributeSet: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32766 +systemFlags: 16 + +cn: ms-DFS-Target-List-v2 +ldapDisplayName: msDFS-TargetListv2 +attributeId: 1.2.840.113556.1.4.2038 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 6ab126c6-fa41-4b36-809e-7ca91610d48f +isMemberOfPartialAttributeSet: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 2097152 +systemFlags: 16 + +cn: ms-DFS-Ttl-v2 +ldapDisplayName: msDFS-Ttlv2 +attributeId: 1.2.840.113556.1.4.2035 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ea944d31-864a-4349-ada5-062e2c614f5e +isMemberOfPartialAttributeSet: FALSE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +searchFlags: 0 + +cn: MS-DRM-Identity-Certificate +ldapDisplayName: msDRM-IdentityCertificate +attributeId: 1.2.840.113556.1.4.1843 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: e85e1204-3434-41ad-9b56-e2901228fff0 +searchFlags: 0 +rangeLower: 1 +rangeUpper: 10240 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +isMemberOfPartialAttributeSet: TRUE + +cn: ms-DS-Additional-Dns-Host-Name +ldapDisplayName: msDS-AdditionalDnsHostName +attributeId: 1.2.840.113556.1.4.1717 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 80863791-dbe9-4eb8-837e-7f0ab55d9ac7 +systemOnly: TRUE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 2048 +attributeSecurityGuid: 72e39547-7b18-11d1-adef-00c04fd8d5cd +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Additional-Sam-Account-Name +ldapDisplayName: msDS-AdditionalSamAccountName +attributeId: 1.2.840.113556.1.4.1718 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 975571df-a4d5-429a-9f59-cdc6581d91e6 +systemOnly: TRUE +searchFlags: fPRESERVEONDELETE| fANR | fATTINDEX +rangeLower: 0 +rangeUpper: 256 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Allowed-DNS-Suffixes +ldapDisplayName: msDS-AllowedDNSSuffixes +attributeId: 1.2.840.113556.1.4.1710 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 8469441b-9ac4-4e45-8205-bd219dbf672d +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 2048 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Allowed-To-Delegate-To +ldapDisplayName: msDS-AllowedToDelegateTo +attributeId: 1.2.840.113556.1.4.1787 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 800d94d7-b7a1-42a1-b14d-7cae1423d07f +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: MS-DS-All-Users-Trust-Quota +ldapDisplayName: msDS-AllUsersTrustQuota +attributeId: 1.2.840.113556.1.4.1789 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: d3aa4a5c-4e03-4810-97aa-2b339e7a434b +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Approx-Immed-Subordinates +ldapDisplayName: msDS-Approx-Immed-Subordinates +attributeId: 1.2.840.113556.1.4.1669 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: e185d243-f6ce-4adb-b496-b0c005d7823c +systemOnly: TRUE +searchFlags: 0 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-AuthenticatedAt-DC +ldapDisplayName: msDS-AuthenticatedAtDC +attributeId: 1.2.840.113556.1.4.1958 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 3e1ee99c-6604-4489-89d9-84798a89515a +systemOnly: FALSE +searchFlags: 0 +linkID: 2112 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-AuthenticatedTo-Accountlist +ldapDisplayName: msDS-AuthenticatedToAccountlist +attributeId: 1.2.840.113556.1.4.1957 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: e8b2c971-a6df-47bc-8d6f-62770d527aa5 +systemOnly: TRUE +searchFlags: 0 +linkID: 2113 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Auxiliary-Classes +ldapDisplayName: msDS-Auxiliary-Classes +attributeId: 1.2.840.113556.1.4.1458 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: FALSE +schemaIdGuid: c4af1073-ee50-4be0-b8c0-89a41fe99abe +systemOnly: TRUE +searchFlags: fPRESERVEONDELETE +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Az-Application-Data +ldapDisplayName: msDS-AzApplicationData +attributeId: 1.2.840.113556.1.4.1819 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 503fc3e8-1cc6-461a-99a3-9eee04f402a7 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Application-Name +ldapDisplayName: msDS-AzApplicationName +attributeId: 1.2.840.113556.1.4.1798 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: db5b0728-6208-4876-83b7-95d3e5695275 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 512 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Application-Version +ldapDisplayName: msDS-AzApplicationVersion +attributeId: 1.2.840.113556.1.4.1817 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 7184a120-3ac4-47ae-848f-fe0ab20784d4 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Biz-Rule +ldapDisplayName: msDS-AzBizRule +attributeId: 1.2.840.113556.1.4.1801 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 33d41ea8-c0c9-4c92-9494-f104878413fd +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 65536 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Biz-Rule-Language +ldapDisplayName: msDS-AzBizRuleLanguage +attributeId: 1.2.840.113556.1.4.1802 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 52994b56-0e6c-4e07-aa5c-ef9d7f5a0e25 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 64 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Class-ID +ldapDisplayName: msDS-AzClassId +attributeId: 1.2.840.113556.1.4.1816 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 013a7277-5c2d-49ef-a7de-b765b36a3f6f +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 40 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Domain-Timeout +ldapDisplayName: msDS-AzDomainTimeout +attributeId: 1.2.840.113556.1.4.1795 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 6448f56a-ca70-4e2e-b0af-d20e4ce653d0 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Generate-Audits +ldapDisplayName: msDS-AzGenerateAudits +attributeId: 1.2.840.113556.1.4.1805 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: f90abab0-186c-4418-bb85-88447c87222a +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Generic-Data +ldapDisplayName: msDS-AzGenericData +attributeId: 1.2.840.113556.1.4.1950 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: b5f7e349-7a5b-407c-a334-a31c3f538b98 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 65536 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Last-Imported-Biz-Rule-Path +ldapDisplayName: msDS-AzLastImportedBizRulePath +attributeId: 1.2.840.113556.1.4.1803 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 665acb5c-bb92-4dbc-8c59-b3638eab09b3 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 65536 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-LDAP-Query +ldapDisplayName: msDS-AzLDAPQuery +attributeId: 1.2.840.113556.1.4.1792 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 5e53368b-fc94-45c8-9d7d-daf31ee7112d +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 4096 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Az-Major-Version +ldapDisplayName: msDS-AzMajorVersion +attributeId: 1.2.840.113556.1.4.1824 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: cfb9adb7-c4b7-4059-9568-1ed9db6b7248 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Minor-Version +ldapDisplayName: msDS-AzMinorVersion +attributeId: 1.2.840.113556.1.4.1825 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ee85ed93-b209-4788-8165-e702f51bfbf3 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Object-Guid +ldapDisplayName: msDS-AzObjectGuid +attributeId: 1.2.840.113556.1.4.1949 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 8491e548-6c38-4365-a732-af041569b02c +systemOnly: TRUE +searchFlags: fATTINDEX +rangeLower: 16 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Operation-ID +ldapDisplayName: msDS-AzOperationID +attributeId: 1.2.840.113556.1.4.1800 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: a5f3b553-5d76-4cbe-ba3f-4312152cab18 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Scope-Name +ldapDisplayName: msDS-AzScopeName +attributeId: 1.2.840.113556.1.4.1799 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 515a6b06-2617-4173-8099-d5605df043c6 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 65536 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Script-Engine-Cache-Max +ldapDisplayName: msDS-AzScriptEngineCacheMax +attributeId: 1.2.840.113556.1.4.1796 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 2629f66a-1f95-4bf3-a296-8e9d7b9e30c8 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Script-Timeout +ldapDisplayName: msDS-AzScriptTimeout +attributeId: 1.2.840.113556.1.4.1797 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 87d0fb41-2c8b-41f6-b972-11fdfd50d6b0 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Task-Is-Role-Definition +ldapDisplayName: msDS-AzTaskIsRoleDefinition +attributeId: 1.2.840.113556.1.4.1818 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 7b078544-6c82-4fe9-872f-ff48ad2b2e26 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Behavior-Version +ldapDisplayName: msDS-Behavior-Version +attributeId: 1.2.840.113556.1.4.1459 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: d31a8757-2447-4545-8081-3bb610cacbf2 +systemOnly: TRUE +searchFlags: 0 +rangeLower: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-BridgeHead-Servers-Used +ldapDisplayName: msDS-BridgeHeadServersUsed +attributeId: 1.2.840.113556.1.4.2049 +attributeSyntax: 2.5.5.7 +omSyntax: 127 +omObjectClass: 1.2.840.113556.1.1.1.11 +linkID: 2160 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +schemaIdGuid: 3ced1465-7b71-2541-8780-1e1ea6243a82 +searchFlags: 0 +systemFlags: FLAG_ATTR_NOT_REPLICATED | FLAG_ATTR_IS_OPERATIONAL |FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Byte-Array +ldapDisplayName: msDS-ByteArray +attributeId: 1.2.840.113556.1.4.1831 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: f0d8972e-dd5b-40e5-a51d-044c7c17ece7 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 1000000 +showInAdvancedViewOnly: FALSE + +cn: ms-DS-Cached-Membership +ldapDisplayName: msDS-Cached-Membership +attributeId: 1.2.840.113556.1.4.1441 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 69cab008-cdd4-4bc9-bab8-0ff37efe1b20 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Cached-Membership-Time-Stamp +ldapDisplayName: msDS-Cached-Membership-Time-Stamp +attributeId: 1.2.840.113556.1.4.1442 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 3566bf1f-beee-4dcb-8abe-ef89fcfec6c1 +systemOnly: FALSE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: MS-DS-Consistency-Child-Count +ldapDisplayName: mS-DS-ConsistencyChildCount +attributeId: 1.2.840.113556.1.4.1361 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 178b7bc2-b63a-11d2-90e1-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-DS-Consistency-Guid +ldapDisplayName: mS-DS-ConsistencyGuid +attributeId: 1.2.840.113556.1.4.1360 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 23773dc2-b63a-11d2-90e1-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-DS-Creator-SID +ldapDisplayName: mS-DS-CreatorSID +attributeId: 1.2.840.113556.1.4.1410 +attributeSyntax: 2.5.5.17 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: c5e60132-1480-11d3-91c1-0000f87a57d4 +systemOnly: TRUE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Date-Time +ldapDisplayName: msDS-DateTime +attributeId: 1.2.840.113556.1.4.1832 +attributeSyntax: 2.5.5.11 +omSyntax: 24 +isSingleValued: FALSE +schemaIdGuid: 234fcbd8-fb52-4908-a328-fd9f6e58e403 +systemOnly: FALSE +searchFlags: 0 +showInAdvancedViewOnly: FALSE + +cn: ms-DS-Default-Quota +ldapDisplayName: msDS-DefaultQuota +attributeId: 1.2.840.113556.1.4.1846 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 6818f726-674b-441b-8a3a-f40596374cea +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Deleted-Object-Lifetime +ldapDisplayName: msDS-DeletedObjectLifetime +attributeId: 1.2.840.113556.1.4.2068 +attributeSyntax: 2.5.5.9 +omSyntax: 10 +isSingleValued: TRUE +schemaIdGuid: a9b38cb6-189a-4def-8a70-0fcfa158148e +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-DnsRootAlias +ldapDisplayName: msDS-DnsRootAlias +attributeId: 1.2.840.113556.1.4.1719 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 2143acca-eead-4d29-b591-85fa49ce9173 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 255 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Enabled-Feature +ldapDisplayName: msDS-EnabledFeature +attributeId: 1.2.840.113556.1.4.2061 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +linkId: 2168 +isSingleValued: FALSE +schemaIdGuid: 5706aeaf-b940-4fb2-bcfc-5268683ad9fe +isMemberOfPartialAttributeSet: TRUE +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Enabled-Feature-BL +ldapDisplayName: msDS-EnabledFeatureBL +attributeId: 1.2.840.113556.1.4.2069 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +linkId: 2169 +isSingleValued: FALSE +schemaIdGuid: ce5b01bc-17c6-44b8-9dc1-a9668b00901b +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT|FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Entry-Time-To-Die +ldapDisplayName: msDS-Entry-Time-To-Die +attributeId: 1.2.840.113556.1.4.1622 +attributeSyntax: 2.5.5.11 +omSyntax: 24 +isSingleValued: TRUE +schemaIdGuid: e1e9bad7-c6dd-4101-a843-794cec85b038 +systemOnly: TRUE +searchFlags: fPRESERVEONDELETE | fATTINDEX +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_OPERATIONAL +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-ExecuteScriptPassword +ldapDisplayName: msDS-ExecuteScriptPassword +attributeId: 1.2.840.113556.1.4.1783 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 9d054a5a-d187-46c1-9d85-42dfc44a56dd +systemOnly: TRUE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 64 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-External-Key +ldapDisplayName: msDS-ExternalKey +attributeId: 1.2.840.113556.1.4.1833 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: b92fd528-38ac-40d4-818d-0433380837c1 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 10000 + +cn: ms-DS-External-Store +ldapDisplayName: msDS-ExternalStore +attributeId: 1.2.840.113556.1.4.1834 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 604877cd-9cdb-47c7-b03d-3daadb044910 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 10000 + +cn: ms-DS-Failed-Interactive-Logon-Count +ldapDisplayName: msDS-FailedInteractiveLogonCount +attributeId: 1.2.840.113556.1.4.1972 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: dc3ca86f-70ad-4960-8425-a4d6313d93dd +systemOnly: TRUE +searchFlags: 0 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Failed-Interactive-Logon-Count-At-Last-Successful-Logon +ldapDisplayName: msDS-FailedInteractiveLogonCountAtLastSuccessfulLogon +attributeId: 1.2.840.113556.1.4.1973 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: c5d234e5-644a-4403-a665-e26e0aef5e98 +systemOnly: TRUE +searchFlags: 0 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Filter-Containers +ldapDisplayName: msDS-FilterContainers +attributeId: 1.2.840.113556.1.4.1703 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: fb00dcdf-ac37-483a-9c12-ac53a6603033 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-HAB-Seniority-Index +ldapDisplayName: msDS-HABSeniorityIndex +attributeId: 1.2.840.113556.1.4.1997 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: def449f1-fd3b-4045-98cf-d9658da788b5 +systemOnly: FALSE +searchFlags: fATTINDEX +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 36000 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +isMemberOfPartialAttributeSet: TRUE + +cn: ms-DS-Has-Domain-NCs +ldapDisplayName: msDS-HasDomainNCs +attributeId: 1.2.840.113556.1.4.1820 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 6f17e347-a842-4498-b8b3-15e007da4fed +systemOnly: TRUE +searchFlags: 0 +rangeLower: 4 +rangeUpper: 4 +linkID: 2026 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Has-Full-Replica-NCs +ldapDisplayName: msDS-hasFullReplicaNCs +attributeId: 1.2.840.113556.1.4.1925 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 1d3c2d18-42d0-4868-99fe-0eca1e6fa9f3 +systemOnly: TRUE +searchFlags: 0 +linkID: 2104 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Has-Instantiated-NCs +ldapDisplayName: msDS-HasInstantiatedNCs +attributeId: 1.2.840.113556.1.4.1709 +attributeSyntax: 2.5.5.7 +omSyntax: 127 +omObjectClass: 1.2.840.113556.1.1.1.11 +isSingleValued: FALSE +schemaIdGuid: 11e9a5bc-4517-4049-af9c-51554fb0fc09 +systemOnly: TRUE +searchFlags: 0 +rangeLower: 4 +rangeUpper: 4 +linkID: 2002 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Has-Master-NCs +ldapDisplayName: msDS-hasMasterNCs +attributeId: 1.2.840.113556.1.4.1836 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: ae2de0e2-59d7-4d47-8d47-ed4dfe4357ad +systemOnly: TRUE +searchFlags: 0 +linkID: 2036 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Host-Service-Account +ldapDisplayName: msDS-HostServiceAccount +attributeId: 1.2.840.113556.1.4.2056 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 80641043-15a2-40e1-92a2-8ca866f70776 +attributeSecurityGUID: 77b5b886-944a-11d1-aebd-0000f80367c1 +searchFlags: 0 +linkID: 2166 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Host-Service-Account-BL +ldapDisplayName: msDS-HostServiceAccountBL +attributeId: 1.2.840.113556.1.4.2057 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 79abe4eb-88f3-48e7-89d6-f4bc7e98c331 +searchFlags: 0 +linkID: 2167 +systemFlags: FLAG_SCHEMA_BASE_OBJECT|FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Integer +ldapDisplayName: msDS-Integer +attributeId: 1.2.840.113556.1.4.1835 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: FALSE +schemaIdGuid: 7bc64cea-c04e-4318-b102-3e0729371a65 +systemOnly: FALSE +searchFlags: 0 +showInAdvancedViewOnly: FALSE + +cn: ms-DS-IntId +ldapDisplayName: msDS-IntId +attributeId: 1.2.840.113556.1.4.1716 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bc60096a-1b47-4b30-8877-602c93f56532 +systemOnly: TRUE +searchFlags: fPRESERVEONDELETE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Is-Domain-For +ldapDisplayName: msDS-IsDomainFor +attributeId: 1.2.840.113556.1.4.1933 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: ff155a2a-44e5-4de0-8318-13a58988de4f +systemOnly: TRUE +searchFlags: 0 +linkID: 2027 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: ms-DS-Is-Full-Replica-For +ldapDisplayName: msDS-IsFullReplicaFor +attributeId: 1.2.840.113556.1.4.1932 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: c8bc72e0-a6b4-48f0-94a5-fd76a88c9987 +systemOnly: TRUE +searchFlags: 0 +linkID: 2105 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: ms-DS-isGC +ldapDisplayName: msDS-isGC +attributeId: 1.2.840.113556.1.4.1959 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 1df5cf33-0fe5-499e-90e1-e94b42718a46 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Is-Partial-Replica-For +ldapDisplayName: msDS-IsPartialReplicaFor +attributeId: 1.2.840.113556.1.4.1934 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 37c94ff6-c6d4-498f-b2f9-c6f7f8647809 +systemOnly: TRUE +searchFlags: 0 +linkID: 75 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: ms-DS-isRODC +ldapDisplayName: msDS-isRODC +attributeId: 1.2.840.113556.1.4.1960 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: a8e8aa23-3e67-4af1-9d7a-2f1a1d633ac9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Is-User-Cachable-At-Rodc +ldapDisplayName: msDS-IsUserCachableAtRodc +attributeId: 1.2.840.113556.1.4.2025 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: fe01245a-341f-4556-951f-48c033a89050 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-KeyVersionNumber +ldapDisplayName: msDS-KeyVersionNumber +attributeId: 1.2.840.113556.1.4.1782 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: c523e9c0-33b5-4ac8-8923-b57b927f42f6 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-KrbTgt-Link +ldapDisplayName: msDS-KrbTgtLink +attributeId: 1.2.840.113556.1.4.1923 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 778ff5c9-6f4e-4b74-856a-d68383313910 +systemOnly: FALSE +searchFlags: 0 +linkID: 2100 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-KrbTgt-Link-BL +ldapDisplayName: msDS-KrbTgtLinkBl +attributeId: 1.2.840.113556.1.4.1931 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 5dd68c41-bfdf-438b-9b5d-39d9618bf260 +systemOnly: TRUE +searchFlags: 0 +linkID: 2101 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Last-Failed-Interactive-Logon-Time +ldapDisplayName: msDS-LastFailedInteractiveLogonTime +attributeId: 1.2.840.113556.1.4.1971 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: c7e7dafa-10c3-4b8b-9acd-54f11063742e +systemOnly: TRUE +searchFlags: 0 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Last-Known-RDN +ldapDisplayName: msDS-LastKnownRDN +attributeId: 1.2.840.113556.1.4.2067 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 8ab15858-683e-466d-877f-d640e1f9a611 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL +rangeLower: 1 +rangeUpper: 255 + +cn: ms-DS-Last-Successful-Interactive-Logon-Time +ldapDisplayName: msDS-LastSuccessfulInteractiveLogonTime +attributeId: 1.2.840.113556.1.4.1970 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 011929e6-8b5d-4258-b64a-00b0b4949747 +systemOnly: TRUE +searchFlags: 0 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Local-Effective-Deletion-Time +ldapDisplayName: msDS-LocalEffectiveDeletionTime +attributeId: 1.2.840.113556.1.4.2059 +attributeSyntax: 2.5.5.11 +omSyntax: 24 +isSingleValued: TRUE +schemaIdGuid: 94f2800c-531f-4aeb-975d-48ac39fd8ca4 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT|FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Local-Effective-Recycle-Time +ldapDisplayName: msDS-LocalEffectiveRecycleTime +attributeId: 1.2.840.113556.1.4.2060 +attributeSyntax: 2.5.5.11 +omSyntax: 24 +isSingleValued: TRUE +schemaIdGuid: 4ad6016b-b0d2-4c9b-93b6-5964b17b968c +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT|FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Lockout-Duration +ldapDisplayName: msDS-LockoutDuration +attributeId: 1.2.840.113556.1.4.2018 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 0 +schemaIdGuid: 421f889a-472e-4fe4-8eb9-e1d0bc6071b2 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Lockout-Observation-Window +ldapDisplayName: msDS-LockoutObservationWindow +attributeId: 1.2.840.113556.1.4.2017 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 0 +schemaIdGuid: b05bda89-76af-468a-b892-1be55558ecc8 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Lockout-Threshold +ldapDisplayName: msDS-LockoutThreshold +attributeId: 1.2.840.113556.1.4.2019 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 65535 +schemaIdGuid: b8c8c35e-4a19-4a95-99d0-69fe4446286f +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Logon-Time-Sync-Interval +ldapDisplayName: msDS-LogonTimeSyncInterval +attributeId: 1.2.840.113556.1.4.1784 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ad7940f8-e43a-4a42-83bc-d688e59ea605 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: MS-DS-Machine-Account-Quota +ldapDisplayName: ms-DS-MachineAccountQuota +attributeId: 1.2.840.113556.1.4.1411 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: d064fb68-1480-11d3-91c1-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Mastered-By +ldapDisplayName: msDs-masteredBy +attributeId: 1.2.840.113556.1.4.1837 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 60234769-4819-4615-a1b2-49d2f119acb5 +systemOnly: TRUE +searchFlags: 0 +linkID: 2037 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Maximum-Password-Age +ldapDisplayName: msDS-MaximumPasswordAge +attributeId: 1.2.840.113556.1.4.2011 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 0 +schemaIdGuid: fdd337f5-4999-4fce-b252-8ff9c9b43875 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Max-Values +ldapDisplayName: msDs-MaxValues +attributeId: 1.2.840.113556.1.4.1842 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: d1e169a4-ebe9-49bf-8fcb-8aef3874592d +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Members-For-Az-Role +ldapDisplayName: msDS-MembersForAzRole +attributeId: 1.2.840.113556.1.4.1806 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: cbf7e6cd-85a4-4314-8939-8bfe80597835 +systemOnly: FALSE +searchFlags: 0 +linkID: 2016 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Members-For-Az-Role-BL +ldapDisplayName: msDS-MembersForAzRoleBL +attributeId: 1.2.840.113556.1.4.1807 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: ececcd20-a7e0-4688-9ccf-02ece5e287f5 +systemOnly: TRUE +searchFlags: 0 +linkID: 2017 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: ms-DS-Minimum-Password-Age +ldapDisplayName: msDS-MinimumPasswordAge +attributeId: 1.2.840.113556.1.4.2012 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 0 +schemaIdGuid: 2a74f878-4d9c-49f9-97b3-6767d1cbd9a3 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Minimum-Password-Length +ldapDisplayName: msDS-MinimumPasswordLength +attributeId: 1.2.840.113556.1.4.2013 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 255 +schemaIdGuid: b21b3439-4c3a-441c-bb5f-08f20e9b315e +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-NC-Repl-Cursors +ldapDisplayName: msDS-NCReplCursors +attributeId: 1.2.840.113556.1.4.1704 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 8a167ce4-f9e8-47eb-8d78-f7fe80abb2cc +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-NC-Replica-Locations +ldapDisplayName: msDS-NC-Replica-Locations +attributeId: 1.2.840.113556.1.4.1661 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 97de9615-b537-46bc-ac0f-10720f3909f3 +systemOnly: FALSE +searchFlags: 0 +linkID: 1044 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-NC-Repl-Inbound-Neighbors +ldapDisplayName: msDS-NCReplInboundNeighbors +attributeId: 1.2.840.113556.1.4.1705 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 9edba85a-3e9e-431b-9b1a-a5b6e9eda796 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-NC-Repl-Outbound-Neighbors +ldapDisplayName: msDS-NCReplOutboundNeighbors +attributeId: 1.2.840.113556.1.4.1706 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 855f2ef5-a1c5-4cc4-ba6d-32522848b61f +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-NC-RO-Replica-Locations +ldapDisplayName: msDS-NC-RO-Replica-Locations +attributeId: 1.2.840.113556.1.4.1967 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 3df793df-9858-4417-a701-735a1ecebf74 +systemOnly: FALSE +searchFlags: 0 +linkID: 2114 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-NC-RO-Replica-Locations-BL +ldapDisplayName: msDS-NC-RO-Replica-Locations-BL +attributeId: 1.2.840.113556.1.4.1968 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: f547511c-5b2a-44cc-8358-992a88258164 +systemOnly: FALSE +searchFlags: 0 +linkID: 2115 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: ms-DS-NC-Type +ldapDisplayName: msDS-NcType +attributeId: 1.2.840.113556.1.4.2024 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +systemOnly: TRUE +searchFlags: 0 +schemaIdGuid: 5a2eacd7-cc2b-48cf-9d9a-b6f1a0024de9 +showInAdvancedViewOnly: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Never-Reveal-Group +ldapDisplayName: msDS-NeverRevealGroup +attributeId: 1.2.840.113556.1.4.1926 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 15585999-fd49-4d66-b25d-eeb96aba8174 +systemOnly: FALSE +searchFlags: 0 +linkID: 2106 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Non-Members +ldapDisplayName: msDS-NonMembers +attributeId: 1.2.840.113556.1.4.1793 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: cafcb1de-f23c-46b5-adf7-1e64957bd5db +systemOnly: FALSE +searchFlags: 0 +linkID: 2014 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Non-Members-BL +ldapDisplayName: msDS-NonMembersBL +attributeId: 1.2.840.113556.1.4.1794 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 2a8c68fc-3a7a-4e87-8720-fe77c51cbe74 +systemOnly: TRUE +searchFlags: 0 +linkID: 2015 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: ms-DS-Non-Security-Group-Extra-Classes +ldapDisplayName: msDS-Non-Security-Group-Extra-Classes +attributeId: 1.2.840.113556.1.4.1689 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 2de144fc-1f52-486f-bdf4-16fcc3084e54 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Object-Reference +ldapDisplayName: msDS-ObjectReference +attributeId: 1.2.840.113556.1.4.1840 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 638ec2e8-22e7-409c-85d2-11b21bee72de +systemOnly: FALSE +searchFlags: 0 +linkID: 2038 + +cn: ms-DS-Object-Reference-BL +ldapDisplayName: msDS-ObjectReferenceBL +attributeId: 1.2.840.113556.1.4.1841 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 2b702515-c1f7-4b3b-b148-c0e4c6ceecb4 +systemOnly: TRUE +searchFlags: 0 +linkID: 2039 +systemFlags: FLAG_ATTR_NOT_REPLICATED + +cn: ms-DS-OIDToGroup-Link +ldapDisplayName: msDS-OIDToGroupLink +attributeId: 1.2.840.113556.1.4.2051 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: f9c9a57c-3941-438d-bebf-0edaf2aca187 +systemOnly: FALSE +searchFlags: 0 +linkID: 2164 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-OIDToGroup-Link-BL +ldapDisplayName: msDS-OIDToGroupLinkBl +attributeId: 1.2.840.113556.1.4.2052 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 1a3d0d20-5844-4199-ad25-0f5039a76ada +systemOnly: TRUE +searchFlags: 0 +linkID: 2165 +systemFlags: FLAG_SCHEMA_BASE_OBJECT|FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Operations-For-Az-Role +ldapDisplayName: msDS-OperationsForAzRole +attributeId: 1.2.840.113556.1.4.1812 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 93f701be-fa4c-43b6-bc2f-4dbea718ffab +systemOnly: FALSE +searchFlags: 0 +linkID: 2022 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Operations-For-Az-Role-BL +ldapDisplayName: msDS-OperationsForAzRoleBL +attributeId: 1.2.840.113556.1.4.1813 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: f85b6228-3734-4525-b6b7-3f3bb220902c +systemOnly: TRUE +searchFlags: 0 +linkID: 2023 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: ms-DS-Operations-For-Az-Task +ldapDisplayName: msDS-OperationsForAzTask +attributeId: 1.2.840.113556.1.4.1808 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 1aacb436-2e9d-44a9-9298-ce4debeb6ebf +systemOnly: FALSE +searchFlags: 0 +linkID: 2018 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Operations-For-Az-Task-BL +ldapDisplayName: msDS-OperationsForAzTaskBL +attributeId: 1.2.840.113556.1.4.1809 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: a637d211-5739-4ed1-89b2-88974548bc59 +systemOnly: TRUE +searchFlags: 0 +linkID: 2019 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: ms-DS-Optional-Feature-Flags +ldapDisplayName: msDS-OptionalFeatureFlags +attributeId: 1.2.840.113556.1.4.2063 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 8a0560c1-97b9-4811-9db7-dc061598965b +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Optional-Feature-GUID +ldapDisplayName: msDS-OptionalFeatureGUID +attributeId: 1.2.840.113556.1.4.2062 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 9b88bda8-dd82-4998-a91d-5f2d2baf1927 +systemOnly: TRUE +searchFlags: 0 +rangeLower: 16 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Other-Settings +ldapDisplayName: msDS-Other-Settings +attributeId: 1.2.840.113556.1.4.1621 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 79d2f34c-9d7d-42bb-838f-866b3e4400e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Password-Complexity-Enabled +ldapDisplayName: msDS-PasswordComplexityEnabled +attributeId: 1.2.840.113556.1.4.2015 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +systemOnly: FALSE +searchFlags: 0 +schemaIdGuid: db68054b-c9c3-4bf0-b15b-0fb52552a610 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Password-History-Length +ldapDisplayName: msDS-PasswordHistoryLength +attributeId: 1.2.840.113556.1.4.2014 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 65535 +schemaIdGuid: fed81bb7-768c-4c2f-9641-2245de34794d +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Password-Reversible-Encryption-Enabled +ldapDisplayName: msDS-PasswordReversibleEncryptionEnabled +attributeId: 1.2.840.113556.1.4.2016 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +systemOnly: FALSE +searchFlags: 0 +schemaIdGuid: 75ccdd8f-af6c-4487-bb4b-69e4d38a959c +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Password-Settings-Precedence +ldapDisplayName: msDS-PasswordSettingsPrecedence +attributeId: 1.2.840.113556.1.4.2023 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +schemaIdGuid: 456374ac-1f0a-4617-93cf-bc55a7c9d341 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: MS-DS-Per-User-Trust-Quota +ldapDisplayName: msDS-PerUserTrustQuota +attributeId: 1.2.840.113556.1.4.1788 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: d161adf0-ca24-4993-a3aa-8b2c981302e8 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: MS-DS-Per-User-Trust-Tombstones-Quota +ldapDisplayName: msDS-PerUserTrustTombstonesQuota +attributeId: 1.2.840.113556.1.4.1790 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 8b70a6c6-50f9-4fa3-a71e-1ce03040449b +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Phonetic-Company-Name +ldapDisplayName: msDS-PhoneticCompanyName +attributeId: 1.2.840.113556.1.4.1945 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 5bd5208d-e5f4-46ae-a514-543bc9c47659 +systemOnly: FALSE +searchFlags: fATTINDEX | fANR +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 35985 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +isMemberOfPartialAttributeSet: TRUE + +cn: ms-DS-Phonetic-Department +ldapDisplayName: msDS-PhoneticDepartment +attributeId: 1.2.840.113556.1.4.1944 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 6cd53daf-003e-49e7-a702-6fa896e7a6ef +systemOnly: FALSE +searchFlags: fATTINDEX | fANR +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 35984 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +isMemberOfPartialAttributeSet: TRUE + +cn: ms-DS-Phonetic-Display-Name +ldapDisplayName: msDS-PhoneticDisplayName +attributeId: 1.2.840.113556.1.4.1946 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: e21a94e4-2d66-4ce5-b30d-0ef87a776ff0 +systemOnly: FALSE +searchFlags: fATTINDEX | fANR +rangeLower: 0 +rangeUpper: 256 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 35986 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL +isMemberOfPartialAttributeSet: TRUE + +cn: ms-DS-Phonetic-First-Name +ldapDisplayName: msDS-PhoneticFirstName +attributeId: 1.2.840.113556.1.4.1942 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 4b1cba4e-302f-4134-ac7c-f01f6c797843 +systemOnly: FALSE +searchFlags: fATTINDEX | fANR +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 35982 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +isMemberOfPartialAttributeSet: TRUE + +cn: ms-DS-Phonetic-Last-Name +ldapDisplayName: msDS-PhoneticLastName +attributeId: 1.2.840.113556.1.4.1943 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f217e4ec-0836-4b90-88af-2f5d4bbda2bc +systemOnly: FALSE +searchFlags: fATTINDEX | fANR +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 35983 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +isMemberOfPartialAttributeSet: TRUE + +cn: ms-DS-Preferred-GC-Site +ldapDisplayName: msDS-Preferred-GC-Site +attributeId: 1.2.840.113556.1.4.1444 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: d921b50a-0ab2-42cd-87f6-09cf83a91854 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Principal-Name +ldapDisplayName: msDS-PrincipalName +attributeId: 1.2.840.113556.1.4.1865 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 564e9325-d057-c143-9e3b-4f9e5ef46f93 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Promotion-Settings +ldapDisplayName: msDS-PromotionSettings +attributeId: 1.2.840.113556.1.4.1962 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: c881b4e2-43c0-4ebe-b9bb-5250aa9b434c +systemOnly: TRUE +searchFlags: 0 +rangeUpper: 65536 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-PSO-Applied +ldapDisplayName: msDS-PSOApplied +attributeId: 1.2.840.113556.1.4.2021 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +isSingleValued: FALSE +systemOnly: TRUE +searchFlags: 0 +omObjectClass: 1.3.12.2.1011.28.0.714 +schemaIdGuid: 5e6cf031-bda8-43c8-aca4-8fee4127005b +linkID: 2119 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-PSO-Applies-To +ldapDisplayName: msDS-PSOAppliesTo +attributeId: 1.2.840.113556.1.4.2020 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +isSingleValued: FALSE +systemOnly: FALSE +searchFlags: 0 +omObjectClass: 1.3.12.2.1011.28.0.714 +schemaIdGuid: 64c80f48-cdd2-4881-a86d-4e97b6f561fc +linkID: 2118 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Quota-Amount +ldapDisplayName: msDS-QuotaAmount +attributeId: 1.2.840.113556.1.4.1845 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: fbb9a00d-3a8c-4233-9cf9-7189264903a1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Quota-Effective +ldapDisplayName: msDS-QuotaEffective +attributeId: 1.2.840.113556.1.4.1848 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 6655b152-101c-48b4-b347-e1fcebc60157 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Quota-Trustee +ldapDisplayName: msDS-QuotaTrustee +attributeId: 1.2.840.113556.1.4.1844 +attributeSyntax: 2.5.5.17 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 16378906-4ea5-49be-a8d1-bfd41dff4f65 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 28 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Quota-Used +ldapDisplayName: msDS-QuotaUsed +attributeId: 1.2.840.113556.1.4.1849 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: b5a84308-615d-4bb7-b05f-2f1746aa439f +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Repl-Attribute-Meta-Data +ldapDisplayName: msDS-ReplAttributeMetaData +attributeId: 1.2.840.113556.1.4.1707 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: d7c53242-724e-4c39-9d4c-2df8c9d66c7a +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: MS-DS-Replicates-NC-Reason +ldapDisplayName: mS-DS-ReplicatesNCReason +attributeId: 1.2.840.113556.1.4.1408 +attributeSyntax: 2.5.5.7 +omSyntax: 127 +omObjectClass: 1.2.840.113556.1.1.1.11 +isSingleValued: FALSE +schemaIdGuid: 0ea12b84-08b3-11d3-91bc-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-ReplicationEpoch +ldapDisplayName: msDS-ReplicationEpoch +attributeId: 1.2.840.113556.1.4.1720 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 08e3aa79-eb1c-45b5-af7b-8f94246c8e41 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Replication-Notify-First-DSA-Delay +ldapDisplayName: msDS-Replication-Notify-First-DSA-Delay +attributeId: 1.2.840.113556.1.4.1663 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 85abd4f4-0a89-4e49-bdec-6f35bb2562ba +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Replication-Notify-Subsequent-DSA-Delay +ldapDisplayName: msDS-Replication-Notify-Subsequent-DSA-Delay +attributeId: 1.2.840.113556.1.4.1664 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: d63db385-dd92-4b52-b1d8-0d3ecc0e86b6 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Repl-Value-Meta-Data +ldapDisplayName: msDS-ReplValueMetaData +attributeId: 1.2.840.113556.1.4.1708 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 2f5c8145-e1bd-410b-8957-8bfa81d5acfd +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Required-Domain-Behavior-Version +ldapDisplayName: msDS-RequiredDomainBehaviorVersion +attributeId: 1.2.840.113556.1.4.2066 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: eadd3dfe-ae0e-4cc2-b9b9-5fe5b6ed2dd2 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Required-Forest-Behavior-Version +ldapDisplayName: msDS-RequiredForestBehaviorVersion +attributeId: 1.2.840.113556.1.4.2079 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 4beca2e8-a653-41b2-8fee-721575474bec +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Resultant-PSO +ldapDisplayName: msDS-ResultantPSO +attributeId: 1.2.840.113556.1.4.2022 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +isSingleValued: TRUE +systemOnly: TRUE +searchFlags: 0 +omObjectClass: 1.3.12.2.1011.28.0.714 +schemaIdGuid: b77ea093-88d0-4780-9a98-911f8e8b1dca +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Retired-Repl-NC-Signatures +ldapDisplayName: msDS-RetiredReplNCSignatures +attributeId: 1.2.840.113556.1.4.1826 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: d5b35506-19d6-4d26-9afb-11357ac99b5e +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Revealed-DSAs +ldapDisplayName: msDS-RevealedDSAs +attributeId: 1.2.840.113556.1.4.1930 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 94f6f2ac-c76d-4b5e-b71f-f332c3e93c22 +systemOnly: TRUE +searchFlags: 0 +linkID: 2103 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Revealed-List +ldapDisplayName: msDS-RevealedList +attributeId: 1.2.840.113556.1.4.1940 +attributeSyntax: 2.5.5.14 +omSyntax: 127 +omObjectClass: 1.2.840.113556.1.1.1.12 +isSingleValued: FALSE +schemaIdGuid: cbdad11c-7fec-387b-6219-3a0627d9af81 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Revealed-List-BL +ldapDisplayName: msDS-RevealedListBL +attributeId: 1.2.840.113556.1.4.1975 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: aa1c88fd-b0f6-429f-b2ca-9d902266e808 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Revealed-Users +ldapDisplayName: msDS-RevealedUsers +attributeId: 1.2.840.113556.1.4.1924 +attributeSyntax: 2.5.5.7 +omSyntax: 127 +omObjectClass: 1.2.840.113556.1.1.1.11 +isSingleValued: FALSE +schemaIdGuid: 185c7821-3749-443a-bd6a-288899071adb +systemOnly: TRUE +searchFlags: 0 +linkID: 2102 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Reveal-OnDemand-Group +ldapDisplayName: msDS-RevealOnDemandGroup +attributeId: 1.2.840.113556.1.4.1928 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 303d9f4a-1dd6-4b38-8fc5-33afe8c988ad +systemOnly: FALSE +searchFlags: 0 +linkID: 2110 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-ds-Schema-Extensions +ldapDisplayName: msDs-Schema-Extensions +attributeId: 1.2.840.113556.1.4.1440 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: b39a61be-ed07-4cab-9a4a-4963ed0141e1 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-SD-Reference-Domain +ldapDisplayName: msDS-SDReferenceDomain +attributeId: 1.2.840.113556.1.4.1711 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 4c51e316-f628-43a5-b06b-ffb695fcb4f3 +systemOnly: FALSE +searchFlags: 0 +linkID: 2000 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Secondary-KrbTgt-Number +ldapDisplayName: msDS-SecondaryKrbTgtNumber +attributeId: 1.2.840.113556.1.4.1929 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: aa156612-2396-467e-ad6a-28d23fdb1865 +systemOnly: TRUE +searchFlags: fATTINDEX +rangeLower: 65536 +rangeUpper: 65536 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Security-Group-Extra-Classes +ldapDisplayName: msDS-Security-Group-Extra-Classes +attributeId: 1.2.840.113556.1.4.1688 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 4f146ae8-a4fe-4801-a731-f51848a4f4e4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Settings +ldapDisplayName: msDS-Settings +attributeId: 1.2.840.113556.1.4.1697 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 0e1b47d7-40a3-4b48-8d1b-4cac0c1cdf21 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 1000000 +systemFlags: 0 + +cn: ms-DS-Site-Affinity +ldapDisplayName: msDS-Site-Affinity +attributeId: 1.2.840.113556.1.4.1443 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: c17c5602-bcb7-46f0-9656-6370ca884b72 +systemOnly: FALSE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-SiteName +ldapDisplayName: msDS-SiteName +attributeId: 1.2.840.113556.1.4.1961 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 98a7f36d-3595-448a-9e6f-6b8965baed9c +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Source-Object-DN +ldapDisplayName: msDS-SourceObjectDN +attributeId: 1.2.840.113556.1.4.1879 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 773e93af-d3b4-48d4-b3f9-06457602d3d0 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 10240 + +cn: ms-DS-SPN-Suffixes +ldapDisplayName: msDS-SPNSuffixes +attributeId: 1.2.840.113556.1.4.1715 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 789ee1eb-8c8e-4e4c-8cec-79b31b7617b5 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 255 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Supported-Encryption-Types +ldapDisplayName: msDS-SupportedEncryptionTypes +attributeId: 1.2.840.113556.1.4.1963 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 20119867-1d04-4ab7-9371-cfc3d5df0afd +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Tasks-For-Az-Role +ldapDisplayName: msDS-TasksForAzRole +attributeId: 1.2.840.113556.1.4.1814 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 35319082-8c4a-4646-9386-c2949d49894d +systemOnly: FALSE +searchFlags: 0 +linkID: 2024 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Tasks-For-Az-Role-BL +ldapDisplayName: msDS-TasksForAzRoleBL +attributeId: 1.2.840.113556.1.4.1815 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: a0dcd536-5158-42fe-8c40-c00a7ad37959 +systemOnly: TRUE +searchFlags: 0 +linkID: 2025 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: ms-DS-Tasks-For-Az-Task +ldapDisplayName: msDS-TasksForAzTask +attributeId: 1.2.840.113556.1.4.1810 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: b11c8ee2-5fcd-46a7-95f0-f38333f096cf +systemOnly: FALSE +searchFlags: 0 +linkID: 2020 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Tasks-For-Az-Task-BL +ldapDisplayName: msDS-TasksForAzTaskBL +attributeId: 1.2.840.113556.1.4.1811 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: df446e52-b5fa-4ca2-a42f-13f98a526c8f +systemOnly: TRUE +searchFlags: 0 +linkID: 2021 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: ms-DS-Tombstone-Quota-Factor +ldapDisplayName: msDS-TombstoneQuotaFactor +attributeId: 1.2.840.113556.1.4.1847 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 461744d7-f3b6-45ba-8753-fb9552a5df32 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 100 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Top-Quota-Usage +ldapDisplayName: msDS-TopQuotaUsage +attributeId: 1.2.840.113556.1.4.1850 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 7b7cce4f-f1f5-4bb6-b7eb-23504af19e75 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-Trust-Forest-Trust-Info +ldapDisplayName: msDS-TrustForestTrustInfo +attributeId: 1.2.840.113556.1.4.1702 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 29cc866e-49d3-4969-942e-1dbc0925d183 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-UpdateScript +ldapDisplayName: msDS-UpdateScript +attributeId: 1.2.840.113556.1.4.1721 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 146eb639-bb9f-4fc1-a825-e29e00c77920 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-User-Account-Control-Computed +ldapDisplayName: msDS-User-Account-Control-Computed +attributeId: 1.2.840.113556.1.4.1460 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 2cc4b836-b63f-4940-8d23-ea7acf06af56 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 4c164200-20c0-11d0-a768-00aa006e0529 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-User-Password-Expiry-Time-Computed +ldapDisplayName: msDS-UserPasswordExpiryTimeComputed +attributeId: 1.2.840.113556.1.4.1996 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: add5cf10-7b09-4449-9ae6-2534148f8a72 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 4c164200-20c0-11d0-a768-00aa006e0529 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-DS-USN-Last-Sync-Success +ldapDisplayName: msDS-USNLastSyncSuccess +attributeId: 1.2.840.113556.1.4.2055 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 31f7b8b6-c9f8-4f2d-a37b-58a823030331 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED | FLAG_ATTR_IS_OPERATIONAL +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: ms-Exch-Assistant-Name +ldapDisplayName: msExchAssistantName +attributeId: 1.2.840.113556.1.2.444 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: a8df7394-c5ea-11d1-bbcb-0080c76670c0 +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 +mapiID: 14896 + +cn: ms-Exch-House-Identifier +ldapDisplayName: msExchHouseIdentifier +attributeId: 1.2.840.113556.1.2.596 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: a8df7407-c5ea-11d1-bbcb-0080c76670c0 +searchFlags: 0 +rangeLower: 1 +rangeUpper: 128 +mapiID: 35924 + +cn: ms-Exch-LabeledURI +ldapDisplayName: msExchLabeledURI +attributeId: 1.2.840.113556.1.2.593 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 16775820-47f3-11d1-a9c3-0000f80367c1 +searchFlags: 0 +rangeLower: 1 +rangeUpper: 1024 +mapiID: 35921 + +cn: ms-Exch-Owner-BL +ldapDisplayName: ownerBL +attributeId: 1.2.840.113556.1.2.104 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: bf9679f4-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +linkID: 45 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: ms-FRS-Hub-Member +ldapDisplayName: msFRS-Hub-Member +attributeId: 1.2.840.113556.1.4.1693 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 5643ff81-35b6-4ca9-9512-baf0bd0a2772 +searchFlags: 0 +linkID: 1046 + +cn: ms-FRS-Topology-Pref +ldapDisplayName: msFRS-Topology-Pref +attributeId: 1.2.840.113556.1.4.1692 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 92aa27e0-5c50-402d-9ec1-ee847def9788 +searchFlags: 0 + +cn: ms-FVE-KeyPackage +ldapDisplayName: msFVE-KeyPackage +attributeId: 1.2.840.113556.1.4.1999 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +rangeUpper: 102400 +schemaIdGuid: 1fd55ea8-88a7-47dc-8129-0daa97186a54 +searchFlags: fRODCFilteredAttribute | fCONFIDENTIAL | fCOPY |fPRESERVEONDELETE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-FVE-RecoveryGuid +ldapDisplayName: msFVE-RecoveryGuid +attributeId: 1.2.840.113556.1.4.1965 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: f76909bc-e678-47a0-b0b3-f86a0044c06d +searchFlags: fCOPY | fPRESERVEONDELETE | fPDNTATTINDEX | fATTINDEX +rangeUpper: 128 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +isMemberOfPartialAttributeSet: TRUE + +cn: ms-FVE-RecoveryPassword +ldapDisplayName: msFVE-RecoveryPassword +attributeId: 1.2.840.113556.1.4.1964 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +rangeUpper: 256 +schemaIdGuid: 43061ac1-c8ad-4ccc-b785-2bfac20fc60a +searchFlags: fRODCFilteredAttribute | fCONFIDENTIAL | fCOPY |fPRESERVEONDELETE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-FVE-VolumeGuid +ldapDisplayName: msFVE-VolumeGuid +attributeId: 1.2.840.113556.1.4.1998 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +searchFlags: fCOPY | fPRESERVEONDELETE | fPDNTATTINDEX | fATTINDEX +rangeUpper: 128 +schemaIdGuid: 85e5a5cf-dcee-4075-9cfd-ac9db6a2f245 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +isMemberOfPartialAttributeSet: TRUE + +cn: ms-ieee-80211-Data +ldapDisplayName: msieee80211-Data +attributeId: 1.2.840.113556.1.4.1821 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 0e0d0938-2658-4580-a9f6-7a0ac7b566cb +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-ieee-80211-Data-Type +ldapDisplayName: msieee80211-DataType +attributeId: 1.2.840.113556.1.4.1822 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 6558b180-35da-4efe-beed-521f8f48cafb +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-ieee-80211-ID +ldapDisplayName: msieee80211-ID +attributeId: 1.2.840.113556.1.4.1823 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 7f73ef75-14c9-4c23-81de-dd07a06f9e8b +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Msi-File-List +ldapDisplayName: msiFileList +attributeId: 1.2.840.113556.1.4.671 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 7bfdcb7d-4807-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-IIS-FTP-Dir +ldapDisplayName: msIIS-FTPDir +attributeId: 1.2.840.113556.1.4.1786 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 8a5c99e9-2230-46eb-b8e8-e59d712eb9ee +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-IIS-FTP-Root +ldapDisplayName: msIIS-FTPRoot +attributeId: 1.2.840.113556.1.4.1785 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 2a7827a4-1483-49a5-9d84-52e3812156b4 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-Imaging-PSP-Identifier +ldapDisplayName: msImaging-PSPIdentifier +attributeId: 1.2.840.113556.1.4.2053 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 51583ce9-94fa-4b12-b990-304c35b18595 +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-Imaging-PSP-String +ldapDisplayName: msImaging-PSPString +attributeId: 1.2.840.113556.1.4.2054 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 7b6760ae-d6ed-44a6-b6be-9de62c09ec67 +searchFlags: 0 +rangeUpper: 524288 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Msi-Script +ldapDisplayName: msiScript +attributeId: 1.2.840.113556.1.4.814 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: d9e18313-8939-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Msi-Script-Name +ldapDisplayName: msiScriptName +attributeId: 1.2.840.113556.1.4.845 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 96a7dd62-9118-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Msi-Script-Path +ldapDisplayName: msiScriptPath +attributeId: 1.2.840.113556.1.4.15 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967937-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Msi-Script-Size +ldapDisplayName: msiScriptSize +attributeId: 1.2.840.113556.1.4.846 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 96a7dd63-9118-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Authenticate +ldapDisplayName: mSMQAuthenticate +attributeId: 1.2.840.113556.1.4.923 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 9a0dc326-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Base-Priority +ldapDisplayName: mSMQBasePriority +attributeId: 1.2.840.113556.1.4.920 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 9a0dc323-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Computer-Type +ldapDisplayName: mSMQComputerType +attributeId: 1.2.840.113556.1.4.933 +attributeSyntax: 2.5.5.4 +omSyntax: 20 +isSingleValued: TRUE +schemaIdGuid: 9a0dc32e-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Computer-Type-Ex +ldapDisplayName: mSMQComputerTypeEx +attributeId: 1.2.840.113556.1.4.1417 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 18120de8-f4c4-4341-bd95-32eb5bcf7c80 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Cost +ldapDisplayName: mSMQCost +attributeId: 1.2.840.113556.1.4.946 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 9a0dc33a-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-CSP-Name +ldapDisplayName: mSMQCSPName +attributeId: 1.2.840.113556.1.4.940 +attributeSyntax: 2.5.5.4 +omSyntax: 20 +isSingleValued: TRUE +schemaIdGuid: 9a0dc334-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Dependent-Client-Service +ldapDisplayName: mSMQDependentClientService +attributeId: 1.2.840.113556.1.4.1239 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 2df90d83-009f-11d2-aa4c-00c04fd7d83a +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Dependent-Client-Services +ldapDisplayName: mSMQDependentClientServices +attributeId: 1.2.840.113556.1.4.1226 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 2df90d76-009f-11d2-aa4c-00c04fd7d83a +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Digests +ldapDisplayName: mSMQDigests +attributeId: 1.2.840.113556.1.4.948 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 9a0dc33c-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 16 +rangeUpper: 16 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Digests-Mig +ldapDisplayName: mSMQDigestsMig +attributeId: 1.2.840.113556.1.4.966 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 0f71d8e0-da3b-11d1-90a5-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Ds-Service +ldapDisplayName: mSMQDsService +attributeId: 1.2.840.113556.1.4.1238 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 2df90d82-009f-11d2-aa4c-00c04fd7d83a +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Ds-Services +ldapDisplayName: mSMQDsServices +attributeId: 1.2.840.113556.1.4.1228 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 2df90d78-009f-11d2-aa4c-00c04fd7d83a +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Encrypt-Key +ldapDisplayName: mSMQEncryptKey +attributeId: 1.2.840.113556.1.4.936 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 9a0dc331-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Foreign +ldapDisplayName: mSMQForeign +attributeId: 1.2.840.113556.1.4.934 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 9a0dc32f-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-In-Routing-Servers +ldapDisplayName: mSMQInRoutingServers +attributeId: 1.2.840.113556.1.4.929 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 9a0dc32c-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Interval1 +ldapDisplayName: mSMQInterval1 +attributeId: 1.2.840.113556.1.4.1308 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 8ea825aa-3b7b-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Interval2 +ldapDisplayName: mSMQInterval2 +attributeId: 1.2.840.113556.1.4.1309 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 99b88f52-3b7b-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Journal +ldapDisplayName: mSMQJournal +attributeId: 1.2.840.113556.1.4.918 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 9a0dc321-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Journal-Quota +ldapDisplayName: mSMQJournalQuota +attributeId: 1.2.840.113556.1.4.921 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 9a0dc324-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Label +ldapDisplayName: mSMQLabel +attributeId: 1.2.840.113556.1.4.922 +attributeSyntax: 2.5.5.4 +omSyntax: 20 +isSingleValued: TRUE +schemaIdGuid: 9a0dc325-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 0 +rangeUpper: 124 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Label-Ex +ldapDisplayName: mSMQLabelEx +attributeId: 1.2.840.113556.1.4.1415 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 4580ad25-d407-48d2-ad24-43e6e56793d7 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 0 +rangeUpper: 124 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Long-Lived +ldapDisplayName: mSMQLongLived +attributeId: 1.2.840.113556.1.4.941 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 9a0dc335-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Migrated +ldapDisplayName: mSMQMigrated +attributeId: 1.2.840.113556.1.4.952 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 9a0dc33f-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Multicast-Address +ldapDisplayName: MSMQ-MulticastAddress +attributeId: 1.2.840.113556.1.4.1714 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 1d2f4412-f10d-4337-9b48-6e5b125cd265 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 9 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Name-Style +ldapDisplayName: mSMQNameStyle +attributeId: 1.2.840.113556.1.4.939 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 9a0dc333-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Nt4-Flags +ldapDisplayName: mSMQNt4Flags +attributeId: 1.2.840.113556.1.4.964 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: eb38a158-d57f-11d1-90a2-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Nt4-Stub +ldapDisplayName: mSMQNt4Stub +attributeId: 1.2.840.113556.1.4.960 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: FALSE +schemaIdGuid: 6f914be6-d57e-11d1-90a2-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-OS-Type +ldapDisplayName: mSMQOSType +attributeId: 1.2.840.113556.1.4.935 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 9a0dc330-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Out-Routing-Servers +ldapDisplayName: mSMQOutRoutingServers +attributeId: 1.2.840.113556.1.4.928 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 9a0dc32b-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Owner-ID +ldapDisplayName: mSMQOwnerID +attributeId: 1.2.840.113556.1.4.925 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 9a0dc328-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: fPRESERVEONDELETE | fATTINDEX +rangeLower: 16 +rangeUpper: 16 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: MSMQ-Prev-Site-Gates +ldapDisplayName: mSMQPrevSiteGates +attributeId: 1.2.840.113556.1.4.1225 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 2df90d75-009f-11d2-aa4c-00c04fd7d83a +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Privacy-Level +ldapDisplayName: mSMQPrivacyLevel +attributeId: 1.2.840.113556.1.4.924 +attributeSyntax: 2.5.5.9 +omSyntax: 10 +isSingleValued: TRUE +schemaIdGuid: 9a0dc327-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 2 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-QM-ID +ldapDisplayName: mSMQQMID +attributeId: 1.2.840.113556.1.4.951 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 9a0dc33e-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 16 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Queue-Journal-Quota +ldapDisplayName: mSMQQueueJournalQuota +attributeId: 1.2.840.113556.1.4.963 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 8e441266-d57f-11d1-90a2-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Queue-Name-Ext +ldapDisplayName: mSMQQueueNameExt +attributeId: 1.2.840.113556.1.4.1243 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 2df90d87-009f-11d2-aa4c-00c04fd7d83a +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 92 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Queue-Quota +ldapDisplayName: mSMQQueueQuota +attributeId: 1.2.840.113556.1.4.962 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 3f6b8e12-d57f-11d1-90a2-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Queue-Type +ldapDisplayName: mSMQQueueType +attributeId: 1.2.840.113556.1.4.917 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 9a0dc320-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 16 +rangeUpper: 16 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Quota +ldapDisplayName: mSMQQuota +attributeId: 1.2.840.113556.1.4.919 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 9a0dc322-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Recipient-FormatName +ldapDisplayName: msMQ-Recipient-FormatName +attributeId: 1.2.840.113556.1.4.1695 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 3bfe6748-b544-485a-b067-1b310c4334bf +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 255 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Routing-Service +ldapDisplayName: mSMQRoutingService +attributeId: 1.2.840.113556.1.4.1237 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 2df90d81-009f-11d2-aa4c-00c04fd7d83a +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Routing-Services +ldapDisplayName: mSMQRoutingServices +attributeId: 1.2.840.113556.1.4.1227 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 2df90d77-009f-11d2-aa4c-00c04fd7d83a +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Secured-Source +ldapDisplayName: MSMQ-SecuredSource +attributeId: 1.2.840.113556.1.4.1713 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 8bf0221b-7a06-4d63-91f0-1499941813d3 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Services +ldapDisplayName: mSMQServices +attributeId: 1.2.840.113556.1.4.950 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 9a0dc33d-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Service-Type +ldapDisplayName: mSMQServiceType +attributeId: 1.2.840.113556.1.4.930 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 9a0dc32d-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Sign-Certificates +ldapDisplayName: mSMQSignCertificates +attributeId: 1.2.840.113556.1.4.947 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 9a0dc33b-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 1048576 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Sign-Certificates-Mig +ldapDisplayName: mSMQSignCertificatesMig +attributeId: 1.2.840.113556.1.4.967 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 3881b8ea-da3b-11d1-90a5-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 1048576 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Sign-Key +ldapDisplayName: mSMQSignKey +attributeId: 1.2.840.113556.1.4.937 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 9a0dc332-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Site-1 +ldapDisplayName: mSMQSite1 +attributeId: 1.2.840.113556.1.4.943 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 9a0dc337-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Site-2 +ldapDisplayName: mSMQSite2 +attributeId: 1.2.840.113556.1.4.944 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 9a0dc338-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Site-Foreign +ldapDisplayName: mSMQSiteForeign +attributeId: 1.2.840.113556.1.4.961 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: FALSE +schemaIdGuid: fd129d8a-d57e-11d1-90a2-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Site-Gates +ldapDisplayName: mSMQSiteGates +attributeId: 1.2.840.113556.1.4.945 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 9a0dc339-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Site-Gates-Mig +ldapDisplayName: mSMQSiteGatesMig +attributeId: 1.2.840.113556.1.4.1310 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: e2704852-3b7b-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Site-ID +ldapDisplayName: mSMQSiteID +attributeId: 1.2.840.113556.1.4.953 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 9a0dc340-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Site-Name +ldapDisplayName: mSMQSiteName +attributeId: 1.2.840.113556.1.4.965 +attributeSyntax: 2.5.5.4 +omSyntax: 20 +isSingleValued: TRUE +schemaIdGuid: ffadb4b2-de39-11d1-90a5-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Site-Name-Ex +ldapDisplayName: mSMQSiteNameEx +attributeId: 1.2.840.113556.1.4.1416 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 422144fa-c17f-4649-94d6-9731ed2784ed +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Sites +ldapDisplayName: mSMQSites +attributeId: 1.2.840.113556.1.4.927 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 9a0dc32a-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 16 +rangeUpper: 16 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Transactional +ldapDisplayName: mSMQTransactional +attributeId: 1.2.840.113556.1.4.926 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 9a0dc329-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-User-Sid +ldapDisplayName: mSMQUserSid +attributeId: 1.2.840.113556.1.4.1337 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: c58aae32-56f9-11d2-90d0-00c04fd91ab1 +systemOnly: TRUE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 128 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER + +cn: MSMQ-Version +ldapDisplayName: mSMQVersion +attributeId: 1.2.840.113556.1.4.942 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 9a0dc336-c100-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-net-ieee-80211-GP-PolicyData +ldapDisplayName: ms-net-ieee-80211-GP-PolicyData +attributeId: 1.2.840.113556.1.4.1952 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 9c1495a5-4d76-468e-991e-1433b0a67855 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 4194304 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-net-ieee-80211-GP-PolicyGUID +ldapDisplayName: ms-net-ieee-80211-GP-PolicyGUID +attributeId: 1.2.840.113556.1.4.1951 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 35697062-1eaf-448b-ac1e-388e0be4fdee +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 64 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-net-ieee-80211-GP-PolicyReserved +ldapDisplayName: ms-net-ieee-80211-GP-PolicyReserved +attributeId: 1.2.840.113556.1.4.1953 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 0f69c62e-088e-4ff5-a53a-e923cec07c0a +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 4194304 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-net-ieee-8023-GP-PolicyData +ldapDisplayName: ms-net-ieee-8023-GP-PolicyData +attributeId: 1.2.840.113556.1.4.1955 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 8398948b-7457-4d91-bd4d-8d7ed669c9f7 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 1048576 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-net-ieee-8023-GP-PolicyGUID +ldapDisplayName: ms-net-ieee-8023-GP-PolicyGUID +attributeId: 1.2.840.113556.1.4.1954 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 94a7b05a-b8b2-4f59-9c25-39e69baa1684 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 64 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-net-ieee-8023-GP-PolicyReserved +ldapDisplayName: ms-net-ieee-8023-GP-PolicyReserved +attributeId: 1.2.840.113556.1.4.1956 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: d3c527c7-2606-4deb-8cfd-18426feec8ce +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 1048576 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: msNPAllowDialin +ldapDisplayName: msNPAllowDialin +attributeId: 1.2.840.113556.1.4.1119 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: db0c9085-c1f2-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: fCOPY +attributeSecurityGuid: 037088f8-0ae1-11d2-b422-00a0c968f939 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: msNPCalledStationID +ldapDisplayName: msNPCalledStationID +attributeId: 1.2.840.113556.1.4.1123 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: db0c9089-c1f2-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +searchFlags: 0 + +cn: msNPCallingStationID +ldapDisplayName: msNPCallingStationID +attributeId: 1.2.840.113556.1.4.1124 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: db0c908a-c1f2-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: fCOPY +attributeSecurityGuid: 037088f8-0ae1-11d2-b422-00a0c968f939 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: msNPSavedCallingStationID +ldapDisplayName: msNPSavedCallingStationID +attributeId: 1.2.840.113556.1.4.1130 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: db0c908e-c1f2-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: fCOPY +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-AccountCredentials +ldapDisplayName: msPKIAccountCredentials +attributeId: 1.2.840.113556.1.4.1894 +attributeSyntax: 2.5.5.7 +omSyntax: 127 +omObjectClass: 1.2.840.113556.1.1.1.11 +isSingleValued: FALSE +schemaIdGuid: b8dfa744-31dc-4ef1-ac7c-84baf7ef9da7 +systemOnly: FALSE +searchFlags: fCONFIDENTIAL | fRODCFilteredAttribute +attributeSecurityGuid: 91e647de-d96f-4b70-9557-d63ff4f3ccd8 +linkID: 2048 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +isMemberOfPartialAttributeSet: FALSE + +cn: ms-PKI-Certificate-Application-Policy +ldapDisplayName: msPKI-Certificate-Application-Policy +attributeId: 1.2.840.113556.1.4.1674 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: dbd90548-aa37-4202-9966-8c537ba5ce32 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-Certificate-Name-Flag +ldapDisplayName: msPKI-Certificate-Name-Flag +attributeId: 1.2.840.113556.1.4.1432 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ea1dddc4-60ff-416e-8cc0-17cee534bce7 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-Certificate-Policy +ldapDisplayName: msPKI-Certificate-Policy +attributeId: 1.2.840.113556.1.4.1439 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 38942346-cc5b-424b-a7d8-6ffd12029c5f +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +systemOnly: FALSE + +cn: ms-PKI-Cert-Template-OID +ldapDisplayName: msPKI-Cert-Template-OID +attributeId: 1.2.840.113556.1.4.1436 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 3164c36a-ba26-468c-8bda-c1e5cc256728 +systemOnly: FALSE +searchFlags: 1 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-Credential-Roaming-Tokens +ldapDisplayName: msPKI-CredentialRoamingTokens +attributeId: 1.2.840.113556.1.4.2050 +attributeSyntax: 2.5.5.7 +omSyntax: 127 +omObjectClass: 1.2.840.113556.1.1.1.11 +isSingleValued: FALSE +showInAdvancedViewOnly: TRUE +schemaIdGuid: b7ff5a38-0818-42b0-8110-d3d154c97f24 +attributeSecurityGUID: 91e647de-d96f-4b70-9557-d63ff4f3ccd8 +searchFlags: fCONFIDENTIAL +linkID: 2162 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-DPAPIMasterKeys +ldapDisplayName: msPKIDPAPIMasterKeys +attributeId: 1.2.840.113556.1.4.1893 +attributeSyntax: 2.5.5.7 +omSyntax: 127 +omObjectClass: 1.2.840.113556.1.1.1.11 +isSingleValued: FALSE +schemaIdGuid: b3f93023-9239-4f7c-b99c-6745d87adbc2 +systemOnly: FALSE +searchFlags: fCONFIDENTIAL | fRODCFilteredAttribute +attributeSecurityGuid: 91e647de-d96f-4b70-9557-d63ff4f3ccd8 +linkID: 2046 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +isMemberOfPartialAttributeSet: FALSE + +cn: ms-PKI-Enrollment-Flag +ldapDisplayName: msPKI-Enrollment-Flag +attributeId: 1.2.840.113556.1.4.1430 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: d15ef7d8-f226-46db-ae79-b34e560bd12c +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-Enrollment-Servers +ldapDisplayName: msPKI-Enrollment-Servers +attributeId: 1.2.840.113556.1.4.2076 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: f22bd38f-a1d0-4832-8b28-0331438886a6 +systemOnly: FALSE +rangeUpper: 65536 +isMemberOfPartialAttributeSet: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-Minimal-Key-Size +ldapDisplayName: msPKI-Minimal-Key-Size +attributeId: 1.2.840.113556.1.4.1433 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: e96a63f5-417f-46d3-be52-db7703c503df +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-OID-Attribute +ldapDisplayName: msPKI-OID-Attribute +attributeId: 1.2.840.113556.1.4.1671 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 8c9e1288-5028-4f4f-a704-76d026f246ef +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-OID-CPS +ldapDisplayName: msPKI-OID-CPS +attributeId: 1.2.840.113556.1.4.1672 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 5f49940e-a79f-4a51-bb6f-3d446a54dc6b +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 32768 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-OID-LocalizedName +ldapDisplayName: msPKI-OIDLocalizedName +attributeId: 1.2.840.113556.1.4.1712 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 7d59a816-bb05-4a72-971f-5c1331f67559 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 512 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-OID-User-Notice +ldapDisplayName: msPKI-OID-User-Notice +attributeId: 1.2.840.113556.1.4.1673 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 04c4da7a-e114-4e69-88de-e293f2d3b395 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 32768 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-Private-Key-Flag +ldapDisplayName: msPKI-Private-Key-Flag +attributeId: 1.2.840.113556.1.4.1431 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bab04ac2-0435-4709-9307-28380e7c7001 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-RA-Application-Policies +ldapDisplayName: msPKI-RA-Application-Policies +attributeId: 1.2.840.113556.1.4.1675 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 3c91fbbf-4773-4ccd-a87b-85d53e7bcf6a +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-RA-Policies +ldapDisplayName: msPKI-RA-Policies +attributeId: 1.2.840.113556.1.4.1438 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: d546ae22-0951-4d47-817e-1c9f96faad46 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-RA-Signature +ldapDisplayName: msPKI-RA-Signature +attributeId: 1.2.840.113556.1.4.1429 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: fe17e04b-937d-4f7e-8e0e-9292c8d5683e +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-RoamingTimeStamp +ldapDisplayName: msPKIRoamingTimeStamp +attributeId: 1.2.840.113556.1.4.1892 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 6617e4ac-a2f1-43ab-b60c-11fbd1facf05 +systemOnly: FALSE +searchFlags: fCONFIDENTIAL | fRODCFilteredAttribute +attributeSecurityGuid: 91e647de-d96f-4b70-9557-d63ff4f3ccd8 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +isMemberOfPartialAttributeSet: FALSE + +cn: ms-PKI-Site-Name +ldapDisplayName: msPKI-Site-Name +attributeId: 1.2.840.113556.1.4.2077 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 0cd8711f-0afc-4926-a4b1-09b08d3d436c +systemOnly: FALSE +rangeUpper: 1024 +isMemberOfPartialAttributeSet: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-Supersede-Templates +ldapDisplayName: msPKI-Supersede-Templates +attributeId: 1.2.840.113556.1.4.1437 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 9de8ae7d-7a5b-421d-b5e4-061f79dfd5d7 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-Template-Minor-Revision +ldapDisplayName: msPKI-Template-Minor-Revision +attributeId: 1.2.840.113556.1.4.1435 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 13f5236c-1884-46b1-b5d0-484e38990d58 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-Template-Schema-Version +ldapDisplayName: msPKI-Template-Schema-Version +attributeId: 1.2.840.113556.1.4.1434 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 0c15e9f5-491d-4594-918f-32813a091da9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: msRADIUSCallbackNumber +ldapDisplayName: msRADIUSCallbackNumber +attributeId: 1.2.840.113556.1.4.1145 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: TRUE +schemaIdGuid: db0c909c-c1f2-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: fCOPY +attributeSecurityGuid: 037088f8-0ae1-11d2-b422-00a0c968f939 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-RADIUS-FramedInterfaceId +ldapDisplayName: msRADIUS-FramedInterfaceId +attributeId: 1.2.840.113556.1.4.1913 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: TRUE +schemaIdGuid: a6f24a23-d65c-4d65-a64f-35fb6873c2b9 +systemOnly: FALSE +searchFlags: fCOPY +rangeUpper: 8 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: msRADIUSFramedIPAddress +ldapDisplayName: msRADIUSFramedIPAddress +attributeId: 1.2.840.113556.1.4.1153 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: db0c90a4-c1f2-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: fCOPY +attributeSecurityGuid: 037088f8-0ae1-11d2-b422-00a0c968f939 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-RADIUS-FramedIpv6Prefix +ldapDisplayName: msRADIUS-FramedIpv6Prefix +attributeId: 1.2.840.113556.1.4.1915 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: TRUE +schemaIdGuid: f63ed610-d67c-494d-87be-cd1e24359a38 +systemOnly: FALSE +searchFlags: fCOPY +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-RADIUS-FramedIpv6Route +ldapDisplayName: msRADIUS-FramedIpv6Route +attributeId: 1.2.840.113556.1.4.1917 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: 5a5aa804-3083-4863-94e5-018a79a22ec0 +systemOnly: FALSE +searchFlags: fCOPY +rangeUpper: 4096 + +cn: msRADIUSFramedRoute +ldapDisplayName: msRADIUSFramedRoute +attributeId: 1.2.840.113556.1.4.1158 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: db0c90a9-c1f2-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: fCOPY +attributeSecurityGuid: 037088f8-0ae1-11d2-b422-00a0c968f939 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-RADIUS-SavedFramedInterfaceId +ldapDisplayName: msRADIUS-SavedFramedInterfaceId +attributeId: 1.2.840.113556.1.4.1914 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: TRUE +schemaIdGuid: a4da7289-92a3-42e5-b6b6-dad16d280ac9 +systemOnly: FALSE +searchFlags: fCOPY +rangeUpper: 8 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-RADIUS-SavedFramedIpv6Prefix +ldapDisplayName: msRADIUS-SavedFramedIpv6Prefix +attributeId: 1.2.840.113556.1.4.1916 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: TRUE +schemaIdGuid: 0965a062-b1e1-403b-b48d-5c0eb0e952cc +systemOnly: FALSE +searchFlags: fCOPY +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-RADIUS-SavedFramedIpv6Route +ldapDisplayName: msRADIUS-SavedFramedIpv6Route +attributeId: 1.2.840.113556.1.4.1918 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: 9666bb5c-df9d-4d41-b437-2eec7e27c9b3 +systemOnly: FALSE +searchFlags: fCOPY +rangeUpper: 4096 + +cn: msRADIUSServiceType +ldapDisplayName: msRADIUSServiceType +attributeId: 1.2.840.113556.1.4.1171 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: db0c90b6-c1f2-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: fCOPY +attributeSecurityGuid: 037088f8-0ae1-11d2-b422-00a0c968f939 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: msRASSavedCallbackNumber +ldapDisplayName: msRASSavedCallbackNumber +attributeId: 1.2.840.113556.1.4.1189 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: TRUE +schemaIdGuid: db0c90c5-c1f2-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: fCOPY +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: msRASSavedFramedIPAddress +ldapDisplayName: msRASSavedFramedIPAddress +attributeId: 1.2.840.113556.1.4.1190 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: db0c90c6-c1f2-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: fCOPY +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: msRASSavedFramedRoute +ldapDisplayName: msRASSavedFramedRoute +attributeId: 1.2.840.113556.1.4.1191 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: db0c90c7-c1f2-11d1-bbc5-0080c76670c0 +systemOnly: FALSE +searchFlags: fCOPY +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-RRAS-Attribute +ldapDisplayName: msRRASAttribute +attributeId: 1.2.840.113556.1.4.884 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: f39b98ad-938d-11d1-aebd-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-RRAS-Vendor-Attribute-Entry +ldapDisplayName: msRRASVendorAttributeEntry +attributeId: 1.2.840.113556.1.4.883 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: f39b98ac-938d-11d1-aebd-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: msSFU-30-Aliases +ldapDisplayName: msSFU30Aliases +attributeId: 1.2.840.113556.1.6.18.1.323 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: 20ebf171-c69a-4c31-b29d-dcb837d8912d +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 153600 + +cn: msSFU-30-Crypt-Method +ldapDisplayName: msSFU30CryptMethod +attributeId: 1.2.840.113556.1.6.18.1.352 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: TRUE +schemaIdGuid: 4503d2a3-3d70-41b8-b077-dff123c15865 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 1024 + +cn: msSFU-30-Domains +ldapDisplayName: msSFU30Domains +attributeId: 1.2.840.113556.1.6.18.1.340 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: 93095ed3-6f30-4bdd-b734-65d569f5f7c9 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeUpper: 256000 + +cn: msSFU-30-Field-Separator +ldapDisplayName: msSFU30FieldSeparator +attributeId: 1.2.840.113556.1.6.18.1.302 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: a2e11a42-e781-4ca1-a7fa-ec307f62b6a1 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 50 + +cn: msSFU-30-Intra-Field-Separator +ldapDisplayName: msSFU30IntraFieldSeparator +attributeId: 1.2.840.113556.1.6.18.1.303 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 95b2aef0-27e4-4cb9-880a-a2d9a9ea23b8 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 50 + +cn: msSFU-30-Is-Valid-Container +ldapDisplayName: msSFU30IsValidContainer +attributeId: 1.2.840.113556.1.6.18.1.350 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 0dea42f5-278d-4157-b4a7-49b59664915b +systemOnly: FALSE +searchFlags: fATTINDEX + +cn: msSFU-30-Key-Attributes +ldapDisplayName: msSFU30KeyAttributes +attributeId: 1.2.840.113556.1.6.18.1.301 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 32ecd698-ce9e-4894-a134-7ad76b082e83 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 1024 + +cn: msSFU-30-Key-Values +ldapDisplayName: msSFU30KeyValues +attributeId: 1.2.840.113556.1.6.18.1.324 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: 37830235-e5e9-46f2-922b-d8d44f03e7ae +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 10240 + +cn: msSFU-30-Map-Filter +ldapDisplayName: msSFU30MapFilter +attributeId: 1.2.840.113556.1.6.18.1.306 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: b7b16e01-024f-4e23-ad0d-71f1a406b684 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 1024 + +cn: msSFU-30-Master-Server-Name +ldapDisplayName: msSFU30MasterServerName +attributeId: 1.2.840.113556.1.6.18.1.307 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 4cc908a2-9e18-410e-8459-f17cc422020a +systemOnly: FALSE +searchFlags: fATTINDEX +rangeUpper: 1024 + +cn: msSFU-30-Max-Gid-Number +ldapDisplayName: msSFU30MaxGidNumber +attributeId: 1.2.840.113556.1.6.18.1.342 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 04ee6aa6-f83b-469a-bf5a-3c00d3634669 +systemOnly: FALSE +searchFlags: fATTINDEX + +cn: msSFU-30-Max-Uid-Number +ldapDisplayName: msSFU30MaxUidNumber +attributeId: 1.2.840.113556.1.6.18.1.343 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ec998437-d944-4a28-8500-217588adfc75 +systemOnly: FALSE +searchFlags: fATTINDEX + +cn: msSFU-30-Name +ldapDisplayName: msSFU30Name +attributeId: 1.2.840.113556.1.6.18.1.309 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: TRUE +schemaIdGuid: 16c5d1d3-35c2-4061-a870-a5cefda804f0 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeUpper: 1024 + +cn: msSFU-30-Netgroup-Host-At-Domain +ldapDisplayName: msSFU30NetgroupHostAtDomain +attributeId: 1.2.840.113556.1.6.18.1.348 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: 97d2bf65-0466-4852-a25a-ec20f57ee36c +systemOnly: FALSE +searchFlags: fATTINDEX +rangeUpper: 2048 + +cn: msSFU-30-Netgroup-User-At-Domain +ldapDisplayName: msSFU30NetgroupUserAtDomain +attributeId: 1.2.840.113556.1.6.18.1.349 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: a9e84eed-e630-4b67-b4b3-cad2a82d345e +systemOnly: FALSE +searchFlags: fATTINDEX +rangeUpper: 2048 + +cn: msSFU-30-Nis-Domain +ldapDisplayName: msSFU30NisDomain +attributeId: 1.2.840.113556.1.6.18.1.339 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: TRUE +schemaIdGuid: 9ee3b2e3-c7f3-45f8-8c9f-1382be4984d2 +systemOnly: FALSE +searchFlags: fPRESERVEONDELETE | fATTINDEX +rangeUpper: 1024 + +cn: msSFU-30-NSMAP-Field-Position +ldapDisplayName: msSFU30NSMAPFieldPosition +attributeId: 1.2.840.113556.1.6.18.1.345 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: TRUE +schemaIdGuid: 585c9d5e-f599-4f07-9cf9-4373af4b89d3 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 1024 + +cn: msSFU-30-Order-Number +ldapDisplayName: msSFU30OrderNumber +attributeId: 1.2.840.113556.1.6.18.1.308 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 02625f05-d1ee-4f9f-b366-55266becb95c +systemOnly: FALSE +searchFlags: fATTINDEX +rangeUpper: 1024 + +cn: msSFU-30-Posix-Member +ldapDisplayName: msSFU30PosixMember +attributeId: 1.2.840.113556.1.6.18.1.346 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: c875d82d-2848-4cec-bb50-3c5486d09d57 +systemOnly: FALSE +searchFlags: 0 +linkID: 2030 + +cn: msSFU-30-Posix-Member-Of +ldapDisplayName: msSFU30PosixMemberOf +attributeId: 1.2.840.113556.1.6.18.1.347 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 7bd76b92-3244-438a-ada6-24f5ea34381e +systemOnly: FALSE +searchFlags: 0 +linkID: 2031 +systemFlags: FLAG_ATTR_NOT_REPLICATED + +cn: msSFU-30-Result-Attributes +ldapDisplayName: msSFU30ResultAttributes +attributeId: 1.2.840.113556.1.6.18.1.305 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: e167b0b6-4045-4433-ac35-53f972d45cba +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 1024 + +cn: msSFU-30-Search-Attributes +ldapDisplayName: msSFU30SearchAttributes +attributeId: 1.2.840.113556.1.6.18.1.304 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: ef9a2df0-2e57-48c8-8950-0cc674004733 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 1024 + +cn: msSFU-30-Search-Container +ldapDisplayName: msSFU30SearchContainer +attributeId: 1.2.840.113556.1.6.18.1.300 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 27eebfa2-fbeb-4f8e-aad6-c50247994291 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 2048 + +cn: msSFU-30-Yp-Servers +ldapDisplayName: msSFU30YpServers +attributeId: 1.2.840.113556.1.6.18.1.341 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: 084a944b-e150-4bfe-9345-40e1aedaebba +systemOnly: FALSE +searchFlags: fATTINDEX +rangeUpper: 20480 + +cn: MS-SQL-Alias +ldapDisplayName: mS-SQL-Alias +attributeId: 1.2.840.113556.1.4.1395 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: e0c6baae-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: fATTINDEX +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-AllowAnonymousSubscription +ldapDisplayName: mS-SQL-AllowAnonymousSubscription +attributeId: 1.2.840.113556.1.4.1394 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: db77be4a-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-AllowImmediateUpdatingSubscription +ldapDisplayName: mS-SQL-AllowImmediateUpdatingSubscription +attributeId: 1.2.840.113556.1.4.1404 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: c4186b6e-d34b-11d2-999a-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-AllowKnownPullSubscription +ldapDisplayName: mS-SQL-AllowKnownPullSubscription +attributeId: 1.2.840.113556.1.4.1403 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: c3bb7054-d34b-11d2-999a-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-AllowQueuedUpdatingSubscription +ldapDisplayName: mS-SQL-AllowQueuedUpdatingSubscription +attributeId: 1.2.840.113556.1.4.1405 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: c458ca80-d34b-11d2-999a-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-AllowSnapshotFilesFTPDownloading +ldapDisplayName: mS-SQL-AllowSnapshotFilesFTPDownloading +attributeId: 1.2.840.113556.1.4.1406 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: c49b8be8-d34b-11d2-999a-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-AppleTalk +ldapDisplayName: mS-SQL-AppleTalk +attributeId: 1.2.840.113556.1.4.1378 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 8fda89f4-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-Applications +ldapDisplayName: mS-SQL-Applications +attributeId: 1.2.840.113556.1.4.1400 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: fbcda2ea-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-Build +ldapDisplayName: mS-SQL-Build +attributeId: 1.2.840.113556.1.4.1368 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 603e94c4-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-CharacterSet +ldapDisplayName: mS-SQL-CharacterSet +attributeId: 1.2.840.113556.1.4.1370 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 696177a6-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-Clustered +ldapDisplayName: mS-SQL-Clustered +attributeId: 1.2.840.113556.1.4.1373 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 7778bd90-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-ConnectionURL +ldapDisplayName: mS-SQL-ConnectionURL +attributeId: 1.2.840.113556.1.4.1383 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: a92d23da-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-Contact +ldapDisplayName: mS-SQL-Contact +attributeId: 1.2.840.113556.1.4.1365 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 4f6cbdd8-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-CreationDate +ldapDisplayName: mS-SQL-CreationDate +attributeId: 1.2.840.113556.1.4.1397 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: ede14754-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-Database +ldapDisplayName: mS-SQL-Database +attributeId: 1.2.840.113556.1.4.1393 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: d5a0dbdc-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: fATTINDEX +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-Description +ldapDisplayName: mS-SQL-Description +attributeId: 1.2.840.113556.1.4.1390 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 8386603c-ccef-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-GPSHeight +ldapDisplayName: mS-SQL-GPSHeight +attributeId: 1.2.840.113556.1.4.1387 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bcdd4f0e-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-GPSLatitude +ldapDisplayName: mS-SQL-GPSLatitude +attributeId: 1.2.840.113556.1.4.1385 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: b222ba0e-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-GPSLongitude +ldapDisplayName: mS-SQL-GPSLongitude +attributeId: 1.2.840.113556.1.4.1386 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: b7577c94-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-InformationDirectory +ldapDisplayName: mS-SQL-InformationDirectory +attributeId: 1.2.840.113556.1.4.1392 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: d0aedb2e-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-InformationURL +ldapDisplayName: mS-SQL-InformationURL +attributeId: 1.2.840.113556.1.4.1382 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: a42cd510-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-Keywords +ldapDisplayName: mS-SQL-Keywords +attributeId: 1.2.840.113556.1.4.1401 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 01e9a98a-ccef-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-Language +ldapDisplayName: mS-SQL-Language +attributeId: 1.2.840.113556.1.4.1389 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: c57f72f4-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-LastBackupDate +ldapDisplayName: mS-SQL-LastBackupDate +attributeId: 1.2.840.113556.1.4.1398 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f2b6abca-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-LastDiagnosticDate +ldapDisplayName: mS-SQL-LastDiagnosticDate +attributeId: 1.2.840.113556.1.4.1399 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f6d6dd88-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-LastUpdatedDate +ldapDisplayName: mS-SQL-LastUpdatedDate +attributeId: 1.2.840.113556.1.4.1381 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 9fcc43d4-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-Location +ldapDisplayName: mS-SQL-Location +attributeId: 1.2.840.113556.1.4.1366 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 561c9644-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-Memory +ldapDisplayName: mS-SQL-Memory +attributeId: 1.2.840.113556.1.4.1367 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 5b5d448c-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-MultiProtocol +ldapDisplayName: mS-SQL-MultiProtocol +attributeId: 1.2.840.113556.1.4.1375 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 8157fa38-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-Name +ldapDisplayName: mS-SQL-Name +attributeId: 1.2.840.113556.1.4.1363 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 3532dfd8-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: fATTINDEX +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-NamedPipe +ldapDisplayName: mS-SQL-NamedPipe +attributeId: 1.2.840.113556.1.4.1374 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 7b91c840-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-PublicationURL +ldapDisplayName: mS-SQL-PublicationURL +attributeId: 1.2.840.113556.1.4.1384 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: ae0c11b8-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-Publisher +ldapDisplayName: mS-SQL-Publisher +attributeId: 1.2.840.113556.1.4.1402 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: c1676858-d34b-11d2-999a-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-RegisteredOwner +ldapDisplayName: mS-SQL-RegisteredOwner +attributeId: 1.2.840.113556.1.4.1364 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 48fd44ea-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-ServiceAccount +ldapDisplayName: mS-SQL-ServiceAccount +attributeId: 1.2.840.113556.1.4.1369 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 64933a3e-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-Size +ldapDisplayName: mS-SQL-Size +attributeId: 1.2.840.113556.1.4.1396 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: e9098084-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-SortOrder +ldapDisplayName: mS-SQL-SortOrder +attributeId: 1.2.840.113556.1.4.1371 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 6ddc42c0-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-SPX +ldapDisplayName: mS-SQL-SPX +attributeId: 1.2.840.113556.1.4.1376 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 86b08004-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-Status +ldapDisplayName: mS-SQL-Status +attributeId: 1.2.840.113556.1.4.1380 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 9a7d4770-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-TCPIP +ldapDisplayName: mS-SQL-TCPIP +attributeId: 1.2.840.113556.1.4.1377 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 8ac263a6-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-ThirdParty +ldapDisplayName: mS-SQL-ThirdParty +attributeId: 1.2.840.113556.1.4.1407 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: c4e311fc-d34b-11d2-999a-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-Type +ldapDisplayName: mS-SQL-Type +attributeId: 1.2.840.113556.1.4.1391 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: ca48eba8-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-UnicodeSortOrder +ldapDisplayName: mS-SQL-UnicodeSortOrder +attributeId: 1.2.840.113556.1.4.1372 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 72dc918a-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-Version +ldapDisplayName: mS-SQL-Version +attributeId: 1.2.840.113556.1.4.1388 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: c07cc1d0-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: fATTINDEX +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-Vines +ldapDisplayName: mS-SQL-Vines +attributeId: 1.2.840.113556.1.4.1379 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 94c56394-ccee-11d2-9993-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TAPI-Conference-Blob +ldapDisplayName: msTAPI-ConferenceBlob +attributeId: 1.2.840.113556.1.4.1700 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 4cc4601e-7201-4141-abc8-3e529ae88863 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TAPI-Ip-Address +ldapDisplayName: msTAPI-IpAddress +attributeId: 1.2.840.113556.1.4.1701 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: efd7d7f7-178e-4767-87fa-f8a16b840544 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TAPI-Protocol-Id +ldapDisplayName: msTAPI-ProtocolId +attributeId: 1.2.840.113556.1.4.1699 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 89c1ebcf-7a5f-41fd-99ca-c900b32299ab +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TAPI-Unique-Identifier +ldapDisplayName: msTAPI-uid +attributeId: 1.2.840.113556.1.4.1698 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 70a4e7ea-b3b9-4643-8918-e6dd2471bfd4 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 256 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TPM-OwnerInformation +ldapDisplayName: msTPM-OwnerInformation +attributeId: 1.2.840.113556.1.4.1966 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: aa4e1a6d-550d-4e05-8c35-4afcb917a9fe +searchFlags: fPRESERVEONDELETE | fCOPY | fCONFIDENTIAL |fRODCFilteredAttribute +rangeUpper: 128 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TS-Allow-Logon +ldapDisplayName: msTSAllowLogon +attributeId: 1.2.840.113556.1.4.1979 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 3a0cd464-bc54-40e7-93ae-a646a6ecc4b4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TS-Broken-Connection-Action +ldapDisplayName: msTSBrokenConnectionAction +attributeId: 1.2.840.113556.1.4.1985 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 1cf41bba-5604-463e-94d6-1a1287b72ca3 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TS-Connect-Client-Drives +ldapDisplayName: msTSConnectClientDrives +attributeId: 1.2.840.113556.1.4.1986 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 23572aaf-29dd-44ea-b0fa-7e8438b9a4a3 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TS-Connect-Printer-Drives +ldapDisplayName: msTSConnectPrinterDrives +attributeId: 1.2.840.113556.1.4.1987 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 8ce6a937-871b-4c92-b285-d99d4036681c +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TS-Default-To-Main-Printer +ldapDisplayName: msTSDefaultToMainPrinter +attributeId: 1.2.840.113556.1.4.1988 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: c0ffe2bd-cacf-4dc7-88d5-61e9e95766f6 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TS-Endpoint-Data +ldapDisplayName: msTSEndpointData +attributeId: 1.2.840.113556.1.4.2070 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 40e1c407-4344-40f3-ab43-3625a34a63a2 +systemOnly: FALSE +rangeLower: 0 +rangeUpper: 32767 +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TS-Endpoint-Plugin +ldapDisplayName: msTSEndpointPlugin +attributeId: 1.2.840.113556.1.4.2072 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 3c08b569-801f-4158-b17b-e363d6ae696a +systemOnly: FALSE +rangeLower: 0 +rangeUpper: 32767 +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TS-Endpoint-Type +ldapDisplayName: msTSEndpointType +attributeId: 1.2.840.113556.1.4.2071 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 377ade80-e2d8-46c5-9bcd-6d9dec93b35e +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-TS-ExpireDate +ldapDisplayName: msTSExpireDate +attributeId: 1.2.840.113556.1.4.1993 +attributeSyntax: 2.5.5.11 +omSyntax: 24 +isSingleValued: TRUE +schemaIdGuid: 70004ef5-25c3-446a-97c8-996ae8566776 +systemOnly: FALSE +searchFlags: fATTINDEX +attributeSecurityGuid: 5805bc62-bdc9-4428-a5e2-856a0f4c185e +systemFlags: FLAG_SCHEMA_BASE_OBJECT +showInAdvancedViewOnly: TRUE + +cn: MS-TS-ExpireDate2 +ldapDisplayName: msTSExpireDate2 +attributeId: 1.2.840.113556.1.4.2000 +attributeSyntax: 2.5.5.11 +omSyntax: 24 +isSingleValued: TRUE +schemaIdGuid: 54dfcf71-bc3f-4f0b-9d5a-4b2476bb8925 +systemOnly: FALSE +searchFlags: fATTINDEX +attributeSecurityGuid: 5805bc62-bdc9-4428-a5e2-856a0f4c185e +systemFlags: FLAG_SCHEMA_BASE_OBJECT +showInAdvancedViewOnly: TRUE + +cn: MS-TS-ExpireDate3 +ldapDisplayName: msTSExpireDate3 +attributeId: 1.2.840.113556.1.4.2003 +attributeSyntax: 2.5.5.11 +omSyntax: 24 +isSingleValued: TRUE +schemaIdGuid: 41bc7f04-be72-4930-bd10-1f3439412387 +systemOnly: FALSE +searchFlags: fATTINDEX +attributeSecurityGuid: 5805bc62-bdc9-4428-a5e2-856a0f4c185e +systemFlags: FLAG_SCHEMA_BASE_OBJECT +showInAdvancedViewOnly: TRUE + +cn: MS-TS-ExpireDate4 +ldapDisplayName: msTSExpireDate4 +attributeId: 1.2.840.113556.1.4.2006 +attributeSyntax: 2.5.5.11 +omSyntax: 24 +isSingleValued: TRUE +schemaIdGuid: 5e11dc43-204a-4faf-a008-6863621c6f5f +systemOnly: FALSE +searchFlags: fATTINDEX +attributeSecurityGuid: 5805bc62-bdc9-4428-a5e2-856a0f4c185e +systemFlags: FLAG_SCHEMA_BASE_OBJECT +showInAdvancedViewOnly: TRUE + +cn: ms-TS-Home-Directory +ldapDisplayName: msTSHomeDirectory +attributeId: 1.2.840.113556.1.4.1977 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 5d3510f0-c4e7-4122-b91f-a20add90e246 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TS-Home-Drive +ldapDisplayName: msTSHomeDrive +attributeId: 1.2.840.113556.1.4.1978 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 5f0a24d9-dffa-4cd9-acbf-a0680c03731e +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TS-Initial-Program +ldapDisplayName: msTSInitialProgram +attributeId: 1.2.840.113556.1.4.1990 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 9201ac6f-1d69-4dfb-802e-d95510109599 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-TS-LicenseVersion +ldapDisplayName: msTSLicenseVersion +attributeId: 1.2.840.113556.1.4.1994 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 0ae94a89-372f-4df2-ae8a-c64a2bc47278 +systemOnly: FALSE +searchFlags: fATTINDEX +attributeSecurityGuid: 5805bc62-bdc9-4428-a5e2-856a0f4c185e +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-TS-LicenseVersion2 +ldapDisplayName: msTSLicenseVersion2 +attributeId: 1.2.840.113556.1.4.2001 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 4b0df103-8d97-45d9-ad69-85c3080ba4e7 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 0 +rangeUpper: 255 +attributeSecurityGuid: 5805bc62-bdc9-4428-a5e2-856a0f4c185e +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-TS-LicenseVersion3 +ldapDisplayName: msTSLicenseVersion3 +attributeId: 1.2.840.113556.1.4.2004 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f8ba8f81-4cab-4973-a3c8-3a6da62a5e31 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 0 +rangeUpper: 255 +attributeSecurityGuid: 5805bc62-bdc9-4428-a5e2-856a0f4c185e +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-TS-LicenseVersion4 +ldapDisplayName: msTSLicenseVersion4 +attributeId: 1.2.840.113556.1.4.2007 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 70ca5d97-2304-490a-8a27-52678c8d2095 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 0 +rangeUpper: 255 +attributeSecurityGuid: 5805bc62-bdc9-4428-a5e2-856a0f4c185e +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-TSLS-Property01 +ldapDisplayName: msTSLSProperty01 +attributeId: 1.2.840.113556.1.4.2009 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 0 +rangeUpper: 32767 +schemaIdGuid: 87e53590-971d-4a52-955b-4794d15a84ae +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-TSLS-Property02 +ldapDisplayName: msTSLSProperty02 +attributeId: 1.2.840.113556.1.4.2010 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 0 +rangeUpper: 32767 +schemaIdGuid: 47c77bb0-316e-4e2f-97f1-0d4c48fca9dd +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-TS-ManagingLS +ldapDisplayName: msTSManagingLS +attributeId: 1.2.840.113556.1.4.1995 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f3bcc547-85b0-432c-9ac0-304506bf2c83 +systemOnly: FALSE +searchFlags: fATTINDEX +attributeSecurityGuid: 5805bc62-bdc9-4428-a5e2-856a0f4c185e +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-TS-ManagingLS2 +ldapDisplayName: msTSManagingLS2 +attributeId: 1.2.840.113556.1.4.2002 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +systemOnly: FALSE +rangeLower: 0 +rangeUpper: 255 +schemaIdGuid: 349f0757-51bd-4fc8-9d66-3eceea8a25be +searchFlags: fATTINDEX +attributeSecurityGuid: 5805bc62-bdc9-4428-a5e2-856a0f4c185e +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-TS-ManagingLS3 +ldapDisplayName: msTSManagingLS3 +attributeId: 1.2.840.113556.1.4.2005 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +systemOnly: FALSE +rangeLower: 0 +rangeUpper: 255 +schemaIdGuid: fad5dcc1-2130-4c87-a118-75322cd67050 +searchFlags: fATTINDEX +attributeSecurityGuid: 5805bc62-bdc9-4428-a5e2-856a0f4c185e +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-TS-ManagingLS4 +ldapDisplayName: msTSManagingLS4 +attributeId: 1.2.840.113556.1.4.2008 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +systemOnly: FALSE +rangeLower: 0 +rangeUpper: 255 +schemaIdGuid: f7a3b6a0-2107-4140-b306-75cb521731e5 +searchFlags: fATTINDEX +attributeSecurityGuid: 5805bc62-bdc9-4428-a5e2-856a0f4c185e +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TS-Max-Connection-Time +ldapDisplayName: msTSMaxConnectionTime +attributeId: 1.2.840.113556.1.4.1982 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 1d960ee2-6464-4e95-a781-e3b5cd5f9588 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TS-Max-Disconnection-Time +ldapDisplayName: msTSMaxDisconnectionTime +attributeId: 1.2.840.113556.1.4.1981 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 326f7089-53d8-4784-b814-46d8535110d2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TS-Max-Idle-Time +ldapDisplayName: msTSMaxIdleTime +attributeId: 1.2.840.113556.1.4.1983 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ff739e9c-6bb7-460e-b221-e250f3de0f95 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TS-Primary-Desktop +ldapDisplayName: msTSPrimaryDesktop +attributeId: 1.2.840.113556.1.4.2073 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +linkID: 2170 +isSingleValued: TRUE +schemaIdGuid: 29259694-09e4-4237-9f72-9306ebe63ab2 +omObjectClass: 1.3.12.2.1011.28.0.714 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TS-Primary-Desktop-BL +ldapDisplayName: msTSPrimaryDesktopBL +attributeId: 1.2.840.113556.1.4.2074 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +linkID: 2171 +isSingleValued: FALSE +omObjectClass: 1.3.12.2.1011.28.0.714 +schemaIdGuid: 9daadc18-40d1-4ed1-a2bf-6b9bf47d3daa +systemOnly: TRUE +searchFlags: 0 +systemFlags: 17 + +cn: ms-TS-Profile-Path +ldapDisplayName: msTSProfilePath +attributeId: 1.2.840.113556.1.4.1976 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: e65c30db-316c-4060-a3a0-387b083f09cd +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-TS-Property01 +ldapDisplayName: msTSProperty01 +attributeId: 1.2.840.113556.1.4.1991 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: faaea977-9655-49d7-853d-f27bb7aaca0f +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 0 +rangeUpper: 32767 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-TS-Property02 +ldapDisplayName: msTSProperty02 +attributeId: 1.2.840.113556.1.4.1992 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 3586f6ac-51b7-4978-ab42-f936463198e7 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 0 +rangeUpper: 32767 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TS-Reconnection-Action +ldapDisplayName: msTSReconnectionAction +attributeId: 1.2.840.113556.1.4.1984 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 366ed7ca-3e18-4c7f-abae-351a01e4b4f7 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TS-Remote-Control +ldapDisplayName: msTSRemoteControl +attributeId: 1.2.840.113556.1.4.1980 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 15177226-8642-468b-8c48-03ddfd004982 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TS-Secondary-Desktop-BL +ldapDisplayName: msTSSecondaryDesktopBL +attributeId: 1.2.840.113556.1.4.2078 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +linkID: 2173 +isSingleValued: FALSE +schemaIdGuid: 34b107af-a00a-455a-b139-dd1a1b12d8af +systemOnly: TRUE +searchFlags: 0 +omObjectClass: 1.3.12.2.1011.28.0.714 +systemFlags: 17 + +cn: ms-TS-Secondary-Desktops +ldapDisplayName: msTSSecondaryDesktops +attributeId: 1.2.840.113556.1.4.2075 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +linkID: 2172 +isSingleValued: FALSE +schemaIdGuid: f63aa29a-bb31-48e1-bfab-0a6c5a1d39c2 +systemOnly: FALSE +searchFlags: 0 +omObjectClass: 1.3.12.2.1011.28.0.714 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TS-Work-Directory +ldapDisplayName: msTSWorkDirectory +attributeId: 1.2.840.113556.1.4.1989 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: a744f666-3d3c-4cc8-834b-9d4f6f687b8b +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-Author +ldapDisplayName: msWMI-Author +attributeId: 1.2.840.113556.1.4.1623 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 6366c0c1-6972-4e66-b3a5-1d52ad0c0547 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +showInAdvancedViewOnly: FALSE + +cn: ms-WMI-ChangeDate +ldapDisplayName: msWMI-ChangeDate +attributeId: 1.2.840.113556.1.4.1624 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f9cdf7a0-ec44-4937-a79b-cd91522b3aa8 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +showInAdvancedViewOnly: FALSE + +cn: ms-WMI-Class +ldapDisplayName: msWMI-Class +attributeId: 1.2.840.113556.1.4.1676 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 90c1925f-4a24-4b07-b202-be32eb3c8b74 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-ClassDefinition +ldapDisplayName: msWMI-ClassDefinition +attributeId: 1.2.840.113556.1.4.1625 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 2b9c0ebc-c272-45cb-99d2-4d0e691632e0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-CreationDate +ldapDisplayName: msWMI-CreationDate +attributeId: 1.2.840.113556.1.4.1626 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 748b0a2e-3351-4b3f-b171-2f17414ea779 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-Genus +ldapDisplayName: msWMI-Genus +attributeId: 1.2.840.113556.1.4.1677 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 50c8673a-8f56-4614-9308-9e1340fb9af3 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-ID +ldapDisplayName: msWMI-ID +attributeId: 1.2.840.113556.1.4.1627 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 9339a803-94b8-47f7-9123-a853b9ff7e45 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +showInAdvancedViewOnly: FALSE + +cn: ms-WMI-int8Default +ldapDisplayName: msWMI-Int8Default +attributeId: 1.2.840.113556.1.4.1632 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: f4d8085a-8c5b-4785-959b-dc585566e445 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-int8Max +ldapDisplayName: msWMI-Int8Max +attributeId: 1.2.840.113556.1.4.1633 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: e3d8b547-003d-4946-a32b-dc7cedc96b74 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +showInAdvancedViewOnly: FALSE + +cn: ms-WMI-int8Min +ldapDisplayName: msWMI-Int8Min +attributeId: 1.2.840.113556.1.4.1634 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: ed1489d1-54cc-4066-b368-a00daa2664f1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +showInAdvancedViewOnly: FALSE + +cn: ms-WMI-int8ValidValues +ldapDisplayName: msWMI-Int8ValidValues +attributeId: 1.2.840.113556.1.4.1635 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: FALSE +schemaIdGuid: 103519a9-c002-441b-981a-b0b3e012c803 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-intDefault +ldapDisplayName: msWMI-IntDefault +attributeId: 1.2.840.113556.1.4.1628 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 1b0c07f8-76dd-4060-a1e1-70084619dc90 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +showInAdvancedViewOnly: FALSE + +cn: ms-WMI-intFlags1 +ldapDisplayName: msWMI-intFlags1 +attributeId: 1.2.840.113556.1.4.1678 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 18e006b9-6445-48e3-9dcf-b5ecfbc4df8e +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-intFlags2 +ldapDisplayName: msWMI-intFlags2 +attributeId: 1.2.840.113556.1.4.1679 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 075a42c9-c55a-45b1-ac93-eb086b31f610 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-intFlags3 +ldapDisplayName: msWMI-intFlags3 +attributeId: 1.2.840.113556.1.4.1680 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: f29fa736-de09-4be4-b23a-e734c124bacc +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-intFlags4 +ldapDisplayName: msWMI-intFlags4 +attributeId: 1.2.840.113556.1.4.1681 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bd74a7ac-c493-4c9c-bdfa-5c7b119ca6b2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-intMax +ldapDisplayName: msWMI-IntMax +attributeId: 1.2.840.113556.1.4.1629 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: fb920c2c-f294-4426-8ac1-d24b42aa2bce +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +showInAdvancedViewOnly: FALSE + +cn: ms-WMI-intMin +ldapDisplayName: msWMI-IntMin +attributeId: 1.2.840.113556.1.4.1630 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 68c2e3ba-9837-4c70-98e0-f0c33695d023 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +showInAdvancedViewOnly: FALSE + +cn: ms-WMI-intValidValues +ldapDisplayName: msWMI-IntValidValues +attributeId: 1.2.840.113556.1.4.1631 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: FALSE +schemaIdGuid: 6af565f6-a749-4b72-9634-3c5d47e6b4e0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-Mof +ldapDisplayName: msWMI-Mof +attributeId: 1.2.840.113556.1.4.1638 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 6736809f-2064-443e-a145-81262b1f1366 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +showInAdvancedViewOnly: FALSE + +cn: ms-WMI-Name +ldapDisplayName: msWMI-Name +attributeId: 1.2.840.113556.1.4.1639 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: c6c8ace5-7e81-42af-ad72-77412c5941c4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +showInAdvancedViewOnly: FALSE + +cn: ms-WMI-NormalizedClass +ldapDisplayName: msWMI-NormalizedClass +attributeId: 1.2.840.113556.1.4.1640 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: eaba628f-eb8e-4fe9-83fc-693be695559b +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-Parm1 +ldapDisplayName: msWMI-Parm1 +attributeId: 1.2.840.113556.1.4.1682 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 27e81485-b1b0-4a8b-bedd-ce19a837e26e +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-Parm2 +ldapDisplayName: msWMI-Parm2 +attributeId: 1.2.840.113556.1.4.1683 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 0003508e-9c42-4a76-a8f4-38bf64bab0de +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-Parm3 +ldapDisplayName: msWMI-Parm3 +attributeId: 1.2.840.113556.1.4.1684 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 45958fb6-52bd-48ce-9f9f-c2712d9f2bfc +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-Parm4 +ldapDisplayName: msWMI-Parm4 +attributeId: 1.2.840.113556.1.4.1685 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 3800d5a3-f1ce-4b82-a59a-1528ea795f59 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-PropertyName +ldapDisplayName: msWMI-PropertyName +attributeId: 1.2.840.113556.1.4.1641 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: ab920883-e7f8-4d72-b4a0-c0449897509d +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-Query +ldapDisplayName: msWMI-Query +attributeId: 1.2.840.113556.1.4.1642 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 65fff93e-35e3-45a3-85ae-876c6718297f +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +showInAdvancedViewOnly: FALSE + +cn: ms-WMI-QueryLanguage +ldapDisplayName: msWMI-QueryLanguage +attributeId: 1.2.840.113556.1.4.1643 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 7d3cfa98-c17b-4254-8bd7-4de9b932a345 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-ScopeGuid +ldapDisplayName: msWMI-ScopeGuid +attributeId: 1.2.840.113556.1.4.1686 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 87b78d51-405f-4b7f-80ed-2bd28786f48d +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-SourceOrganization +ldapDisplayName: msWMI-SourceOrganization +attributeId: 1.2.840.113556.1.4.1644 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 34f7ed6c-615d-418d-aa00-549a7d7be03e +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-stringDefault +ldapDisplayName: msWMI-StringDefault +attributeId: 1.2.840.113556.1.4.1636 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 152e42b6-37c5-4f55-ab48-1606384a9aea +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-stringValidValues +ldapDisplayName: msWMI-StringValidValues +attributeId: 1.2.840.113556.1.4.1637 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 37609d31-a2bf-4b58-8f53-2b64e57a076d +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-TargetClass +ldapDisplayName: msWMI-TargetClass +attributeId: 1.2.840.113556.1.4.1645 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 95b6d8d6-c9e8-4661-a2bc-6a5cabc04c62 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-TargetNameSpace +ldapDisplayName: msWMI-TargetNameSpace +attributeId: 1.2.840.113556.1.4.1646 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 1c4ab61f-3420-44e5-849d-8b5dbf60feb7 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-TargetObject +ldapDisplayName: msWMI-TargetObject +attributeId: 1.2.840.113556.1.4.1647 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: c44f67a5-7de5-4a1f-92d9-662b57364b77 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-TargetPath +ldapDisplayName: msWMI-TargetPath +attributeId: 1.2.840.113556.1.4.1648 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 5006a79a-6bfe-4561-9f52-13cf4dd3e560 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-TargetType +ldapDisplayName: msWMI-TargetType +attributeId: 1.2.840.113556.1.4.1649 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: ca2a281e-262b-4ff7-b419-bc123352a4e9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Must-Contain +ldapDisplayName: mustContain +attributeId: 1.2.840.113556.1.2.24 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: FALSE +schemaIdGuid: bf9679d3-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Name-Service-Flags +ldapDisplayName: nameServiceFlags +attributeId: 1.2.840.113556.1.4.753 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 80212840-4bdc-11d1-a9c4-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: NC-Name +ldapDisplayName: nCName +attributeId: 1.2.840.113556.1.2.16 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: bf9679d6-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: fPRESERVEONDELETE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: NETBIOS-Name +ldapDisplayName: nETBIOSName +attributeId: 1.2.840.113556.1.4.87 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf9679d8-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 1 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: netboot-Allow-New-Clients +ldapDisplayName: netbootAllowNewClients +attributeId: 1.2.840.113556.1.4.849 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 07383076-91df-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: netboot-Answer-Only-Valid-Clients +ldapDisplayName: netbootAnswerOnlyValidClients +attributeId: 1.2.840.113556.1.4.854 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 0738307b-91df-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: netboot-Answer-Requests +ldapDisplayName: netbootAnswerRequests +attributeId: 1.2.840.113556.1.4.853 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 0738307a-91df-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: netboot-Current-Client-Count +ldapDisplayName: netbootCurrentClientCount +attributeId: 1.2.840.113556.1.4.852 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 07383079-91df-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Netboot-GUID +ldapDisplayName: netbootGUID +attributeId: 1.2.840.113556.1.4.359 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 3e978921-8c01-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 16 +rangeUpper: 16 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Netboot-Initialization +ldapDisplayName: netbootInitialization +attributeId: 1.2.840.113556.1.4.358 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 3e978920-8c01-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: netboot-IntelliMirror-OSes +ldapDisplayName: netbootIntelliMirrorOSes +attributeId: 1.2.840.113556.1.4.857 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 0738307e-91df-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: netboot-Limit-Clients +ldapDisplayName: netbootLimitClients +attributeId: 1.2.840.113556.1.4.850 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 07383077-91df-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: netboot-Locally-Installed-OSes +ldapDisplayName: netbootLocallyInstalledOSes +attributeId: 1.2.840.113556.1.4.859 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 07383080-91df-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Netboot-Machine-File-Path +ldapDisplayName: netbootMachineFilePath +attributeId: 1.2.840.113556.1.4.361 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 3e978923-8c01-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: netboot-Max-Clients +ldapDisplayName: netbootMaxClients +attributeId: 1.2.840.113556.1.4.851 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 07383078-91df-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Netboot-Mirror-Data-File +ldapDisplayName: netbootMirrorDataFile +attributeId: 1.2.840.113556.1.4.1241 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 2df90d85-009f-11d2-aa4c-00c04fd7d83a +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: netboot-New-Machine-Naming-Policy +ldapDisplayName: netbootNewMachineNamingPolicy +attributeId: 1.2.840.113556.1.4.855 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 0738307c-91df-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: netboot-New-Machine-OU +ldapDisplayName: netbootNewMachineOU +attributeId: 1.2.840.113556.1.4.856 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 0738307d-91df-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: netboot-SCP-BL +ldapDisplayName: netbootSCPBL +attributeId: 1.2.840.113556.1.4.864 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 07383082-91df-11d1-aebc-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +linkID: 101 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: netboot-Server +ldapDisplayName: netbootServer +attributeId: 1.2.840.113556.1.4.860 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 07383081-91df-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +linkID: 100 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Netboot-SIF-File +ldapDisplayName: netbootSIFFile +attributeId: 1.2.840.113556.1.4.1240 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 2df90d84-009f-11d2-aa4c-00c04fd7d83a +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: netboot-Tools +ldapDisplayName: netbootTools +attributeId: 1.2.840.113556.1.4.858 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 0738307f-91df-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Network-Address +ldapDisplayName: networkAddress +attributeId: 1.2.840.113556.1.2.459 +attributeSyntax: 2.5.5.4 +omSyntax: 20 +isSingleValued: FALSE +schemaIdGuid: bf9679d9-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 256 +mapiID: 33136 + +cn: Next-Level-Store +ldapDisplayName: nextLevelStore +attributeId: 1.2.840.113556.1.4.214 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: bf9679da-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Next-Rid +ldapDisplayName: nextRid +attributeId: 1.2.840.113556.1.4.88 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf9679db-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: NisMapEntry +ldapDisplayName: nisMapEntry +attributeId: 1.3.6.1.1.1.1.27 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: TRUE +schemaIdGuid: 4a95216e-fcc0-402e-b57f-5971626148a9 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 1024 + +cn: NisMapName +ldapDisplayName: nisMapName +attributeId: 1.3.6.1.1.1.1.26 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: TRUE +schemaIdGuid: 969d3c79-0e9a-4d95-b0ac-bdde7ff8f3a1 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 1024 + +cn: NisNetgroupTriple +ldapDisplayName: nisNetgroupTriple +attributeId: 1.3.6.1.1.1.1.14 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: a8032e74-30ef-4ff5-affc-0fc217783fec +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 153600 + +cn: Non-Security-Member +ldapDisplayName: nonSecurityMember +attributeId: 1.2.840.113556.1.4.530 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 52458018-ca6a-11d0-afff-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +linkID: 50 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Non-Security-Member-BL +ldapDisplayName: nonSecurityMemberBL +attributeId: 1.2.840.113556.1.4.531 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 52458019-ca6a-11d0-afff-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +linkID: 51 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: Notification-List +ldapDisplayName: notificationList +attributeId: 1.2.840.113556.1.4.303 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 19195a56-6da0-11d0-afd3-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: NT-Group-Members +ldapDisplayName: nTGroupMembers +attributeId: 1.2.840.113556.1.4.89 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: bf9679df-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: NT-Mixed-Domain +ldapDisplayName: nTMixedDomain +attributeId: 1.2.840.113556.1.4.357 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 3e97891f-8c01-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Nt-Pwd-History +ldapDisplayName: ntPwdHistory +attributeId: 1.2.840.113556.1.4.94 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: bf9679e2-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: NT-Security-Descriptor +ldapDisplayName: nTSecurityDescriptor +attributeId: 1.2.840.113556.1.2.281 +attributeSyntax: 2.5.5.15 +omSyntax: 66 +isSingleValued: TRUE +schemaIdGuid: bf9679e3-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fPRESERVEONDELETE +rangeLower: 0 +rangeUpper: 132096 +mapiID: 32787 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_OPERATIONAL |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Obj-Dist-Name +ldapDisplayName: distinguishedName +attributeId: 2.5.4.49 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: bf9679e4-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags:fPRESERVEONDELETE +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 32828 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Object-Category +ldapDisplayName: objectCategory +attributeId: 1.2.840.113556.1.4.782 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 26d97369-6070-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: fATTINDEX +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Object-Class +ldapDisplayName: objectClass +attributeId: 2.5.4.0 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: FALSE +schemaIdGuid: bf9679e5-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: fATTINDEX | fPRESERVEONDELETE +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Object-Class-Category +ldapDisplayName: objectClassCategory +attributeId: 1.2.840.113556.1.2.370 +attributeSyntax: 2.5.5.9 +omSyntax: 10 +isSingleValued: TRUE +schemaIdGuid: bf9679e6-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 3 +mapiID: 33014 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Object-Classes +ldapDisplayName: objectClasses +attributeId: 2.5.21.6 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 9a7ad94b-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED |FLAG_DOMAIN_DISALLOW_RENAME +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Object-Count +ldapDisplayName: objectCount +attributeId: 1.2.840.113556.1.4.506 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 34aaa216-b699-11d0-afee-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Object-Guid +ldapDisplayName: objectGUID +attributeId: 1.2.840.113556.1.4.2 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf9679e7-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: fPRESERVEONDELETE | fATTINDEX +rangeLower: 16 +rangeUpper: 16 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 35949 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Object-Sid +ldapDisplayName: objectSid +attributeId: 1.2.840.113556.1.4.146 +attributeSyntax: 2.5.5.17 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf9679e8-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: fPRESERVEONDELETE | fATTINDEX +rangeLower: 0 +rangeUpper: 28 +attributeSecurityGuid: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +mapiID: 32807 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Object-Version +ldapDisplayName: objectVersion +attributeId: 1.2.840.113556.1.2.76 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 16775848-47f3-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +mapiID: 33015 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: OEM-Information +ldapDisplayName: oEMInformation +attributeId: 1.2.840.113556.1.4.151 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf9679ea-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 +attributeSecurityGuid: b8119fd0-04f6-4762-ab7a-4986c76b3f9a +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: OM-Object-Class +ldapDisplayName: oMObjectClass +attributeId: 1.2.840.113556.1.2.218 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf9679ec-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +mapiID: 33021 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: OM-Syntax +ldapDisplayName: oMSyntax +attributeId: 1.2.840.113556.1.2.231 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf9679ed-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: fPRESERVEONDELETE +mapiID: 33022 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: OMT-Guid +ldapDisplayName: oMTGuid +attributeId: 1.2.840.113556.1.4.505 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: ddac0cf3-af8f-11d0-afeb-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: OMT-Indx-Guid +ldapDisplayName: oMTIndxGuid +attributeId: 1.2.840.113556.1.4.333 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 1f0075fa-7e40-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 0 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: OncRpcNumber +ldapDisplayName: oncRpcNumber +attributeId: 1.3.6.1.1.1.1.18 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 966825f5-01d9-4a5c-a011-d15ae84efa55 +systemOnly: FALSE +searchFlags: 0 + +cn: Operating-System +ldapDisplayName: operatingSystem +attributeId: 1.2.840.113556.1.4.363 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 3e978925-8c01-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Operating-System-Hotfix +ldapDisplayName: operatingSystemHotfix +attributeId: 1.2.840.113556.1.4.415 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bd951b3c-9c96-11d0-afdd-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Operating-System-Service-Pack +ldapDisplayName: operatingSystemServicePack +attributeId: 1.2.840.113556.1.4.365 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 3e978927-8c01-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Operating-System-Version +ldapDisplayName: operatingSystemVersion +attributeId: 1.2.840.113556.1.4.364 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 3e978926-8c01-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Operator-Count +ldapDisplayName: operatorCount +attributeId: 1.2.840.113556.1.4.144 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf9679ee-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Option-Description +ldapDisplayName: optionDescription +attributeId: 1.2.840.113556.1.4.712 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 963d274d-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Options +ldapDisplayName: options +attributeId: 1.2.840.113556.1.4.307 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 19195a53-6da0-11d0-afd3-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Options-Location +ldapDisplayName: optionsLocation +attributeId: 1.2.840.113556.1.4.713 +attributeSyntax: 2.5.5.5 +omSyntax: 19 +isSingleValued: FALSE +schemaIdGuid: 963d274e-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: organizationalStatus +ldapDisplayName: organizationalStatus +attributeId: 0.9.2342.19200300.100.1.45 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 28596019-7349-4d2f-adff-5a629961f942 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 + +cn: Organizational-Unit-Name +ldapDisplayName: ou +attributeId: 2.5.4.11 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf9679f0-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 33026 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Organization-Name +ldapDisplayName: o +attributeId: 2.5.4.10 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf9679ef-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 33025 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Original-Display-Table +ldapDisplayName: originalDisplayTable +attributeId: 1.2.840.113556.1.2.445 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 5fd424ce-1262-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 32768 +mapiID: 33027 + +cn: Original-Display-Table-MSDOS +ldapDisplayName: originalDisplayTableMSDOS +attributeId: 1.2.840.113556.1.2.214 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 5fd424cf-1262-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 32768 +mapiID: 33028 + +cn: Other-Login-Workstations +ldapDisplayName: otherLoginWorkstations +attributeId: 1.2.840.113556.1.4.91 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf9679f1-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +rangeLower: 0 +rangeUpper: 1024 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Other-Mailbox +ldapDisplayName: otherMailbox +attributeId: 1.2.840.113556.1.4.651 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 0296c123-40da-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 + +cn: Other-Name +ldapDisplayName: middleName +attributeId: 2.16.840.1.113730.3.1.34 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf9679f2-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 64 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Other-Well-Known-Objects +ldapDisplayName: otherWellKnownObjects +attributeId: 1.2.840.113556.1.4.1359 +attributeSyntax: 2.5.5.7 +omSyntax: 127 +omObjectClass: 1.2.840.113556.1.1.1.11 +isSingleValued: FALSE +schemaIdGuid: 1ea64e5d-ac0f-11d2-90df-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 16 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Owner +ldapDisplayName: owner +attributeId: 2.5.4.32 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: bf9679f3-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +linkID: 44 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Package-Flags +ldapDisplayName: packageFlags +attributeId: 1.2.840.113556.1.4.327 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 7d6c0e99-7e20-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Package-Name +ldapDisplayName: packageName +attributeId: 1.2.840.113556.1.4.326 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 7d6c0e98-7e20-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Package-Type +ldapDisplayName: packageType +attributeId: 1.2.840.113556.1.4.324 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 7d6c0e96-7e20-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Parent-CA +ldapDisplayName: parentCA +attributeId: 1.2.840.113556.1.4.557 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 5245801b-ca6a-11d0-afff-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Parent-CA-Certificate-Chain +ldapDisplayName: parentCACertificateChain +attributeId: 1.2.840.113556.1.4.685 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 963d2733-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Parent-GUID +ldapDisplayName: parentGUID +attributeId: 1.2.840.113556.1.4.1224 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 2df90d74-009f-11d2-aa4c-00c04fd7d83a +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED |FLAG_DOMAIN_DISALLOW_RENAME +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Partial-Attribute-Deletion-List +ldapDisplayName: partialAttributeDeletionList +attributeId: 1.2.840.113556.1.4.663 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 28630ec0-41d5-11d1-a9c1-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Partial-Attribute-Set +ldapDisplayName: partialAttributeSet +attributeId: 1.2.840.113556.1.4.640 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 19405b9e-3cfa-11d1-a9c0-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Pek-Key-Change-Interval +ldapDisplayName: pekKeyChangeInterval +attributeId: 1.2.840.113556.1.4.866 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 07383084-91df-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Pek-List +ldapDisplayName: pekList +attributeId: 1.2.840.113556.1.4.865 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 07383083-91df-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Pending-CA-Certificates +ldapDisplayName: pendingCACertificates +attributeId: 1.2.840.113556.1.4.693 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 963d273c-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Pending-Parent-CA +ldapDisplayName: pendingParentCA +attributeId: 1.2.840.113556.1.4.695 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 963d273e-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Per-Msg-Dialog-Display-Table +ldapDisplayName: perMsgDialogDisplayTable +attributeId: 1.2.840.113556.1.2.325 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 5fd424d3-1262-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 32768 +mapiID: 33032 + +cn: Per-Recip-Dialog-Display-Table +ldapDisplayName: perRecipDialogDisplayTable +attributeId: 1.2.840.113556.1.2.326 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 5fd424d4-1262-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 32768 +mapiID: 33033 + +cn: Personal-Title +ldapDisplayName: personalTitle +attributeId: 1.2.840.113556.1.2.615 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 16775858-47f3-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 35947 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Phone-Fax-Other +ldapDisplayName: otherFacsimileTelephoneNumber +attributeId: 1.2.840.113556.1.4.646 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 0296c11d-40da-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Phone-Home-Other +ldapDisplayName: otherHomePhone +attributeId: 1.2.840.113556.1.2.277 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: f0f8ffa2-1191-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 14895 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Phone-Home-Primary +ldapDisplayName: homePhone +attributeId: 0.9.2342.19200300.100.1.20 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f0f8ffa1-1191-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 14857 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Phone-Ip-Other +ldapDisplayName: otherIpPhone +attributeId: 1.2.840.113556.1.4.722 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 4d146e4b-48d4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Phone-Ip-Primary +ldapDisplayName: ipPhone +attributeId: 1.2.840.113556.1.4.721 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 4d146e4a-48d4-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 64 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Phone-ISDN-Primary +ldapDisplayName: primaryInternationalISDNNumber +attributeId: 1.2.840.113556.1.4.649 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 0296c11f-40da-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Phone-Mobile-Other +ldapDisplayName: otherMobile +attributeId: 1.2.840.113556.1.4.647 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 0296c11e-40da-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Phone-Mobile-Primary +ldapDisplayName: mobile +attributeId: 0.9.2342.19200300.100.1.41 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f0f8ffa3-1191-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 14876 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Phone-Office-Other +ldapDisplayName: otherTelephone +attributeId: 1.2.840.113556.1.2.18 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: f0f8ffa5-1191-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 14875 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Phone-Pager-Other +ldapDisplayName: otherPager +attributeId: 1.2.840.113556.1.2.118 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: f0f8ffa4-1191-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 35950 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Phone-Pager-Primary +ldapDisplayName: pager +attributeId: 0.9.2342.19200300.100.1.42 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f0f8ffa6-1191-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 14881 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: photo +ldapDisplayName: photo +attributeId: 0.9.2342.19200300.100.1.7 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 9c979768-ba1a-4c08-9632-c6a5c1ed649a +systemOnly: FALSE +searchFlags: 0 +showInAdvancedViewOnly: FALSE +systemFlags: 0 + +cn: Physical-Delivery-Office-Name +ldapDisplayName: physicalDeliveryOfficeName +attributeId: 2.5.4.19 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf9679f7-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fANR | fATTINDEX +rangeLower: 1 +rangeUpper: 128 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 14873 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Physical-Location-Object +ldapDisplayName: physicalLocationObject +attributeId: 1.2.840.113556.1.4.514 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: b7b13119-b82e-11d0-afee-0000f80367c1 +systemOnly: FALSE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Picture +ldapDisplayName: thumbnailPhoto +attributeId: 2.16.840.1.113730.3.1.35 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 8d3bca50-1d7e-11d0-a081-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 102400 +mapiId: 35998 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: PKI-Critical-Extensions +ldapDisplayName: pKICriticalExtensions +attributeId: 1.2.840.113556.1.4.1330 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: fc5a9106-3b9d-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: PKI-Default-CSPs +ldapDisplayName: pKIDefaultCSPs +attributeId: 1.2.840.113556.1.4.1334 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 1ef6336e-3b9e-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: PKI-Default-Key-Spec +ldapDisplayName: pKIDefaultKeySpec +attributeId: 1.2.840.113556.1.4.1327 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 426cae6e-3b9d-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: PKI-Enrollment-Access +ldapDisplayName: pKIEnrollmentAccess +attributeId: 1.2.840.113556.1.4.1335 +attributeSyntax: 2.5.5.15 +omSyntax: 66 +isSingleValued: FALSE +schemaIdGuid: 926be278-56f9-11d2-90d0-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: PKI-Expiration-Period +ldapDisplayName: pKIExpirationPeriod +attributeId: 1.2.840.113556.1.4.1331 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 041570d2-3b9e-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: PKI-Extended-Key-Usage +ldapDisplayName: pKIExtendedKeyUsage +attributeId: 1.2.840.113556.1.4.1333 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 18976af6-3b9e-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: PKI-Key-Usage +ldapDisplayName: pKIKeyUsage +attributeId: 1.2.840.113556.1.4.1328 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: e9b0a87e-3b9d-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: PKI-Max-Issuing-Depth +ldapDisplayName: pKIMaxIssuingDepth +attributeId: 1.2.840.113556.1.4.1329 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: f0bfdefa-3b9d-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: PKI-Overlap-Period +ldapDisplayName: pKIOverlapPeriod +attributeId: 1.2.840.113556.1.4.1332 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 1219a3ec-3b9e-11d2-90cc-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: PKT +ldapDisplayName: pKT +attributeId: 1.2.840.113556.1.4.206 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 8447f9f1-1027-11d0-a05f-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 10485760 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: PKT-Guid +ldapDisplayName: pKTGuid +attributeId: 1.2.840.113556.1.4.205 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 8447f9f0-1027-11d0-a05f-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 16 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Policy-Replication-Flags +ldapDisplayName: policyReplicationFlags +attributeId: 1.2.840.113556.1.4.633 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 19405b96-3cfa-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Port-Name +ldapDisplayName: portName +attributeId: 1.2.840.113556.1.4.228 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 281416c4-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Possible-Inferiors +ldapDisplayName: possibleInferiors +attributeId: 1.2.840.113556.1.4.915 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: FALSE +schemaIdGuid: 9a7ad94c-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED |FLAG_DOMAIN_DISALLOW_RENAME +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Poss-Superiors +ldapDisplayName: possSuperiors +attributeId: 1.2.840.113556.1.2.8 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: FALSE +schemaIdGuid: bf9679fa-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Postal-Address +ldapDisplayName: postalAddress +attributeId: 2.5.4.16 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf9679fc-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +rangeLower: 1 +rangeUpper: 4096 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 33036 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Postal-Code +ldapDisplayName: postalCode +attributeId: 2.5.4.17 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf9679fd-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +rangeLower: 1 +rangeUpper: 40 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 14890 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Post-Office-Box +ldapDisplayName: postOfficeBox +attributeId: 2.5.4.18 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf9679fb-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +rangeLower: 1 +rangeUpper: 40 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 14891 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Preferred-Delivery-Method +ldapDisplayName: preferredDeliveryMethod +attributeId: 2.5.4.28 +attributeSyntax: 2.5.5.9 +omSyntax: 10 +isSingleValued: FALSE +schemaIdGuid: bf9679fe-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 33037 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: preferredLanguage +ldapDisplayName: preferredLanguage +attributeId: 2.16.840.1.113730.3.1.39 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 856be0d0-18e7-46e1-8f5f-7ee4d9020e0d +systemOnly: FALSE +searchFlags: 0 +systemFlags: 0 + +cn: Preferred-OU +ldapDisplayName: preferredOU +attributeId: 1.2.840.113556.1.4.97 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: bf9679ff-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Prefix-Map +ldapDisplayName: prefixMap +attributeId: 1.2.840.113556.1.4.538 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 52458022-ca6a-11d0-afff-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Presentation-Address +ldapDisplayName: presentationAddress +attributeId: 2.5.4.29 +attributeSyntax: 2.5.5.13 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.732 +isSingleValued: TRUE +schemaIdGuid: a8df744b-c5ea-11d1-bbcb-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Previous-CA-Certificates +ldapDisplayName: previousCACertificates +attributeId: 1.2.840.113556.1.4.692 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 963d2739-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Previous-Parent-CA +ldapDisplayName: previousParentCA +attributeId: 1.2.840.113556.1.4.694 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 963d273d-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Primary-Group-ID +ldapDisplayName: primaryGroupID +attributeId: 1.2.840.113556.1.4.98 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967a00-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY| fATTINDEX +attributeSecurityGuid: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Primary-Group-Token +ldapDisplayName: primaryGroupToken +attributeId: 1.2.840.113556.1.4.1412 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: c0ed8738-7efd-4481-84d9-66d2db8be369 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Print-Attributes +ldapDisplayName: printAttributes +attributeId: 1.2.840.113556.1.4.247 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 281416d7-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Bin-Names +ldapDisplayName: printBinNames +attributeId: 1.2.840.113556.1.4.237 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 281416cd-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Collate +ldapDisplayName: printCollate +attributeId: 1.2.840.113556.1.4.242 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 281416d2-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Color +ldapDisplayName: printColor +attributeId: 1.2.840.113556.1.4.243 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 281416d3-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Duplex-Supported +ldapDisplayName: printDuplexSupported +attributeId: 1.2.840.113556.1.4.1311 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 281416cc-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-End-Time +ldapDisplayName: printEndTime +attributeId: 1.2.840.113556.1.4.234 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 281416ca-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Printer-Name +ldapDisplayName: printerName +attributeId: 1.2.840.113556.1.4.300 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 244b296e-5abd-11d0-afd2-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Form-Name +ldapDisplayName: printFormName +attributeId: 1.2.840.113556.1.4.235 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 281416cb-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Keep-Printed-Jobs +ldapDisplayName: printKeepPrintedJobs +attributeId: 1.2.840.113556.1.4.275 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: ba305f6d-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Language +ldapDisplayName: printLanguage +attributeId: 1.2.840.113556.1.4.246 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 281416d6-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-MAC-Address +ldapDisplayName: printMACAddress +attributeId: 1.2.840.113556.1.4.288 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: ba305f7a-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Max-Copies +ldapDisplayName: printMaxCopies +attributeId: 1.2.840.113556.1.4.241 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 281416d1-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Max-Resolution-Supported +ldapDisplayName: printMaxResolutionSupported +attributeId: 1.2.840.113556.1.4.238 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 281416cf-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Max-X-Extent +ldapDisplayName: printMaxXExtent +attributeId: 1.2.840.113556.1.4.277 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ba305f6f-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Max-Y-Extent +ldapDisplayName: printMaxYExtent +attributeId: 1.2.840.113556.1.4.278 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ba305f70-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Media-Ready +ldapDisplayName: printMediaReady +attributeId: 1.2.840.113556.1.4.289 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 3bcbfcf5-4d3d-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Media-Supported +ldapDisplayName: printMediaSupported +attributeId: 1.2.840.113556.1.4.299 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 244b296f-5abd-11d0-afd2-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Memory +ldapDisplayName: printMemory +attributeId: 1.2.840.113556.1.4.282 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ba305f74-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Min-X-Extent +ldapDisplayName: printMinXExtent +attributeId: 1.2.840.113556.1.4.279 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ba305f71-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Min-Y-Extent +ldapDisplayName: printMinYExtent +attributeId: 1.2.840.113556.1.4.280 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ba305f72-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Network-Address +ldapDisplayName: printNetworkAddress +attributeId: 1.2.840.113556.1.4.287 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: ba305f79-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Notify +ldapDisplayName: printNotify +attributeId: 1.2.840.113556.1.4.272 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: ba305f6a-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Number-Up +ldapDisplayName: printNumberUp +attributeId: 1.2.840.113556.1.4.290 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 3bcbfcf4-4d3d-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Orientations-Supported +ldapDisplayName: printOrientationsSupported +attributeId: 1.2.840.113556.1.4.240 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 281416d0-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Owner +ldapDisplayName: printOwner +attributeId: 1.2.840.113556.1.4.271 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: ba305f69-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Pages-Per-Minute +ldapDisplayName: printPagesPerMinute +attributeId: 1.2.840.113556.1.4.631 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 19405b97-3cfa-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Rate +ldapDisplayName: printRate +attributeId: 1.2.840.113556.1.4.285 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ba305f77-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Rate-Unit +ldapDisplayName: printRateUnit +attributeId: 1.2.840.113556.1.4.286 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: ba305f78-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Separator-File +ldapDisplayName: printSeparatorFile +attributeId: 1.2.840.113556.1.4.230 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 281416c6-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Share-Name +ldapDisplayName: printShareName +attributeId: 1.2.840.113556.1.4.270 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: ba305f68-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Spooling +ldapDisplayName: printSpooling +attributeId: 1.2.840.113556.1.4.274 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: ba305f6c-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Stapling-Supported +ldapDisplayName: printStaplingSupported +attributeId: 1.2.840.113556.1.4.281 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: ba305f73-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Start-Time +ldapDisplayName: printStartTime +attributeId: 1.2.840.113556.1.4.233 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 281416c9-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Print-Status +ldapDisplayName: printStatus +attributeId: 1.2.840.113556.1.4.273 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: ba305f6b-47e3-11d0-a1a6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Priority +ldapDisplayName: priority +attributeId: 1.2.840.113556.1.4.231 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 281416c7-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Prior-Set-Time +ldapDisplayName: priorSetTime +attributeId: 1.2.840.113556.1.4.99 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf967a01-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Prior-Value +ldapDisplayName: priorValue +attributeId: 1.2.840.113556.1.4.100 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf967a02-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Private-Key +ldapDisplayName: privateKey +attributeId: 1.2.840.113556.1.4.101 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf967a03-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Privilege-Attributes +ldapDisplayName: privilegeAttributes +attributeId: 1.2.840.113556.1.4.636 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 19405b9a-3cfa-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Privilege-Display-Name +ldapDisplayName: privilegeDisplayName +attributeId: 1.2.840.113556.1.4.634 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 19405b98-3cfa-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Privilege-Holder +ldapDisplayName: privilegeHolder +attributeId: 1.2.840.113556.1.4.637 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 19405b9b-3cfa-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +linkID: 70 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Privilege-Value +ldapDisplayName: privilegeValue +attributeId: 1.2.840.113556.1.4.635 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 19405b99-3cfa-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Product-Code +ldapDisplayName: productCode +attributeId: 1.2.840.113556.1.4.818 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: d9e18317-8939-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Profile-Path +ldapDisplayName: profilePath +attributeId: 1.2.840.113556.1.4.139 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967a05-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +attributeSecurityGuid: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Proxied-Object-Name +ldapDisplayName: proxiedObjectName +attributeId: 1.2.840.113556.1.4.1249 +attributeSyntax: 2.5.5.7 +omSyntax: 127 +omObjectClass: 1.2.840.113556.1.1.1.11 +isSingleValued: TRUE +schemaIdGuid: e1aea402-cd5b-11d0-afff-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Proxy-Addresses +ldapDisplayName: proxyAddresses +attributeId: 1.2.840.113556.1.2.210 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf967a06-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fANR | fATTINDEX +rangeLower: 1 +rangeUpper: 1123 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 32783 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Proxy-Generation-Enabled +ldapDisplayName: proxyGenerationEnabled +attributeId: 1.2.840.113556.1.2.523 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 5fd424d6-1262-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +mapiID: 33201 + +cn: Proxy-Lifetime +ldapDisplayName: proxyLifetime +attributeId: 1.2.840.113556.1.4.103 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf967a07-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Public-Key-Policy +ldapDisplayName: publicKeyPolicy +attributeId: 1.2.840.113556.1.4.420 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 80a67e28-9f22-11d0-afdd-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: a29b89fd-c7e8-11d0-9bae-00c04fd92ef5 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Purported-Search +ldapDisplayName: purportedSearch +attributeId: 1.2.840.113556.1.4.886 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: b4b54e50-943a-11d1-aebd-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 2048 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Pwd-History-Length +ldapDisplayName: pwdHistoryLength +attributeId: 1.2.840.113556.1.4.95 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967a09-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 65535 +attributeSecurityGuid: c7407360-20bf-11d0-a768-00aa006e0529 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Pwd-Last-Set +ldapDisplayName: pwdLastSet +attributeId: 1.2.840.113556.1.4.96 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf967a0a-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 4c164200-20c0-11d0-a768-00aa006e0529 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Pwd-Properties +ldapDisplayName: pwdProperties +attributeId: 1.2.840.113556.1.4.93 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967a0b-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: c7407360-20bf-11d0-a768-00aa006e0529 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Quality-Of-Service +ldapDisplayName: qualityOfService +attributeId: 1.2.840.113556.1.4.458 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 80a67e4e-9f22-11d0-afdd-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: a29b8a01-c7e8-11d0-9bae-00c04fd92ef5 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Query-Filter +ldapDisplayName: queryFilter +attributeId: 1.2.840.113556.1.4.1355 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: cbf70a26-7e78-11d2-9921-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: QueryPoint +ldapDisplayName: queryPoint +attributeId: 1.2.840.113556.1.4.680 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 7bfdcb86-4807-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Query-Policy-BL +ldapDisplayName: queryPolicyBL +attributeId: 1.2.840.113556.1.4.608 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: e1aea404-cd5b-11d0-afff-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +linkID: 69 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: Query-Policy-Object +ldapDisplayName: queryPolicyObject +attributeId: 1.2.840.113556.1.4.607 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: e1aea403-cd5b-11d0-afff-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +linkID: 68 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Range-Lower +ldapDisplayName: rangeLower +attributeId: 1.2.840.113556.1.2.34 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967a0c-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +mapiID: 33043 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Range-Upper +ldapDisplayName: rangeUpper +attributeId: 1.2.840.113556.1.2.35 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967a0d-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +mapiID: 33044 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: RDN +ldapDisplayName: name +attributeId: 1.2.840.113556.1.4.1 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967a0e-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: fPRESERVEONDELETE| fANR | fATTINDEX +rangeLower: 1 +rangeUpper: 255 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 33282 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: RDN-Att-ID +ldapDisplayName: rDNAttID +attributeId: 1.2.840.113556.1.2.26 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: TRUE +schemaIdGuid: bf967a0f-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Registered-Address +ldapDisplayName: registeredAddress +attributeId: 2.5.4.26 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: bf967a10-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 4096 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 33049 + +cn: Remote-Server-Name +ldapDisplayName: remoteServerName +attributeId: 1.2.840.113556.1.4.105 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf967a12-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Remote-Source +ldapDisplayName: remoteSource +attributeId: 1.2.840.113556.1.4.107 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967a14-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 1024 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Remote-Source-Type +ldapDisplayName: remoteSourceType +attributeId: 1.2.840.113556.1.4.108 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967a15-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Remote-Storage-GUID +ldapDisplayName: remoteStorageGUID +attributeId: 1.2.840.113556.1.4.809 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 2a39c5b0-8960-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Replica-Source +ldapDisplayName: replicaSource +attributeId: 1.2.840.113556.1.4.109 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967a18-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Repl-Interval +ldapDisplayName: replInterval +attributeId: 1.2.840.113556.1.4.1336 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 45ba9d1a-56fa-11d2-90d0-00c04fd91ab1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Repl-Property-Meta-Data +ldapDisplayName: replPropertyMetaData +attributeId: 1.2.840.113556.1.4.3 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 281416c0-1968-11d0-a28f-00aa003049e2 +systemOnly: TRUE +searchFlags: fPRESERVEONDELETE +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_OPERATIONAL |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Repl-Topology-Stay-Of-Execution +ldapDisplayName: replTopologyStayOfExecution +attributeId: 1.2.840.113556.1.4.677 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 7bfdcb83-4807-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Repl-UpToDate-Vector +ldapDisplayName: replUpToDateVector +attributeId: 1.2.840.113556.1.4.4 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf967a16-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Reports +ldapDisplayName: directReports +attributeId: 1.2.840.113556.1.2.436 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: bf967a1c-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +linkID: 43 +mapiID: 32782 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: Reps-From +ldapDisplayName: repsFrom +attributeId: 1.2.840.113556.1.2.91 +attributeSyntax: 2.5.5.10 +omSyntax: 127 +omObjectClass: 1.2.840.113556.1.1.1.6 +isSingleValued: FALSE +schemaIdGuid: bf967a1d-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Reps-To +ldapDisplayName: repsTo +attributeId: 1.2.840.113556.1.2.83 +attributeSyntax: 2.5.5.10 +omSyntax: 127 +omObjectClass: 1.2.840.113556.1.1.1.6 +isSingleValued: FALSE +schemaIdGuid: bf967a1e-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Required-Categories +ldapDisplayName: requiredCategories +attributeId: 1.2.840.113556.1.4.321 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 7d6c0e93-7e20-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 16 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Retired-Repl-DSA-Signatures +ldapDisplayName: retiredReplDSASignatures +attributeId: 1.2.840.113556.1.4.673 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 7bfdcb7f-4807-11d1-a9c3-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Revision +ldapDisplayName: revision +attributeId: 1.2.840.113556.1.4.145 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967a21-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Rid +ldapDisplayName: rid +attributeId: 1.2.840.113556.1.4.153 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967a22-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: RID-Allocation-Pool +ldapDisplayName: rIDAllocationPool +attributeId: 1.2.840.113556.1.4.371 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 66171889-8f3c-11d0-afda-00c04fd930c9 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: RID-Available-Pool +ldapDisplayName: rIDAvailablePool +attributeId: 1.2.840.113556.1.4.370 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 66171888-8f3c-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: RID-Manager-Reference +ldapDisplayName: rIDManagerReference +attributeId: 1.2.840.113556.1.4.368 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 66171886-8f3c-11d0-afda-00c04fd930c9 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: RID-Next-RID +ldapDisplayName: rIDNextRID +attributeId: 1.2.840.113556.1.4.374 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 6617188c-8f3c-11d0-afda-00c04fd930c9 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: RID-Previous-Allocation-Pool +ldapDisplayName: rIDPreviousAllocationPool +attributeId: 1.2.840.113556.1.4.372 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 6617188a-8f3c-11d0-afda-00c04fd930c9 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: RID-Set-References +ldapDisplayName: rIDSetReferences +attributeId: 1.2.840.113556.1.4.669 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 7bfdcb7b-4807-11d1-a9c3-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: RID-Used-Pool +ldapDisplayName: rIDUsedPool +attributeId: 1.2.840.113556.1.4.373 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 6617188b-8f3c-11d0-afda-00c04fd930c9 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Rights-Guid +ldapDisplayName: rightsGuid +attributeId: 1.2.840.113556.1.4.340 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 8297931c-86d3-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 36 +rangeUpper: 36 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Role-Occupant +ldapDisplayName: roleOccupant +attributeId: 2.5.4.33 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: a8df7465-c5ea-11d1-bbcb-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +mapiID: 33061 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: roomNumber +ldapDisplayName: roomNumber +attributeId: 0.9.2342.19200300.100.1.6 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 81d7f8c2-e327-4a0d-91c6-b42d4009115f +systemOnly: FALSE +searchFlags: 0 +showInAdvancedViewOnly: FALSE +systemFlags: 0 + +cn: Root-Trust +ldapDisplayName: rootTrust +attributeId: 1.2.840.113556.1.4.674 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 7bfdcb80-4807-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: rpc-Ns-Annotation +ldapDisplayName: rpcNsAnnotation +attributeId: 1.2.840.113556.1.4.366 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 88611bde-8cf4-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: rpc-Ns-Bindings +ldapDisplayName: rpcNsBindings +attributeId: 1.2.840.113556.1.4.113 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf967a23-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: rpc-Ns-Codeset +ldapDisplayName: rpcNsCodeset +attributeId: 1.2.840.113556.1.4.367 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 7a0ba0e0-8e98-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: rpc-Ns-Entry-Flags +ldapDisplayName: rpcNsEntryFlags +attributeId: 1.2.840.113556.1.4.754 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 80212841-4bdc-11d1-a9c4-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: rpc-Ns-Group +ldapDisplayName: rpcNsGroup +attributeId: 1.2.840.113556.1.4.114 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: bf967a24-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: rpc-Ns-Interface-ID +ldapDisplayName: rpcNsInterfaceID +attributeId: 1.2.840.113556.1.4.115 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967a25-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: rpc-Ns-Object-ID +ldapDisplayName: rpcNsObjectID +attributeId: 1.2.840.113556.1.4.312 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 29401c48-7a27-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: rpc-Ns-Priority +ldapDisplayName: rpcNsPriority +attributeId: 1.2.840.113556.1.4.117 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: FALSE +schemaIdGuid: bf967a27-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: rpc-Ns-Profile-Entry +ldapDisplayName: rpcNsProfileEntry +attributeId: 1.2.840.113556.1.4.118 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967a28-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: rpc-Ns-Transfer-Syntax +ldapDisplayName: rpcNsTransferSyntax +attributeId: 1.2.840.113556.1.4.314 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 29401c4a-7a27-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: SAM-Account-Name +ldapDisplayName: sAMAccountName +attributeId: 1.2.840.113556.1.4.221 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 3e0abfd0-126a-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: fPRESERVEONDELETE| fANR | fATTINDEX +rangeLower: 0 +rangeUpper: 256 +attributeSecurityGuid: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: SAM-Account-Type +ldapDisplayName: sAMAccountType +attributeId: 1.2.840.113556.1.4.302 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 6e7b626c-64f2-11d0-afd2-00c04fd930c9 +systemOnly: FALSE +searchFlags: fATTINDEX +attributeSecurityGuid: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: SAM-Domain-Updates +ldapDisplayName: samDomainUpdates +attributeId: 1.2.840.113556.1.4.1969 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 04d2d114-f799-4e9b-bcdc-90e8f5ba7ebe +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 1024 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Schedule +ldapDisplayName: schedule +attributeId: 1.2.840.113556.1.4.211 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: dd712224-10e4-11d0-a05f-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Schema-Flags-Ex +ldapDisplayName: schemaFlagsEx +attributeId: 1.2.840.113556.1.4.120 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967a2b-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Schema-ID-GUID +ldapDisplayName: schemaIDGUID +attributeId: 1.2.840.113556.1.4.148 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf967923-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +rangeLower: 16 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Schema-Info +ldapDisplayName: schemaInfo +attributeId: 1.2.840.113556.1.4.1358 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: f9fb64ae-93b4-11d2-9945-0000f87a57d4 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Schema-Update +ldapDisplayName: schemaUpdate +attributeId: 1.2.840.113556.1.4.481 +attributeSyntax: 2.5.5.11 +omSyntax: 24 +isSingleValued: TRUE +schemaIdGuid: 1e2d06b4-ac8f-11d0-afe3-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: Schema-Version +ldapDisplayName: schemaVersion +attributeId: 1.2.840.113556.1.2.471 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: FALSE +schemaIdGuid: bf967a2c-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +mapiID: 33148 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Scope-Flags +ldapDisplayName: scopeFlags +attributeId: 1.2.840.113556.1.4.1354 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 16f3a4c2-7e79-11d2-9921-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Script-Path +ldapDisplayName: scriptPath +attributeId: 1.2.840.113556.1.4.62 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf9679a8-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +attributeSecurityGuid: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: SD-Rights-Effective +ldapDisplayName: sDRightsEffective +attributeId: 1.2.840.113556.1.4.1304 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: c3dbafa6-33df-11d2-98b2-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED |FLAG_DOMAIN_DISALLOW_RENAME +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Search-Flags +ldapDisplayName: searchFlags +attributeId: 1.2.840.113556.1.2.334 +attributeSyntax: 2.5.5.9 +omSyntax: 10 +isSingleValued: TRUE +schemaIdGuid: bf967a2d-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +mapiID: 33069 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Search-Guide +ldapDisplayName: searchGuide +attributeId: 2.5.4.14 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: bf967a2e-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +mapiID: 33070 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: secretary +ldapDisplayName: secretary +attributeId: 0.9.2342.19200300.100.1.21 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 01072d9a-98ad-4a53-9744-e83e287278fb +systemOnly: FALSE +searchFlags: 0 +showInAdvancedViewOnly: FALSE +systemFlags: 0 + +cn: Security-Identifier +ldapDisplayName: securityIdentifier +attributeId: 1.2.840.113556.1.4.121 +attributeSyntax: 2.5.5.17 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf967a2f-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: See-Also +ldapDisplayName: seeAlso +attributeId: 2.5.4.34 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: bf967a31-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +mapiID: 33071 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Seq-Notification +ldapDisplayName: seqNotification +attributeId: 1.2.840.113556.1.4.504 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: ddac0cf2-af8f-11d0-afeb-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Serial-Number +ldapDisplayName: serialNumber +attributeId: 2.5.4.5 +attributeSyntax: 2.5.5.5 +omSyntax: 19 +isSingleValued: FALSE +schemaIdGuid: bf967a32-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +mapiID: 33072 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Server-Name +ldapDisplayName: serverName +attributeId: 1.2.840.113556.1.4.223 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 09dcb7a0-165f-11d0-a064-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 1024 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Server-Reference +ldapDisplayName: serverReference +attributeId: 1.2.840.113556.1.4.515 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 26d9736d-6070-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +linkID: 94 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Server-Reference-BL +ldapDisplayName: serverReferenceBL +attributeId: 1.2.840.113556.1.4.516 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 26d9736e-6070-11d1-a9c6-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +linkID: 95 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Server-Role +ldapDisplayName: serverRole +attributeId: 1.2.840.113556.1.4.157 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967a33-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: b8119fd0-04f6-4762-ab7a-4986c76b3f9a +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Server-State +ldapDisplayName: serverState +attributeId: 1.2.840.113556.1.4.154 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967a34-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: b8119fd0-04f6-4762-ab7a-4986c76b3f9a +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Service-Binding-Information +ldapDisplayName: serviceBindingInformation +attributeId: 1.2.840.113556.1.4.510 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: b7b1311c-b82e-11d0-afee-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Service-Class-ID +ldapDisplayName: serviceClassID +attributeId: 1.2.840.113556.1.4.122 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf967a35-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Service-Class-Info +ldapDisplayName: serviceClassInfo +attributeId: 1.2.840.113556.1.4.123 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: bf967a36-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Service-Class-Name +ldapDisplayName: serviceClassName +attributeId: 1.2.840.113556.1.4.509 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: b7b1311d-b82e-11d0-afee-0000f80367c1 +systemOnly: FALSE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Service-DNS-Name +ldapDisplayName: serviceDNSName +attributeId: 1.2.840.113556.1.4.657 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 28630eb8-41d5-11d1-a9c1-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Service-DNS-Name-Type +ldapDisplayName: serviceDNSNameType +attributeId: 1.2.840.113556.1.4.659 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 28630eba-41d5-11d1-a9c1-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Service-Instance-Version +ldapDisplayName: serviceInstanceVersion +attributeId: 1.2.840.113556.1.4.199 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf967a37-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 8 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Service-Principal-Name +ldapDisplayName: servicePrincipalName +attributeId: 1.2.840.113556.1.4.771 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: f3a64788-5306-11d1-a9c5-0000f80367c1 +systemOnly: FALSE +searchFlags: fATTINDEX +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Setup-Command +ldapDisplayName: setupCommand +attributeId: 1.2.840.113556.1.4.325 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 7d6c0e97-7e20-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ShadowExpire +ldapDisplayName: shadowExpire +attributeId: 1.3.6.1.1.1.1.10 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 75159a00-1fff-4cf4-8bff-4ef2695cf643 +systemOnly: FALSE +searchFlags: 0 + +cn: ShadowFlag +ldapDisplayName: shadowFlag +attributeId: 1.3.6.1.1.1.1.11 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 8dfeb70d-c5db-46b6-b15e-a4389e6cee9b +systemOnly: FALSE +searchFlags: 0 + +cn: ShadowInactive +ldapDisplayName: shadowInactive +attributeId: 1.3.6.1.1.1.1.9 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 86871d1f-3310-4312-8efd-af49dcfb2671 +systemOnly: FALSE +searchFlags: 0 + +cn: ShadowLastChange +ldapDisplayName: shadowLastChange +attributeId: 1.3.6.1.1.1.1.5 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: f8f2689c-29e8-4843-8177-e8b98e15eeac +systemOnly: FALSE +searchFlags: 0 + +cn: ShadowMax +ldapDisplayName: shadowMax +attributeId: 1.3.6.1.1.1.1.7 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: f285c952-50dd-449e-9160-3b880d99988d +systemOnly: FALSE +searchFlags: 0 + +cn: ShadowMin +ldapDisplayName: shadowMin +attributeId: 1.3.6.1.1.1.1.6 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: a76b8737-e5a1-4568-b057-dc12e04be4b2 +systemOnly: FALSE +searchFlags: 0 + +cn: ShadowWarning +ldapDisplayName: shadowWarning +attributeId: 1.3.6.1.1.1.1.8 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 7ae89c9c-2976-4a46-bb8a-340f88560117 +systemOnly: FALSE +searchFlags: 0 + +cn: Shell-Context-Menu +ldapDisplayName: shellContextMenu +attributeId: 1.2.840.113556.1.4.615 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 553fd039-f32e-11d0-b0bc-00c04fd8dca6 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Shell-Property-Pages +ldapDisplayName: shellPropertyPages +attributeId: 1.2.840.113556.1.4.563 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 52458039-ca6a-11d0-afff-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Short-Server-Name +ldapDisplayName: shortServerName +attributeId: 1.2.840.113556.1.4.1209 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 45b01501-c419-11d1-bbc9-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Show-In-Address-Book +ldapDisplayName: showInAddressBook +attributeId: 1.2.840.113556.1.4.644 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 3e74f60e-3e73-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +searchFlags: fCOPY +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Show-In-Advanced-View-Only +ldapDisplayName: showInAdvancedViewOnly +attributeId: 1.2.840.113556.1.2.169 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: bf967984-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY| fATTINDEX +attributeSecurityGuid: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: SID-History +ldapDisplayName: sIDHistory +attributeId: 1.2.840.113556.1.4.609 +attributeSyntax: 2.5.5.17 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 17eb4278-d167-11d0-b002-0000f80367c1 +systemOnly: FALSE +searchFlags: fATTINDEX +attributeSecurityGuid: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Signature-Algorithms +ldapDisplayName: signatureAlgorithms +attributeId: 1.2.840.113556.1.4.824 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 2a39c5b2-8960-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Site-GUID +ldapDisplayName: siteGUID +attributeId: 1.2.840.113556.1.4.362 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 3e978924-8c01-11d0-afda-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 16 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Site-Link-List +ldapDisplayName: siteLinkList +attributeId: 1.2.840.113556.1.4.822 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: d50c2cdd-8951-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +linkID: 142 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Site-List +ldapDisplayName: siteList +attributeId: 1.2.840.113556.1.4.821 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: d50c2cdc-8951-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +linkID: 144 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Site-Object +ldapDisplayName: siteObject +attributeId: 1.2.840.113556.1.4.512 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 3e10944c-c354-11d0-aff8-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +linkID: 46 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Site-Object-BL +ldapDisplayName: siteObjectBL +attributeId: 1.2.840.113556.1.4.513 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 3e10944d-c354-11d0-aff8-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +linkID: 47 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_NOT_REPLICATED + +cn: Site-Server +ldapDisplayName: siteServer +attributeId: 1.2.840.113556.1.4.494 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 1be8f17c-a9ff-11d0-afe2-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: SMTP-Mail-Address +ldapDisplayName: mailAddress +attributeId: 1.2.840.113556.1.4.786 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 26d9736f-6070-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: SPN-Mappings +ldapDisplayName: sPNMappings +attributeId: 1.2.840.113556.1.4.1347 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 2ab0e76c-7041-11d2-9905-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: State-Or-Province-Name +ldapDisplayName: st +attributeId: 2.5.4.8 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967a39-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +rangeLower: 1 +rangeUpper: 128 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 14888 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Street-Address +ldapDisplayName: street +attributeId: 2.5.4.9 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967a3a-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +rangeLower: 1 +rangeUpper: 1024 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 33082 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Structural-Object-Class +ldapDisplayName: structuralObjectClass +attributeId: 2.5.21.9 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: FALSE +schemaIdGuid: 3860949f-f6a8-4b38-9950-81ecb6bc2982 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Sub-Class-Of +ldapDisplayName: subClassOf +attributeId: 1.2.840.113556.1.2.21 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: TRUE +schemaIdGuid: bf967a3b-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: fPRESERVEONDELETE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Sub-Refs +ldapDisplayName: subRefs +attributeId: 1.2.840.113556.1.2.7 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: bf967a3c-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +mapiID: 33083 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: SubSchemaSubEntry +ldapDisplayName: subSchemaSubEntry +attributeId: 2.5.18.10 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 9a7ad94d-ca53-11d1-bbd0-0080c76670c0 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED |FLAG_DOMAIN_DISALLOW_RENAME +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Superior-DNS-Root +ldapDisplayName: superiorDNSRoot +attributeId: 1.2.840.113556.1.4.532 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 5245801d-ca6a-11d0-afff-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Super-Scope-Description +ldapDisplayName: superScopeDescription +attributeId: 1.2.840.113556.1.4.711 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 963d274c-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Super-Scopes +ldapDisplayName: superScopes +attributeId: 1.2.840.113556.1.4.710 +attributeSyntax: 2.5.5.5 +omSyntax: 19 +isSingleValued: FALSE +schemaIdGuid: 963d274b-48be-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Supplemental-Credentials +ldapDisplayName: supplementalCredentials +attributeId: 1.2.840.113556.1.4.125 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: bf967a3f-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Supported-Application-Context +ldapDisplayName: supportedApplicationContext +attributeId: 2.5.4.30 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 1677588f-47f3-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +mapiID: 33085 + +cn: Surname +ldapDisplayName: sn +attributeId: 2.5.4.4 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967a41-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fANR | fATTINDEX +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 14865 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Sync-Attributes +ldapDisplayName: syncAttributes +attributeId: 1.2.840.113556.1.4.666 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 037651e4-441d-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Sync-Membership +ldapDisplayName: syncMembership +attributeId: 1.2.840.113556.1.4.665 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 037651e3-441d-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +linkID: 78 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Sync-With-Object +ldapDisplayName: syncWithObject +attributeId: 1.2.840.113556.1.4.664 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 037651e2-441d-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Sync-With-SID +ldapDisplayName: syncWithSID +attributeId: 1.2.840.113556.1.4.667 +attributeSyntax: 2.5.5.17 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 037651e5-441d-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: System-Auxiliary-Class +ldapDisplayName: systemAuxiliaryClass +attributeId: 1.2.840.113556.1.4.198 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: FALSE +schemaIdGuid: bf967a43-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: System-Flags +ldapDisplayName: systemFlags +attributeId: 1.2.840.113556.1.4.375 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: e0fa1e62-9b45-11d0-afdd-00c04fd930c9 +systemOnly: TRUE +searchFlags: fPRESERVEONDELETE +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: System-May-Contain +ldapDisplayName: systemMayContain +attributeId: 1.2.840.113556.1.4.196 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: FALSE +schemaIdGuid: bf967a44-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: System-Must-Contain +ldapDisplayName: systemMustContain +attributeId: 1.2.840.113556.1.4.197 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: FALSE +schemaIdGuid: bf967a45-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: System-Only +ldapDisplayName: systemOnly +attributeId: 1.2.840.113556.1.4.170 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: bf967a46-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: System-Poss-Superiors +ldapDisplayName: systemPossSuperiors +attributeId: 1.2.840.113556.1.4.195 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: FALSE +schemaIdGuid: bf967a47-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Telephone-Number +ldapDisplayName: telephoneNumber +attributeId: 2.5.4.20 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967a49-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 14856 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Teletex-Terminal-Identifier +ldapDisplayName: teletexTerminalIdentifier +attributeId: 2.5.4.22 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: bf967a4a-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 33091 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Telex-Number +ldapDisplayName: telexNumber +attributeId: 2.5.4.21 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: bf967a4b-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 32 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 14892 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Telex-Primary +ldapDisplayName: primaryTelexNumber +attributeId: 1.2.840.113556.1.4.648 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 0296c121-40da-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 64 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Template-Roots +ldapDisplayName: templateRoots +attributeId: 1.2.840.113556.1.4.1346 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: ed9de9a0-7041-11d2-9905-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Template-Roots2 +ldapDisplayName: templateRoots2 +attributeId: 1.2.840.113556.1.4.2048 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +linkId: 2126 +schemaIdGuid: b1cba91a-0682-4362-a659-153e201ef069 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Terminal-Server +ldapDisplayName: terminalServer +attributeId: 1.2.840.113556.1.4.885 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 6db69a1c-9422-11d1-aebd-0000f80367c1 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeUpper: 20480 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +attributeSecurityGUID: 5805bc62-bdc9-4428-a5e2-856a0f4c185e + +cn: Text-Country +ldapDisplayName: co +attributeId: 1.2.840.113556.1.2.131 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: f0f8ffa7-1191-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: fCOPY +rangeLower: 1 +rangeUpper: 128 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 14886 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Text-Encoded-OR-Address +ldapDisplayName: textEncodedORAddress +attributeId: 0.9.2342.19200300.100.1.2 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: a8df7489-c5ea-11d1-bbcb-0080c76670c0 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 1024 +mapiID: 35969 + +cn: Time-Refresh +ldapDisplayName: timeRefresh +attributeId: 1.2.840.113556.1.4.503 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: ddac0cf1-af8f-11d0-afeb-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Time-Vol-Change +ldapDisplayName: timeVolChange +attributeId: 1.2.840.113556.1.4.502 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: ddac0cf0-af8f-11d0-afeb-00c04fd930c9 +systemOnly: FALSE +searchFlags: fATTINDEX +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Title +ldapDisplayName: title +attributeId: 2.5.4.12 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967a55-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 128 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +mapiID: 14871 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Token-Groups +ldapDisplayName: tokenGroups +attributeId: 1.2.840.113556.1.4.1301 +attributeSyntax: 2.5.5.17 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: b7c69e6d-2cc7-11d2-854e-00a0c983f608 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 037088f8-0ae1-11d2-b422-00a0c968f939 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED |FLAG_DOMAIN_DISALLOW_RENAME +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Token-Groups-Global-And-Universal +ldapDisplayName: tokenGroupsGlobalAndUniversal +attributeId: 1.2.840.113556.1.4.1418 +attributeSyntax: 2.5.5.17 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 46a9b11d-60ae-405a-b7e8-ff8a58d456d2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 037088f8-0ae1-11d2-b422-00a0c968f939 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED |FLAG_DOMAIN_DISALLOW_RENAME +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Token-Groups-No-GC-Acceptable +ldapDisplayName: tokenGroupsNoGCAcceptable +attributeId: 1.2.840.113556.1.4.1303 +attributeSyntax: 2.5.5.17 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 040fc392-33df-11d2-98b2-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 037088f8-0ae1-11d2-b422-00a0c968f939 +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_CONSTRUCTED |FLAG_DOMAIN_DISALLOW_RENAME +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Tombstone-Lifetime +ldapDisplayName: tombstoneLifetime +attributeId: 1.2.840.113556.1.2.54 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 16c3a860-1273-11d0-a060-00aa006c33ed +systemOnly: FALSE +searchFlags: 0 +mapiID: 33093 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Transport-Address-Attribute +ldapDisplayName: transportAddressAttribute +attributeId: 1.2.840.113556.1.4.895 +attributeSyntax: 2.5.5.2 +omSyntax: 6 +isSingleValued: TRUE +schemaIdGuid: c1dc867c-a261-11d1-b606-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Transport-DLL-Name +ldapDisplayName: transportDLLName +attributeId: 1.2.840.113556.1.4.789 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 26d97372-6070-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 1024 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Transport-Type +ldapDisplayName: transportType +attributeId: 1.2.840.113556.1.4.791 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: 26d97374-6070-11d1-a9c6-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Treat-As-Leaf +ldapDisplayName: treatAsLeaf +attributeId: 1.2.840.113556.1.4.806 +attributeSyntax: 2.5.5.8 +omSyntax: 1 +isSingleValued: TRUE +schemaIdGuid: 8fd044e3-771f-11d1-aeae-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Tree-Name +ldapDisplayName: treeName +attributeId: 1.2.840.113556.1.4.660 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 28630ebd-41d5-11d1-a9c1-0000f80367c1 +systemOnly: TRUE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Trust-Attributes +ldapDisplayName: trustAttributes +attributeId: 1.2.840.113556.1.4.470 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 80a67e5a-9f22-11d0-afdd-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Trust-Auth-Incoming +ldapDisplayName: trustAuthIncoming +attributeId: 1.2.840.113556.1.4.129 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf967a59-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Trust-Auth-Outgoing +ldapDisplayName: trustAuthOutgoing +attributeId: 1.2.840.113556.1.4.135 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf967a5f-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Trust-Direction +ldapDisplayName: trustDirection +attributeId: 1.2.840.113556.1.4.132 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967a5c-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Trust-Parent +ldapDisplayName: trustParent +attributeId: 1.2.840.113556.1.4.471 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: TRUE +schemaIdGuid: b000ea7a-a086-11d0-afdd-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Trust-Partner +ldapDisplayName: trustPartner +attributeId: 1.2.840.113556.1.4.133 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967a5d-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 1 +rangeUpper: 1024 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Trust-Posix-Offset +ldapDisplayName: trustPosixOffset +attributeId: 1.2.840.113556.1.4.134 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967a5e-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Trust-Type +ldapDisplayName: trustType +attributeId: 1.2.840.113556.1.4.136 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967a60-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: UAS-Compat +ldapDisplayName: uASCompat +attributeId: 1.2.840.113556.1.4.155 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967a61-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: b8119fd0-04f6-4762-ab7a-4986c76b3f9a +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: uid +ldapDisplayName: uid +attributeId: 0.9.2342.19200300.100.1.1 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 0bb0fca0-1e89-429f-901a-1413894d9f59 +systemOnly: FALSE +searchFlags: fPRESERVEONDELETE +attributeSecurityGuid: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +showInAdvancedViewOnly: FALSE +systemFlags: 0 + +cn: UidNumber +ldapDisplayName: uidNumber +attributeId: 1.3.6.1.1.1.1.0 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 850fcc8f-9c6b-47e1-b671-7c654be4d5b3 +systemOnly: FALSE +searchFlags: fATTINDEX + +cn: UNC-Name +ldapDisplayName: uNCName +attributeId: 1.2.840.113556.1.4.137 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967a64-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fATTINDEX +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Unicode-Pwd +ldapDisplayName: unicodePwd +attributeId: 1.2.840.113556.1.4.90 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf9679e1-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: uniqueIdentifier +ldapDisplayName: uniqueIdentifier +attributeId: 0.9.2342.19200300.100.1.44 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: ba0184c7-38c5-4bed-a526-75421470580c +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 + +cn: uniqueMember +ldapDisplayName: uniqueMember +attributeId: 2.5.4.50 +attributeSyntax: 2.5.5.1 +omSyntax: 127 +omObjectClass: 1.3.12.2.1011.28.0.714 +isSingleValued: FALSE +schemaIdGuid: 8f888726-f80a-44d7-b1ee-cb9df21392c8 +systemOnly: FALSE +searchFlags: 0 +showInAdvancedViewOnly: FALSE +systemFlags: 0 + +cn: UnixHomeDirectory +ldapDisplayName: unixHomeDirectory +attributeId: 1.3.6.1.1.1.1.3 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: TRUE +schemaIdGuid: bc2dba12-000f-464d-bf1d-0808465d8843 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 2048 + +cn: UnixUserPassword +ldapDisplayName: unixUserPassword +attributeId: 1.2.840.113556.1.4.1910 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 612cb747-c0e8-4f92-9221-fdd5f15b550d +systemOnly: FALSE +searchFlags:fCONFIDENTIAL +rangeLower: 1 +rangeUpper: 128 + +cn: unstructuredAddress +ldapDisplayName: unstructuredAddress +attributeId: 1.2.840.113549.1.9.8 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 50950839-cc4c-4491-863a-fcf942d684b7 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 256 +systemFlags: 0 + +cn: unstructuredName +ldapDisplayName: unstructuredName +attributeId: 1.2.840.113549.1.9.2 +attributeSyntax: 2.5.5.5 +omSyntax: 22 +isSingleValued: FALSE +schemaIdGuid: 9c8ef177-41cf-45c9-9673-7716c0c8901b +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 256 +systemFlags: 0 + +cn: Upgrade-Product-Code +ldapDisplayName: upgradeProductCode +attributeId: 1.2.840.113556.1.4.813 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: d9e18312-8939-11d1-aebc-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: UPN-Suffixes +ldapDisplayName: uPNSuffixes +attributeId: 1.2.840.113556.1.4.890 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 032160bf-9824-11d1-aec0-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: User-Account-Control +ldapDisplayName: userAccountControl +attributeId: 1.2.840.113556.1.4.8 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967a68-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY| fPRESERVEONDELETE | fATTINDEX +attributeSecurityGuid: 4c164200-20c0-11d0-a768-00aa006e0529 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: User-Cert +ldapDisplayName: userCert +attributeId: 1.2.840.113556.1.4.645 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: bf967a69-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 14882 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: userClass +ldapDisplayName: userClass +attributeId: 0.9.2342.19200300.100.1.8 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 11732a8a-e14d-4cc5-b92f-d93f51c6d8e4 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 256 + +cn: User-Comment +ldapDisplayName: comment +attributeId: 1.2.840.113556.1.4.156 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967a6a-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 59ba2f42-79a2-11d0-9020-00c04fc2d3cf +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: User-Parameters +ldapDisplayName: userParameters +attributeId: 1.2.840.113556.1.4.138 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967a6d-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 32767 +attributeSecurityGuid: 4c164200-20c0-11d0-a768-00aa006e0529 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: User-Password +ldapDisplayName: userPassword +attributeId: 2.5.4.35 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: bf967a6e-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 128 +mapiID: 33107 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: userPKCS12 +ldapDisplayName: userPKCS12 +attributeId: 2.16.840.1.113730.3.1.216 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: 23998ab5-70f8-4007-a4c1-a84a38311f9a +systemOnly: FALSE +searchFlags: 0 +showInAdvancedViewOnly: FALSE +systemFlags: 0 + +cn: User-Principal-Name +ldapDisplayName: userPrincipalName +attributeId: 1.2.840.113556.1.4.656 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 28630ebb-41d5-11d1-a9c1-0000f80367c1 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeUpper: 1024 +attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: User-Shared-Folder +ldapDisplayName: userSharedFolder +attributeId: 1.2.840.113556.1.4.751 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 9a9a021f-4a5b-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: User-Shared-Folder-Other +ldapDisplayName: userSharedFolderOther +attributeId: 1.2.840.113556.1.4.752 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 9a9a0220-4a5b-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: User-SMIME-Certificate +ldapDisplayName: userSMIMECertificate +attributeId: 2.16.840.1.113730.3.140 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: e16a9db2-403c-11d1-a9c0-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 32768 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 14960 +isMemberOfPartialAttributeSet: TRUE +systemFlags: 0 + +cn: User-Workstations +ldapDisplayName: userWorkstations +attributeId: 1.2.840.113556.1.4.86 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf9679d7-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: fCOPY +rangeLower: 0 +rangeUpper: 1024 +attributeSecurityGuid: 5f202010-79a5-11d0-9020-00c04fc2d4cf +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: USN-Changed +ldapDisplayName: uSNChanged +attributeId: 1.2.840.113556.1.2.120 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf967a6f-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: fPRESERVEONDELETE | fATTINDEX +mapiID: 32809 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: USN-Created +ldapDisplayName: uSNCreated +attributeId: 1.2.840.113556.1.2.19 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf967a70-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: fPRESERVEONDELETE | fATTINDEX +mapiID: 33108 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: USN-DSA-Last-Obj-Removed +ldapDisplayName: uSNDSALastObjRemoved +attributeId: 1.2.840.113556.1.2.267 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf967a71-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +mapiID: 33109 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: USN-Intersite +ldapDisplayName: USNIntersite +attributeId: 1.2.840.113556.1.2.469 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: a8df7498-c5ea-11d1-bbcb-0080c76670c0 +systemOnly: FALSE +searchFlags: fATTINDEX +mapiID: 33146 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: USN-Last-Obj-Rem +ldapDisplayName: uSNLastObjRem +attributeId: 1.2.840.113556.1.2.121 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: bf967a73-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +mapiID: 33110 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: USN-Source +ldapDisplayName: uSNSource +attributeId: 1.2.840.113556.1.4.896 +attributeSyntax: 2.5.5.16 +omSyntax: 65 +isSingleValued: TRUE +schemaIdGuid: 167758ad-47f3-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +mapiID: 33111 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Valid-Accesses +ldapDisplayName: validAccesses +attributeId: 1.2.840.113556.1.4.1356 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 4d2fa380-7f54-11d2-992a-0000f87a57d4 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Vendor +ldapDisplayName: vendor +attributeId: 1.2.840.113556.1.4.255 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: 281416df-1968-11d0-a28f-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 512 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Version-Number +ldapDisplayName: versionNumber +attributeId: 1.2.840.113556.1.4.141 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: bf967a76-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Version-Number-Hi +ldapDisplayName: versionNumberHi +attributeId: 1.2.840.113556.1.4.328 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 7d6c0e9a-7e20-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Version-Number-Lo +ldapDisplayName: versionNumberLo +attributeId: 1.2.840.113556.1.4.329 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 7d6c0e9b-7e20-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Vol-Table-GUID +ldapDisplayName: volTableGUID +attributeId: 1.2.840.113556.1.4.336 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 1f0075fd-7e40-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 0 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Vol-Table-Idx-GUID +ldapDisplayName: volTableIdxGUID +attributeId: 1.2.840.113556.1.4.334 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: TRUE +schemaIdGuid: 1f0075fb-7e40-11d0-afd6-00c04fd930c9 +systemOnly: FALSE +searchFlags: fATTINDEX +rangeLower: 0 +rangeUpper: 16 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Volume-Count +ldapDisplayName: volumeCount +attributeId: 1.2.840.113556.1.4.507 +attributeSyntax: 2.5.5.9 +omSyntax: 2 +isSingleValued: TRUE +schemaIdGuid: 34aaa217-b699-11d0-afee-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Wbem-Path +ldapDisplayName: wbemPath +attributeId: 1.2.840.113556.1.4.301 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 244b2970-5abd-11d0-afd2-00c04fd930c9 +systemOnly: FALSE +searchFlags: 0 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Well-Known-Objects +ldapDisplayName: wellKnownObjects +attributeId: 1.2.840.113556.1.4.618 +attributeSyntax: 2.5.5.7 +omSyntax: 127 +omObjectClass: 1.2.840.113556.1.1.1.11 +isSingleValued: FALSE +schemaIdGuid: 05308983-7688-11d1-aded-00c04fd8d5cd +systemOnly: TRUE +searchFlags: 0 +rangeLower: 16 +rangeUpper: 16 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: When-Changed +ldapDisplayName: whenChanged +attributeId: 1.2.840.113556.1.2.3 +attributeSyntax: 2.5.5.11 +omSyntax: 24 +isSingleValued: TRUE +schemaIdGuid: bf967a77-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +mapiID: 12296 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER | FLAG_ATTR_NOT_REPLICATED +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: When-Created +ldapDisplayName: whenCreated +attributeId: 1.2.840.113556.1.2.2 +attributeSyntax: 2.5.5.11 +omSyntax: 24 +isSingleValued: TRUE +schemaIdGuid: bf967a78-0de6-11d0-a285-00aa003049e2 +systemOnly: TRUE +searchFlags: 0 +mapiID: 12295 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT |FLAG_ATTR_REQ_PARTIAL_SET_MEMBER +schemaFlagsEx: FLAG_ATTR_IS_CRITICAL + +cn: Winsock-Addresses +ldapDisplayName: winsockAddresses +attributeId: 1.2.840.113556.1.4.142 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: bf967a79-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: WWW-Home-Page +ldapDisplayName: wWWHomePage +attributeId: 1.2.840.113556.1.2.464 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: TRUE +schemaIdGuid: bf967a7a-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 2048 +attributeSecurityGuid: e45795b3-9455-11d1-aebd-0000f80367c1 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: WWW-Page-Other +ldapDisplayName: url +attributeId: 1.2.840.113556.1.4.749 +attributeSyntax: 2.5.5.12 +omSyntax: 64 +isSingleValued: FALSE +schemaIdGuid: 9a9a0221-4a5b-11d1-a9c3-0000f80367c1 +systemOnly: FALSE +searchFlags: 0 +attributeSecurityGuid: e45795b3-9455-11d1-aebd-0000f80367c1 +mapiID: 33141 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: X121-Address +ldapDisplayName: x121Address +attributeId: 2.5.4.24 +attributeSyntax: 2.5.5.6 +omSyntax: 18 +isSingleValued: FALSE +schemaIdGuid: bf967a7b-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeLower: 1 +rangeUpper: 15 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 33112 +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: x500uniqueIdentifier +ldapDisplayName: x500uniqueIdentifier +attributeId: 2.5.4.45 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: d07da11f-8a3d-42b6-b0aa-76c962be719a +systemOnly: FALSE +searchFlags: 0 +systemFlags: 0 + +cn: X509-Cert +ldapDisplayName: userCertificate +attributeId: 2.5.4.36 +attributeSyntax: 2.5.5.10 +omSyntax: 4 +isSingleValued: FALSE +schemaIdGuid: bf967a7f-0de6-11d0-a285-00aa003049e2 +systemOnly: FALSE +searchFlags: 0 +rangeUpper: 32768 +attributeSecurityGuid: 77b5b886-944a-11d1-aebd-0000f80367c1 +mapiID: 35946 +isMemberOfPartialAttributeSet: TRUE +systemFlags: FLAG_SCHEMA_BASE_OBJECT + diff --git a/source4/setup/ad-schema/MS-AD_Schema_2K8_R2_Classes.txt b/source4/setup/ad-schema/MS-AD_Schema_2K8_R2_Classes.txt new file mode 100644 index 0000000000..27beb3546e --- /dev/null +++ b/source4/setup/ad-schema/MS-AD_Schema_2K8_R2_Classes.txt @@ -0,0 +1,3577 @@ +#Intellectual Property Rights Notice for Protocol Documentation +#• Copyrights. This protocol documentation is covered by Microsoft copyrights. Regardless of any other terms that are contained in the terms of use for the Microsoft website that hosts this documentation, you may make copies of it in order to develop implementations of the protocols, and may distribute portions of it in your implementations of the protocols or your documentation as necessary to properly document the implementation. You may also distribute in your implementation, with or without modification, any schema, IDL’s, or code samples that are included in the documentation. This permission also applies to any documents that are referenced in the protocol documentation. +#• No Trade Secrets. Microsoft does not claim any trade secret rights in this documentation. +#• Patents. Microsoft has patents that may cover your implementations of the protocols. Neither this notice nor Microsoft's delivery of the documentation grants any licenses under those or any other Microsoft patents. However, the protocols may be covered by Microsoft’s Open Specification Promise (available here: http://www.microsoft.com/interop/osp). If you would prefer a written license, or if the protocols are not covered by the OSP, patent licenses are available by contacting protocol@microsoft.com. +#• Trademarks. The names of companies and products contained in this documentation may be covered by trademarks or similar intellectual property rights. This notice does not grant any licenses under those rights. +#Reservation of Rights. All other rights are reserved, and this notice does not grant any rights other than specifically described above, whether by implication, estoppel, or otherwise. +#Tools. This protocol documentation is intended for use in conjunction with publicly available standard specifications and network programming art, and assumes that the reader either is familiar with the aforementioned material or has immediate access to it. A protocol specification does not require the use of Microsoft programming tools or programming environments in order for you to develop an implementation. If you have access to Microsoft programming tools and environments you are free to take advantage of them. +# + + +cn: account +ldapDisplayName: account +governsId: 0.9.2342.19200300.100.4.5 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mayContain: uid, host, ou, o, l, seeAlso, description +possSuperiors: organizationalUnit, container +schemaIdGuid:2628a46a-a6ad-4ae0-b854-2b12d9fe6f9e +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLOLORCWOWDSDDTDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=account,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: ACS-Policy +ldapDisplayName: aCSPolicy +governsId: 1.2.840.113556.1.5.137 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: aCSTotalNoOfFlows, aCSTimeOfDay, aCSServiceType,aCSPriority, aCSPermissionBits, aCSMinimumDelayVariation,aCSMinimumLatency, aCSMaximumSDUSize, aCSMinimumPolicedSize,aCSMaxTokenRatePerFlow, aCSMaxTokenBucketPerFlow,aCSMaxPeakBandwidthPerFlow, aCSMaxDurationPerFlow,aCSMaxAggregatePeakRatePerUser, aCSIdentityName, aCSDirection,aCSAggregateTokenRatePerUser +systemPossSuperiors: container +schemaIdGuid:7f561288-5301-11d1-a9c5-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLOLORCWOWDSDDTDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ACS-Policy,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Resource-Limits +ldapDisplayName: aCSResourceLimits +governsId: 1.2.840.113556.1.5.191 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: aCSMaxTokenRatePerFlow, aCSServiceType,aCSMaxPeakBandwidthPerFlow, aCSMaxPeakBandwidth,aCSAllocableRSVPBandwidth +systemPossSuperiors: container +schemaIdGuid:2e899b04-2834-11d3-91d4-0000f87a57d4 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLOLORCWOWDSDDTDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ACS-Resource-Limits,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ACS-Subnet +ldapDisplayName: aCSSubnet +governsId: 1.2.840.113556.1.5.138 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: aCSServerList, aCSRSVPLogFilesLocation,aCSRSVPAccountFilesLocation, aCSNonReservedTxSize,aCSNonReservedTxLimit, aCSNonReservedTokenSize,aCSNonReservedPeakRate, aCSNonReservedMinPolicedSize,aCSNonReservedMaxSDUSize, aCSMaxTokenRatePerFlow,aCSMaxSizeOfRSVPLogFile, aCSMaxSizeOfRSVPAccountFile,aCSMaxPeakBandwidthPerFlow, aCSMaxPeakBandwidth, aCSMaxNoOfLogFiles,aCSMaxNoOfAccountFiles, aCSMaxDurationPerFlow, aCSEventLogLevel,aCSEnableRSVPMessageLogging, aCSEnableRSVPAccounting,aCSEnableACSService, aCSDSBMRefresh, aCSDSBMPriority,aCSDSBMDeadTime, aCSCacheTimeout, aCSAllocableRSVPBandwidth +systemPossSuperiors: container +schemaIdGuid:7f561289-5301-11d1-a9c5-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ACS-Subnet,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Address-Book-Container +ldapDisplayName: addressBookContainer +governsId: 1.2.840.113556.1.5.125 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: displayName +systemMayContain: purportedSearch +systemPossSuperiors: addressBookContainer, configuration +schemaIdGuid:3e74f60f-3e73-11d1-a9c0-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(OA;;CR;a1990816-4298-11d1-ade2-00c04fd8d5cd;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Address-Book-Container,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Address-Template +ldapDisplayName: addressTemplate +governsId: 1.2.840.113556.1.3.58 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: displayTemplate +systemMustContain: displayName +systemMayContain: proxyGenerationEnabled, perRecipDialogDisplayTable,perMsgDialogDisplayTable, addressType, addressSyntax +systemPossSuperiors: container +schemaIdGuid:5fd4250a-1262-11d0-a060-00aa006c33ed +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Address-Template,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: Application-Entity +ldapDisplayName: applicationEntity +governsId: 2.5.6.12 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: presentationAddress, cn +systemMayContain: supportedApplicationContext, seeAlso, ou, o, l +systemPossSuperiors: applicationProcess, organizationalUnit,container +schemaIdGuid:3fdfee4f-47f4-11d1-a9c3-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Application-Entity,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Application-Process +ldapDisplayName: applicationProcess +governsId: 2.5.6.11 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: cn +systemMayContain: seeAlso, ou, l +systemPossSuperiors: organizationalUnit, organization, container,computer +schemaIdGuid:5fd4250b-1262-11d0-a060-00aa006c33ed +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: TRUE +defaultObjectCategory: CN=Application-Process,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Application-Settings +ldapDisplayName: applicationSettings +governsId: 1.2.840.113556.1.5.7000.49 +objectClassCategory: 2 +rdnAttId: cn +subClassOf: top +systemMayContain: notificationList, msDS-Settings, applicationName +systemPossSuperiors: server +schemaIdGuid:f780acc1-56f0-11d1-a9c6-0000f80367c1 +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Application-Settings,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Application-Site-Settings +ldapDisplayName: applicationSiteSettings +governsId: 1.2.840.113556.1.5.68 +objectClassCategory: 2 +rdnAttId: cn +subClassOf: top +systemMayContain: notificationList, applicationName +systemPossSuperiors: site +schemaIdGuid:19195a5c-6da0-11d0-afd3-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Application-Site-Settings,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Application-Version +ldapDisplayName: applicationVersion +governsId: 1.2.840.113556.1.5.216 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: applicationSettings +mayContain: owner, managedBy, keywords, versionNumberLo,versionNumberHi, versionNumber, vendor, appSchemaVersion +possSuperiors: organizationalUnit, computer, container +schemaIdGuid:ddc790ac-af4d-442a-8f0f-a1d4caa7dd92 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Application-Version,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: 0 + +cn: Attribute-Schema +ldapDisplayName: attributeSchema +governsId: 1.2.840.113556.1.3.14 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: schemaIDGUID, oMSyntax, lDAPDisplayName,isSingleValued, cn, attributeSyntax, attributeID +systemMayContain: systemOnly, searchFlags, schemaFlagsEx, rangeUpper,rangeLower, oMObjectClass, msDs-Schema-Extensions, msDS-IntId,mAPIID, linkID, isMemberOfPartialAttributeSet, isEphemeral,isDefunct, extendedCharsAllowed, classDisplayName,attributeSecurityGUID +systemPossSuperiors: dMD +schemaIdGuid:bf967a80-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:S: +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Attribute-Schema,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_DOMAIN_DISALLOW_RENAME + +cn: BootableDevice +ldapDisplayName: bootableDevice +governsId: 1.3.6.1.1.1.2.12 +objectClassCategory: 3 +rdnAttId: cn +subClassOf: top +mayContain: cn, bootParameter, bootFile +schemaIdGuid:4bcb2477-4bb3-4545-a9fc-fb66e136b435 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=BootableDevice,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: Builtin-Domain +ldapDisplayName: builtinDomain +governsId: 1.2.840.113556.1.5.4 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemAuxiliaryClass: samDomainBase +systemPossSuperiors: domainDNS +schemaIdGuid:bf967a81-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Builtin-Domain,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Category-Registration +ldapDisplayName: categoryRegistration +governsId: 1.2.840.113556.1.5.74 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: leaf +systemMayContain: managedBy, localizedDescription, localeID,categoryId +systemPossSuperiors: classStore +schemaIdGuid:7d6c0e9d-7e20-11d0-afd6-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Category-Registration,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Certification-Authority +ldapDisplayName: certificationAuthority +governsId: 2.5.6.16 +objectClassCategory: 0 +rdnAttId: cn +subClassOf: top +systemMustContain: cn, certificateRevocationList, cACertificate,authorityRevocationList +systemMayContain: teletexTerminalIdentifier,supportedApplicationContext, signatureAlgorithms, searchGuide,previousParentCA, previousCACertificates, pendingParentCA,pendingCACertificates, parentCACertificateChain, parentCA,enrollmentProviders, domainPolicyObject, domainID, dNSHostName,deltaRevocationList, currentParentCA, crossCertificatePair,cRLObject, certificateTemplates, cAWEBURL, cAUsages, cAConnect,cACertificateDN +systemPossSuperiors: container +schemaIdGuid:3fdfee50-47f4-11d1-a9c3-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Certification-Authority,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Class-Registration +ldapDisplayName: classRegistration +governsId: 1.2.840.113556.1.5.10 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: leaf +systemMayContain: requiredCategories, managedBy,implementedCategories, cOMTreatAsClassId, cOMProgID,cOMOtherProgId, cOMInterfaceID, cOMCLSID +systemPossSuperiors: classStore +schemaIdGuid:bf967a82-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Class-Registration,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Class-Schema +ldapDisplayName: classSchema +governsId: 1.2.840.113556.1.3.13 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: subClassOf, schemaIDGUID, objectClassCategory,governsID, defaultObjectCategory, cn +systemMayContain: systemPossSuperiors, systemOnly, systemMustContain,systemMayContain, systemAuxiliaryClass, schemaFlagsEx, rDNAttID,possSuperiors, mustContain, msDs-Schema-Extensions, msDS-IntId,mayContain, lDAPDisplayName, isDefunct, defaultSecurityDescriptor,defaultHidingValue, classDisplayName, auxiliaryClass +systemPossSuperiors: dMD +schemaIdGuid:bf967a83-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:S: +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Class-Schema,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_DOMAIN_DISALLOW_RENAME + +cn: Class-Store +ldapDisplayName: classStore +governsId: 1.2.840.113556.1.5.44 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: versionNumber, nextLevelStore, lastUpdateSequence,appSchemaVersion +systemPossSuperiors: domainPolicy, computer, group, user, classStore,organizationalUnit, domainDNS, container +schemaIdGuid:bf967a84-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Class-Store,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Com-Connection-Point +ldapDisplayName: comConnectionPoint +governsId: 1.2.840.113556.1.5.11 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: connectionPoint +systemMustContain: cn +systemMayContain: monikerDisplayName, moniker, marshalledInterface +systemPossSuperiors: container +schemaIdGuid:bf967a85-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Com-Connection-Point,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Computer +ldapDisplayName: computer +governsId: 1.2.840.113556.1.3.30 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: user +auxiliaryClass: ipHost +mayContain: msSFU30Aliases, msSFU30NisDomain, nisMapName,msSFU30Name +systemMayContain: msTSEndpointData, msTSEndpointType,msTSEndpointPlugin, msDS-HostServiceAccount,msDS-IsUserCachableAtRodc, msTSProperty02,msTSProperty01, msTPM-OwnerInformation, msDS-RevealOnDemandGroup,msDS-NeverRevealGroup, msDS-PromotionSettings, msDS-SiteName,msDS-isRODC, msDS-isGC, msDS-AuthenticatedAtDC, msDS-RevealedList,msDS-RevealedUsers, msDS-ExecuteScriptPassword, msDS-KrbTgtLink,volumeCount, siteGUID, rIDSetReferences, policyReplicationFlags,physicalLocationObject, operatingSystemVersion,operatingSystemServicePack, operatingSystemHotfix, operatingSystem,networkAddress, netbootSIFFile, netbootMirrorDataFile,netbootMachineFilePath, netbootInitialization, netbootGUID,msDS-AdditionalSamAccountName, msDS-AdditionalDnsHostName,managedBy, machineRole, location, localPolicyFlags, dNSHostName,defaultLocalPolicyObject, cn, catalogs, msTSPrimaryDesktopBL, msTSSecondaryDesktopBL +systemPossSuperiors: container, organizationalUnit, domainDNS +schemaIdGuid:bf967a86-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;AO)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPCRLCLORCSDDT;;;CO)(OA;;WP;4c164200-20c0-11d0-a768-00aa006e0529;;CO)(A;;RPLCLORC;;;AU)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;WD)(A;;CCDC;;;PS)(OA;;CCDC;bf967aa8-0de6-11d0-a285-00aa003049e2;;PO)(OA;;RPWP;bf967a7f-0de6-11d0-a285-00aa003049e2;;CA)(OA;;SW;f3a64788-5306-11d1-a9c5-0000f80367c1;;PS)(OA;;RPWP;77B5B886-944A-11d1-AEBD-0000F80367C1;;PS)(OA;;SW;72e39547-7b18-11d1-adef-00c04fd8d5cd;;PS)(OA;;SW;72e39547-7b18-11d1-adef-00c04fd8d5cd;;CO)(OA;;SW;f3a64788-5306-11d1-a9c5-0000f80367c1;;CO)(OA;;WP;3e0abfd0-126a-11d0-a060-00aa006c33ed;bf967a86-0de6-11d0-a285-00aa003049e2;CO)(OA;;WP;5f202010-79a5-11d0-9020-00c04fc2d4cf;bf967a86-0de6-11d0-a285-00aa003049e2;CO)(OA;;WP;bf967950-0de6-11d0-a285-00aa003049e2;bf967a86-0de6-11d0-a285-00aa003049e2;CO)(OA;;WP;bf967953-0de6-11d0-a285-00aa003049e2;bf967a86-0de6-11d0-a285-00aa003049e2;CO)(OA;;RP;46a9b11d-60ae-405a-b7e8-ff8a58d456d2;;S-1-5-32-560) +defaultHidingValue: FALSE +systemOnly: FALSE +defaultObjectCategory: CN=Computer,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Configuration +ldapDisplayName: configuration +governsId: 1.2.840.113556.1.5.12 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: cn +systemMayContain: msDS-USNLastSyncSuccess, gPOptions, gPLink +systemPossSuperiors: domainDNS +schemaIdGuid:bf967a87-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: TRUE +defaultObjectCategory: CN=Configuration,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Connection-Point +ldapDisplayName: connectionPoint +governsId: 1.2.840.113556.1.5.14 +objectClassCategory: 2 +rdnAttId: cn +subClassOf: leaf +systemMustContain: cn +systemMayContain: msDS-Settings, managedBy, keywords +systemPossSuperiors: container, computer +schemaIdGuid:5cb41ecf-0e4c-11d0-a286-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Connection-Point,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Contact +ldapDisplayName: contact +governsId: 1.2.840.113556.1.5.15 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: organizationalPerson +systemAuxiliaryClass: mailRecipient +systemMustContain: cn +mayContain: msDS-SourceObjectDN +systemMayContain: notes +systemPossSuperiors: organizationalUnit, domainDNS +schemaIdGuid:5cb41ed0-0e4c-11d0-a286-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: FALSE +systemOnly: FALSE +defaultObjectCategory: CN=Person,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Container +ldapDisplayName: container +governsId: 1.2.840.113556.1.3.23 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: cn +mayContain: msDS-ObjectReference +systemMayContain: schemaVersion, defaultClassStore +systemPossSuperiors: msDS-AzScope, msDS-AzApplication,msDS-AzAdminManager, subnet, server, nTDSService, domainDNS,organization, configuration, container, organizationalUnit +schemaIdGuid:bf967a8b-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Container,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Control-Access-Right +ldapDisplayName: controlAccessRight +governsId: 1.2.840.113556.1.5.77 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: validAccesses, rightsGuid, localizationDisplayId,appliesTo +systemPossSuperiors: container +schemaIdGuid:8297931e-86d3-11d0-afda-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Control-Access-Right,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Country +ldapDisplayName: country +governsId: 2.5.6.2 +objectClassCategory: 0 +rdnAttId: c +subClassOf: top +systemMustContain: c +systemMayContain: co, searchGuide +systemPossSuperiors: domainDNS, organization +schemaIdGuid:bf967a8c-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Country,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: CRL-Distribution-Point +ldapDisplayName: cRLDistributionPoint +governsId: 2.5.6.19 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: cn +systemMayContain: deltaRevocationList, cRLPartitionedRevocationList,certificateRevocationList, certificateAuthorityObject,authorityRevocationList +systemPossSuperiors: container +schemaIdGuid:167758ca-47f3-11d1-a9c3-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=CRL-Distribution-Point,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Cross-Ref +ldapDisplayName: crossRef +governsId: 1.2.840.113556.1.3.11 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: nCName, dnsRoot, cn +systemMayContain: msDS-NC-RO-Replica-Locations, trustParent,superiorDNSRoot, rootTrust, nTMixedDomain, nETBIOSName, Enabled,msDS-SDReferenceDomain,msDS-Replication-Notify-Subsequent-DSA-Delay,msDS-Replication-Notify-First-DSA-Delay, msDS-NC-Replica-Locations,msDS-DnsRootAlias, msDS-Behavior-Version +systemPossSuperiors: crossRefContainer +schemaIdGuid:bf967a8d-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Cross-Ref,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Cross-Ref-Container +ldapDisplayName: crossRefContainer +governsId: 1.2.840.113556.1.5.7000.53 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: msDS-EnabledFeature, msDS-SPNSuffixes, uPNSuffixes,msDS-UpdateScript, msDS-ExecuteScriptPassword, msDS-Behavior-Version +systemPossSuperiors: configuration +schemaIdGuid:ef9e60e0-56f7-11d1-a9c6-0000f80367c1 +defaultSecurityDescriptor: D:(A;;GA;;;SY) +defaultHidingValue: FALSE +systemOnly: TRUE +defaultObjectCategory: CN=Cross-Ref-Container,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Device +ldapDisplayName: device +governsId: 2.5.6.14 +objectClassCategory: 0 +rdnAttId: cn +subClassOf: top +auxiliaryClass: ipHost, ieee802Device, bootableDevice +systemMustContain: cn +mayContain: msSFU30Name, msSFU30NisDomain, nisMapName, msSFU30Aliases +systemMayContain: serialNumber, seeAlso, owner, ou, o, l +systemPossSuperiors: domainDNS, organizationalUnit, organization,container +schemaIdGuid:bf967a8e-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Device,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Dfs-Configuration +ldapDisplayName: dfsConfiguration +governsId: 1.2.840.113556.1.5.42 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemPossSuperiors: container, domainDNS +schemaIdGuid:8447f9f2-1027-11d0-a05f-00aa006c33ed +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Dfs-Configuration,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: DHCP-Class +ldapDisplayName: dHCPClass +governsId: 1.2.840.113556.1.5.132 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: dhcpUniqueKey, dhcpType, dhcpIdentification,dhcpFlags +systemMayContain: superScopes, superScopeDescription,optionsLocation, optionDescription, networkAddress, mscopeId,dhcpUpdateTime, dhcpSubnets, dhcpState, dhcpSites, dhcpServers,dhcpReservations, dhcpRanges, dhcpProperties, dhcpOptions,dhcpObjName, dhcpObjDescription, dhcpMaxKey, dhcpMask, dhcpClasses +systemPossSuperiors: container +schemaIdGuid:963d2756-48be-11d1-a9c3-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=DHCP-Class,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Display-Specifier +ldapDisplayName: displaySpecifier +governsId: 1.2.840.113556.1.5.84 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: treatAsLeaf, shellPropertyPages, shellContextMenu,scopeFlags, queryFilter, iconPath, extraColumns, creationWizard,createWizardExt, createDialog, contextMenu, classDisplayName,attributeDisplayNames, adminPropertyPages,adminMultiselectPropertyPages, adminContextMenu +systemPossSuperiors: container +schemaIdGuid:e0fa1e8a-9b45-11d0-afdd-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Display-Specifier,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Display-Template +ldapDisplayName: displayTemplate +governsId: 1.2.840.113556.1.3.59 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: cn +systemMayContain: originalDisplayTableMSDOS, originalDisplayTable,helpFileName, helpData32, helpData16, addressEntryDisplayTableMSDOS,addressEntryDisplayTable +systemPossSuperiors: container +schemaIdGuid:5fd4250c-1262-11d0-a060-00aa006c33ed +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Display-Template,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: DMD +ldapDisplayName: dMD +governsId: 1.2.840.113556.1.3.9 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: cn +systemMayContain: msDS-USNLastSyncSuccess, schemaUpdate, schemaInfo,prefixMap, msDs-Schema-Extensions, msDS-IntId, dmdName +systemPossSuperiors: configuration +schemaIdGuid:bf967a8f-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +defaultObjectCategory: CN=DMD,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT +systemOnly: TRUE + +cn: Dns-Node +ldapDisplayName: dnsNode +governsId: 1.2.840.113556.1.5.86 +objectClassCategory: 1 +rdnAttId: dc +subClassOf: top +systemMustContain: dc +systemMayContain: dNSTombstoned, dnsRecord, dNSProperty +systemPossSuperiors: dnsZone +schemaIdGuid:e0fa1e8c-9b45-11d0-afdd-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;ED)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO)(A;;RPLCLORC;;;WD) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Dns-Node,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Dns-Zone +ldapDisplayName: dnsZone +governsId: 1.2.840.113556.1.5.85 +objectClassCategory: 1 +rdnAttId: dc +subClassOf: top +systemMustContain: dc +systemMayContain: managedBy, dnsSecureSecondaries, dNSProperty,dnsNotifySecondaries, dnsAllowXFR, dnsAllowDynamic +systemPossSuperiors: container +schemaIdGuid:e0fa1e8b-9b45-11d0-afdd-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;ED)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;CC;;;AU)(A;;RPLCLORC;;;WD)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Dns-Zone,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: document +ldapDisplayName: document +governsId: 0.9.2342.19200300.100.4.6 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mayContain: documentIdentifier, documentPublisher, documentLocation,documentAuthor, documentVersion, documentTitle, ou, o, l, seeAlso,description, cn +possSuperiors: organizationalUnit, container +schemaIdGuid:39bad96d-c2d6-4baf-88ab-7e4207600117 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLOLORCWOWDSDDTDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=document,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: documentSeries +ldapDisplayName: documentSeries +governsId: 0.9.2342.19200300.100.4.9 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mustContain: cn +mayContain: telephoneNumber, ou, o, l, seeAlso, description +possSuperiors: organizationalUnit, container +schemaIdGuid:7a2be07c-302f-4b96-bc90-0795d66885f8 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLOLORCWOWDSDDTDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=documentSeries,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: Domain +ldapDisplayName: domain +governsId: 1.2.840.113556.1.5.66 +objectClassCategory: 2 +rdnAttId: dc +subClassOf: top +systemMustContain: dc +systemPossSuperiors: domain, organization +schemaIdGuid:19195a5a-6da0-11d0-afd3-00c04fd930c9 +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Domain-DNS,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Domain-DNS +ldapDisplayName: domainDNS +governsId: 1.2.840.113556.1.5.67 +objectClassCategory: 1 +rdnAttId: dc +subClassOf: domain +systemAuxiliaryClass: samDomain +systemMayContain: msDS-EnabledFeature, msDS-USNLastSyncSuccess,msDS-Behavior-Version, msDS-AllowedDNSSuffixes, managedBy +systemPossSuperiors: domainDNS +schemaIdGuid:19195a5b-6da0-11d0-afd3-00c04fd930c9 +defaultSecurityDescriptor: D:(OA;;CR;1131f6aa-9c07-11d1-f79f-00c04fc2dcd2;;S-1 + -5-21-2848215498-2472035911-1947525656-498)(A;;RP;;;WD)(OA;;CR;1131f6aa-9c07- + 11d1-f79f-00c04fc2dcd2;;ED)(OA;;CR;1131f6ab-9c07-11d1-f79f-00c04fc2dcd2;;ED)( + OA;;CR;1131f6ac-9c07-11d1-f79f-00c04fc2dcd2;;ED)(OA;;CR;1131f6aa-9c07-11d1-f7 + 9f-00c04fc2dcd2;;BA)(OA;;CR;1131f6ab-9c07-11d1-f79f-00c04fc2dcd2;;BA)(OA;;CR; + 1131f6ac-9c07-11d1-f79f-00c04fc2dcd2;;BA)(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCRC + WDWOSW;;;DA)(A;CI;RPWPCRLCLOCCRCWDWOSDSW;;;BA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW; + ;;SY)(A;CI;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;EA)(A;CI;LC;;;RU)(OA;CIIO;RP;037088f8 + -0ae1-11d2-b422-00a0c968f939;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIIO + ;RP;59ba2f42-79a2-11d0-9020-00c04fc2d3cf;bf967aba-0de6-11d0-a285-00aa003049e2 + ;RU)(OA;CIIO;RP;bc0ac240-79a9-11d0-9020-00c04fc2d4cf;bf967aba-0de6-11d0-a285- + 00aa003049e2;RU)(OA;CIIO;RP;4c164200-20c0-11d0-a768-00aa006e0529;bf967aba-0de + 6-11d0-a285-00aa003049e2;RU)(OA;CIIO;RP;5f202010-79a5-11d0-9020-00c04fc2d4cf; + bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;;RP;c7407360-20bf-11d0-a768-00aa0 + 06e0529;;RU)(OA;CIIO;RPLCLORC;;bf967a9c-0de6-11d0-a285-00aa003049e2;RU)(A;;RP + RC;;;RU)(OA;CIIO;RPLCLORC;;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(A;;LCRPLO + RC;;;ED)(OA;CIIO;RP;037088f8-0ae1-11d2-b422-00a0c968f939;4828CC14-1437-45bc-9 + B07-AD6F015E5F28;RU)(OA;CIIO;RP;59ba2f42-79a2-11d0-9020-00c04fc2d3cf;4828CC14 + -1437-45bc-9B07-AD6F015E5F28;RU)(OA;CIIO;RP;bc0ac240-79a9-11d0-9020-00c04fc2d + 4cf;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;CIIO;RP;4c164200-20c0-11d0-a7 + 68-00aa006e0529;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;CIIO;RP;5f202010- + 79a5-11d0-9020-00c04fc2d4cf;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;CIIO; + RPLCLORC;;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;;RP;b8119fd0-04f6-4762- + ab7a-4986c76b3f9a;;RU)(OA;;RP;b8119fd0-04f6-4762-ab7a-4986c76b3f9a;;AU)(OA;CI + IO;RP;b7c69e6d-2cc7-11d2-854e-00a0c983f608;bf967aba-0de6-11d0-a285-00aa003049 + e2;ED)(OA;CIIO;RP;b7c69e6d-2cc7-11d2-854e-00a0c983f608;bf967a9c-0de6-11d0-a28 + 5-00aa003049e2;ED)(OA;CIIO;RP;b7c69e6d-2cc7-11d2-854e-00a0c983f608;bf967a86-0 + de6-11d0-a285-00aa003049e2;ED)(OA;;CR;1131f6ad-9c07-11d1-f79f-00c04fc2dcd2;;D + D)(OA;;CR;89e95b76-444d-4c62-991a-0facbeda640c;;ED)(OA;;CR;1131f6ad-9c07-11d1 + -f79f-00c04fc2dcd2;;BA)(OA;;CR;89e95b76-444d-4c62-991a-0facbeda640c;;BA)(OA;; + CR;e2a36dc9-ae17-47c3-b58b-be34c55ba633;;S-1-5-32-557)(OA;;CR;280f369c-67c7-4 + 38e-ae98-1d46f3c6f541;;AU)(OA;;CR;ccc2dc7d-a6ad-4a7a-8846-c04e3cc53501;;AU)(O + A;;CR;05c74c5e-4deb-43b4-bd9f-86664c2a7fd5;;AU)(OA;;CR;1131f6ae-9c07-11d1-f79 + f-00c04fc2dcd2;;ED)(OA;;CR;1131f6ae-9c07-11d1-f79f-00c04fc2dcd2;;BA)(OA;CIIO; + CRRPWP;91e647de-d96f-4b70-9557-d63ff4f3ccd8;;PS)S:(AU;SA;WDWOWP;;;WD)(AU;SA;C + R;;;BA)(AU;SA;CR;;;DU)(OU;CISA;WP;f30e3bbe-9ff0-11d1-b603-0000f80367c1;bf967a + a5-0de6-11d0-a285-00aa003049e2;WD)(OU;CISA;WP;f30e3bbf-9ff0-11d1-b603-0000f80 + 367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD) +defaultHidingValue: FALSE +systemOnly: FALSE +defaultObjectCategory: CN=Domain-DNS,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Domain-Policy +ldapDisplayName: domainPolicy +governsId: 1.2.840.113556.1.5.18 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: leaf +systemMayContain: qualityOfService, pwdProperties, pwdHistoryLength,publicKeyPolicy, proxyLifetime, minTicketAge, minPwdLength,minPwdAge, maxTicketAge, maxRenewAge, maxPwdAge, managedBy,lockoutThreshold, lockoutDuration, lockOutObservationWindow,ipsecPolicyReference, forceLogoff, eFSPolicy, domainWidePolicy,domainPolicyReference, domainCAs, defaultLocalPolicyObject,authenticationOptions +systemPossSuperiors: organizationalUnit, domainDNS, container +schemaIdGuid:bf967a99-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Domain-Policy,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: domainRelatedObject +ldapDisplayName: domainRelatedObject +governsId: 0.9.2342.19200300.100.4.17 +objectClassCategory: 3 +rdnAttId: cn +subClassOf: top +mayContain: associatedDomain +schemaIdGuid:8bfd2d3d-efda-4549-852c-f85e137aedc6 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLOLORCWOWDSDDTDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=domainRelatedObject,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: DSA +ldapDisplayName: dSA +governsId: 2.5.6.13 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: applicationEntity +systemMayContain: knowledgeInformation +systemPossSuperiors: server, computer +schemaIdGuid:3fdfee52-47f4-11d1-a9c3-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=DSA,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: DS-UI-Settings +ldapDisplayName: dSUISettings +governsId: 1.2.840.113556.1.5.183 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: msDS-Non-Security-Group-Extra-Classes,msDS-Security-Group-Extra-Classes, msDS-FilterContainers,dSUIShellMaximum, dSUIAdminNotification, dSUIAdminMaximum +systemPossSuperiors: container +schemaIdGuid:09b10f14-6f93-11d2-9905-0000f87a57d4 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=DS-UI-Settings,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Dynamic-Object +ldapDisplayName: dynamicObject +governsId: 1.3.6.1.4.1.1466.101.119.2 +objectClassCategory: 3 +rdnAttId: cn +subClassOf: top +systemMayContain: msDS-Entry-Time-To-Die, entryTTL +schemaIdGuid:66d51249-3355-4c1f-b24e-81f252aca23b +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Dynamic-Object,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: File-Link-Tracking +ldapDisplayName: fileLinkTracking +governsId: 1.2.840.113556.1.5.52 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemPossSuperiors: container +schemaIdGuid:dd712229-10e4-11d0-a05f-00aa006c33ed +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=File-Link-Tracking,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: File-Link-Tracking-Entry +ldapDisplayName: fileLinkTrackingEntry +governsId: 1.2.840.113556.1.5.59 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemPossSuperiors: fileLinkTracking +schemaIdGuid:8e4eb2ed-4712-11d0-a1a0-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=File-Link-Tracking-Entry,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Foreign-Security-Principal +ldapDisplayName: foreignSecurityPrincipal +governsId: 1.2.840.113556.1.5.76 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: objectSid +systemMayContain: foreignIdentifier +systemPossSuperiors: container +schemaIdGuid:89e31c12-8530-11d0-afda-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;AO)(A;;RPLCLORC;;;PS)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;CR;ab721a54-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;CR;ab721a56-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;RPWP;77B5B886-944A-11d1-AEBD-0000F80367C1;;PS)(OA;;RPWP;E45795B2-9455-11d1-AEBD-0000F80367C1;;PS)(OA;;RPWP;E45795B3-9455-11d1-AEBD-0000F80367C1;;PS)(A;;RC;;;AU)(OA;;RP;59ba2f42-79a2-11d0-9020-00c04fc2d3cf;;AU)(OA;;RP;77B5B886-944A-11d1-AEBD-0000F80367C1;;AU)(OA;;RP;E45795B3-9455-11d1-AEBD-0000F80367C1;;AU)(OA;;RP;e48d0154-bcf8-11d1-8702-00c04fb96050;;AU)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;WD) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Foreign-Security-Principal,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: friendlyCountry +ldapDisplayName: friendlyCountry +governsId: 0.9.2342.19200300.100.4.18 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: country +mustContain: co +schemaIdGuid:c498f152-dc6b-474a-9f52-7cdba3d7d351 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLOLORCWOWDSDDTDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=friendlyCountry,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: FT-Dfs +ldapDisplayName: fTDfs +governsId: 1.2.840.113556.1.5.43 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: remoteServerName, pKTGuid, pKT +systemMayContain: uNCName, managedBy, keywords +systemPossSuperiors: dfsConfiguration +schemaIdGuid:8447f9f3-1027-11d0-a05f-00aa006c33ed +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=FT-Dfs,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Group +ldapDisplayName: group +governsId: 1.2.840.113556.1.5.8 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +auxiliaryClass: posixGroup +systemAuxiliaryClass: mailRecipient, securityPrincipal +systemMustContain: groupType +mayContain: msSFU30Name, msSFU30NisDomain, msSFU30PosixMember +systemMayContain: msDS-AzApplicationData,msDS-AzLastImportedBizRulePath, msDS-AzBizRuleLanguage,msDS-AzBizRule, msDS-AzGenericData, msDS-AzObjectGuid,primaryGroupToken, operatorCount, nTGroupMembers, nonSecurityMember,msDS-NonMembers, msDS-AzLDAPQuery, member, managedBy,groupMembershipSAM, groupAttributes, mail, desktopProfile,controlAccessRights, adminCount +systemPossSuperiors: msDS-AzScope, msDS-AzApplication,msDS-AzAdminManager, container, builtinDomain, organizationalUnit,domainDNS +schemaIdGuid:bf967a9c-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;AO)(A;;RPLCLORC;;;PS)(OA;;CR;ab721a55-1e2f-11d0-9819-00aa0040529b;;AU)(OA;;RP;46a9b11d-60ae-405a-b7e8-ff8a58d456d2;;S-1-5-32-560) +defaultHidingValue: FALSE +systemOnly: FALSE +defaultObjectCategory: CN=Group,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Group-Of-Names +ldapDisplayName: groupOfNames +governsId: 2.5.6.9 +objectClassCategory: 0 +rdnAttId: cn +subClassOf: top +systemMustContain: member, cn +systemMayContain: seeAlso, owner, ou, o, businessCategory +systemPossSuperiors: organizationalUnit, locality, organization,container +schemaIdGuid:bf967a9d-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Group-Of-Names,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: groupOfUniqueNames +ldapDisplayName: groupOfUniqueNames +governsId: 2.5.6.17 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mustContain: uniqueMember, cn +mayContain: seeAlso, owner, ou, o, description, businessCategory +possSuperiors: domainDNS, organizationalUnit, container +schemaIdGuid:0310a911-93a3-4e21-a7a3-55d85ab2c48b +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;AO)(A;;RPLCLORC;;;PS) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=groupOfUniqueNames,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: 0 + +cn: Group-Policy-Container +ldapDisplayName: groupPolicyContainer +governsId: 1.2.840.113556.1.5.157 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: container +systemMayContain: versionNumber, gPCWQLFilter, gPCUserExtensionNames,gPCMachineExtensionNames, gPCFunctionalityVersion, gPCFileSysPath,flags +schemaIdGuid:f30e3bc2-9ff0-11d1-b603-0000f80367c1 +defaultSecurityDescriptor: D:P(A;CI;RPWPCCDCLCLOLORCWOWDSDDTSW;;;DA)(A;CI;RPWPCCDCLCLOLORCWOWDSDDTSW;;;EA)(A;CI;RPWPCCDCLCLOLORCWOWDSDDTSW;;;CO)(A;CI;RPWPCCDCLCLORCWOWDSDDTSW;;;SY)(A;CI;RPLCLORC;;;AU)(OA;CI;CR;edacfd8f-ffb3-11d1-b41d-00a0c968f939;;AU)(A;CI;LCRPLORC;;;ED) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Group-Policy-Container,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: IEEE802Device +ldapDisplayName: ieee802Device +governsId: 1.3.6.1.1.1.2.11 +objectClassCategory: 3 +rdnAttId: cn +subClassOf: top +mayContain: cn, macAddress +schemaIdGuid:a699e529-a637-4b7d-a0fb-5dc466a0b8a7 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=IEEE802Device,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: Index-Server-Catalog +ldapDisplayName: indexServerCatalog +governsId: 1.2.840.113556.1.5.130 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: connectionPoint +systemMustContain: creator +systemMayContain: uNCName, queryPoint, indexedScopes, friendlyNames +systemPossSuperiors: organizationalUnit, container +schemaIdGuid:7bfdcb8a-4807-11d1-a9c3-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Index-Server-Catalog,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: inetOrgPerson +ldapDisplayName: inetOrgPerson +governsId: 2.16.840.1.113730.3.2.2 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: user +mayContain: x500uniqueIdentifier, userSMIMECertificate, userPKCS12,userCertificate, uid, secretary, roomNumber, preferredLanguage,photo, pager, o, mobile, manager, mail, labeledURI, jpegPhoto,initials, homePostalAddress, homePhone, givenName, employeeType,employeeNumber, displayName, departmentNumber, carLicense,businessCategory, audio +possSuperiors: domainDNS, organizationalUnit, container +schemaIdGuid:4828cc14-1437-45bc-9b07-ad6f015e5f28 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;AO)(A;;RPLCLORC;;;PS)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;CR;ab721a54-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;CR;ab721a56-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;RPWP;77B5B886-944A-11d1-AEBD-0000F80367C1;;PS)(OA;;RPWP;E45795B2-9455-11d1-AEBD-0000F80367C1;;PS)(OA;;RPWP;E45795B3-9455-11d1-AEBD-0000F80367C1;;PS)(OA;;RP;037088f8-0ae1-11d2-b422-00a0c968f939;;RS)(OA;;RP;4c164200-20c0-11d0-a768-00aa006e0529;;RS)(OA;;RP;bc0ac240-79a9-11d0-9020-00c04fc2d4cf;;RS)(A;;RC;;;AU)(OA;;RP;59ba2f42-79a2-11d0-9020-00c04fc2d3cf;;AU)(OA;;RP;77B5B886-944A-11d1-AEBD-0000F80367C1;;AU)(OA;;RP;E45795B3-9455-11d1-AEBD-0000F80367C1;;AU)(OA;;RP;e48d0154-bcf8-11d1-8702-00c04fb96050;;AU)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;WD)(OA;;RP;5f202010-79a5-11d0-9020-00c04fc2d4cf;;RS)(OA;;RPWP;bf967a7f-0de6-11d0-a285-00aa003049e2;;CA)(OA;;RP;46a9b11d-60ae-405a-b7e8-ff8a58d456d2;;S-1-5-32-560)(OA;;WPRP;6db69a1c-9422-11d1-aebd-0000f80367c1;;S-1-5-32-561)(OA;;WPRP;5805bc62-bdc9-4428-a5e2-856a0f4c185e;;S-1-5-32-561) +defaultHidingValue: FALSE +systemOnly: FALSE +defaultObjectCategory: CN=Person,CN=Schema,CN=Configuration,<RootDomainDN> +showInAdvancedViewOnly: FALSE +systemFlags: 0 + +cn: Infrastructure-Update +ldapDisplayName: infrastructureUpdate +governsId: 1.2.840.113556.1.5.175 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: dNReferenceUpdate +systemPossSuperiors: infrastructureUpdate, domain +schemaIdGuid:2df90d89-009f-11d2-aa4c-00c04fd7d83a +defaultSecurityDescriptor: D:(A;;GA;;;SY) +defaultHidingValue: TRUE +systemOnly: TRUE +defaultObjectCategory: CN=Infrastructure-Update,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Intellimirror-Group +ldapDisplayName: intellimirrorGroup +governsId: 1.2.840.113556.1.5.152 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemPossSuperiors: domainDNS, organizationalUnit, container +schemaIdGuid:07383086-91df-11d1-aebc-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;CCDC;;;CO)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Intellimirror-Group,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Intellimirror-SCP +ldapDisplayName: intellimirrorSCP +governsId: 1.2.840.113556.1.5.151 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: serviceAdministrationPoint +systemMayContain: netbootTools, netbootServer, netbootNewMachineOU,netbootNewMachineNamingPolicy, netbootMaxClients,netbootMachineFilePath, netbootLocallyInstalledOSes,netbootLimitClients, netbootIntelliMirrorOSes,netbootCurrentClientCount, netbootAnswerRequests,netbootAnswerOnlyValidClients, netbootAllowNewClients +systemPossSuperiors: computer, intellimirrorGroup +schemaIdGuid:07383085-91df-11d1-aebc-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Intellimirror-SCP,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Inter-Site-Transport +ldapDisplayName: interSiteTransport +governsId: 1.2.840.113556.1.5.141 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: transportDLLName, transportAddressAttribute +systemMayContain: replInterval, options +systemPossSuperiors: interSiteTransportContainer +schemaIdGuid:26d97376-6070-11d1-a9c6-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Inter-Site-Transport,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Inter-Site-Transport-Container +ldapDisplayName: interSiteTransportContainer +governsId: 1.2.840.113556.1.5.140 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemPossSuperiors: sitesContainer +schemaIdGuid:26d97375-6070-11d1-a9c6-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Inter-Site-Transport-Container,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: IpHost +ldapDisplayName: ipHost +governsId: 1.3.6.1.1.1.2.6 +objectClassCategory: 3 +rdnAttId: cn +subClassOf: top +mayContain: manager, cn, description, ipHostNumber, uid, l +schemaIdGuid:ab911646-8827-4f95-8780-5a8f008eb68f +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=IpHost,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: IpNetwork +ldapDisplayName: ipNetwork +governsId: 1.3.6.1.1.1.2.7 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mustContain: cn, ipNetworkNumber +mayContain: manager, description, ipNetmaskNumber, uid, l,msSFU30Name, msSFU30NisDomain, nisMapName, msSFU30Aliases +possSuperiors: domainDNS, nisMap, container, organizationalUnit +schemaIdGuid:d95836c3-143e-43fb-992a-b057f1ecadf9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=IpNetwork,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: IpProtocol +ldapDisplayName: ipProtocol +governsId: 1.3.6.1.1.1.2.4 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mustContain: cn, ipProtocolNumber +mayContain: description, msSFU30Name, msSFU30NisDomain, nisMapName,msSFU30Aliases +possSuperiors: domainDNS, nisMap, container, organizationalUnit +schemaIdGuid:9c2dcbd2-fbf0-4dc7-ace0-8356dcd0f013 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=IpProtocol,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: Ipsec-Base +ldapDisplayName: ipsecBase +governsId: 1.2.840.113556.1.5.7000.56 +objectClassCategory: 2 +rdnAttId: cn +subClassOf: top +systemMayContain: ipsecOwnersReference, ipsecName, ipsecID,ipsecDataType, ipsecData +schemaIdGuid:b40ff825-427a-11d1-a9c2-0000f80367c1 +defaultSecurityDescriptor: D: +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Ipsec-Base,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Ipsec-Filter +ldapDisplayName: ipsecFilter +governsId: 1.2.840.113556.1.5.118 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: ipsecBase +systemPossSuperiors: organizationalUnit, computer, container +schemaIdGuid:b40ff826-427a-11d1-a9c2-0000f80367c1 +defaultSecurityDescriptor: D: +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Ipsec-Filter,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Ipsec-ISAKMP-Policy +ldapDisplayName: ipsecISAKMPPolicy +governsId: 1.2.840.113556.1.5.120 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: ipsecBase +systemPossSuperiors: container, computer, organizationalUnit +schemaIdGuid:b40ff828-427a-11d1-a9c2-0000f80367c1 +defaultSecurityDescriptor: D: +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Ipsec-ISAKMP-Policy,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Ipsec-Negotiation-Policy +ldapDisplayName: ipsecNegotiationPolicy +governsId: 1.2.840.113556.1.5.119 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: ipsecBase +systemMayContain: iPSECNegotiationPolicyType,iPSECNegotiationPolicyAction +systemPossSuperiors: organizationalUnit, computer, container +schemaIdGuid:b40ff827-427a-11d1-a9c2-0000f80367c1 +defaultSecurityDescriptor: D: +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Ipsec-Negotiation-Policy,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Ipsec-NFA +ldapDisplayName: ipsecNFA +governsId: 1.2.840.113556.1.5.121 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: ipsecBase +systemMayContain: ipsecNegotiationPolicyReference,ipsecFilterReference +systemPossSuperiors: container, computer, organizationalUnit +schemaIdGuid:b40ff829-427a-11d1-a9c2-0000f80367c1 +defaultSecurityDescriptor: D: +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Ipsec-NFA,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Ipsec-Policy +ldapDisplayName: ipsecPolicy +governsId: 1.2.840.113556.1.5.98 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: ipsecBase +systemMayContain: ipsecNFAReference, ipsecISAKMPReference +systemPossSuperiors: organizationalUnit, computer, container +schemaIdGuid:b7b13121-b82e-11d0-afee-0000f80367c1 +defaultSecurityDescriptor: D: +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Ipsec-Policy,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: IpService +ldapDisplayName: ipService +governsId: 1.3.6.1.1.1.2.3 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mustContain: ipServiceProtocol, ipServicePort, cn +mayContain: description, msSFU30Name, msSFU30NisDomain,msSFU30Aliases, nisMapName +possSuperiors: domainDNS, nisMap, container, organizationalUnit +schemaIdGuid:2517fadf-fa97-48ad-9de6-79ac5721f864 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=IpService,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: Leaf +ldapDisplayName: leaf +governsId: 1.2.840.113556.1.5.20 +objectClassCategory: 2 +rdnAttId: cn +subClassOf: top +schemaIdGuid:bf967a9e-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Leaf,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Licensing-Site-Settings +ldapDisplayName: licensingSiteSettings +governsId: 1.2.840.113556.1.5.78 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: applicationSiteSettings +systemMayContain: siteServer +systemPossSuperiors: site +schemaIdGuid:1be8f17d-a9ff-11d0-afe2-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Licensing-Site-Settings,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Link-Track-Object-Move-Table +ldapDisplayName: linkTrackObjectMoveTable +governsId: 1.2.840.113556.1.5.91 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: fileLinkTracking +systemPossSuperiors: fileLinkTracking +schemaIdGuid:ddac0cf5-af8f-11d0-afeb-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Link-Track-Object-Move-Table,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Link-Track-OMT-Entry +ldapDisplayName: linkTrackOMTEntry +governsId: 1.2.840.113556.1.5.93 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: leaf +systemMayContain: timeRefresh, oMTIndxGuid, oMTGuid, currentLocation,birthLocation +systemPossSuperiors: linkTrackObjectMoveTable +schemaIdGuid:ddac0cf7-af8f-11d0-afeb-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Link-Track-OMT-Entry,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Link-Track-Vol-Entry +ldapDisplayName: linkTrackVolEntry +governsId: 1.2.840.113556.1.5.92 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: leaf +systemMayContain: volTableIdxGUID, volTableGUID, timeVolChange,timeRefresh, seqNotification, objectCount, linkTrackSecret,currMachineId +systemPossSuperiors: linkTrackVolumeTable +schemaIdGuid:ddac0cf6-af8f-11d0-afeb-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Link-Track-Vol-Entry,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Link-Track-Volume-Table +ldapDisplayName: linkTrackVolumeTable +governsId: 1.2.840.113556.1.5.90 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: fileLinkTracking +systemPossSuperiors: fileLinkTracking +schemaIdGuid:ddac0cf4-af8f-11d0-afeb-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Link-Track-Volume-Table,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Locality +ldapDisplayName: locality +governsId: 2.5.6.3 +objectClassCategory: 1 +rdnAttId: l +subClassOf: top +systemMustContain: l +systemMayContain: street, st, seeAlso, searchGuide +systemPossSuperiors: domainDNS, country, organizationalUnit,organization, locality +schemaIdGuid:bf967aa0-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: FALSE +systemOnly: FALSE +defaultObjectCategory: CN=Locality,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Lost-And-Found +ldapDisplayName: lostAndFound +governsId: 1.2.840.113556.1.5.139 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: moveTreeState +systemPossSuperiors: configuration, domainDNS, dMD +schemaIdGuid:52ab8671-5709-11d1-a9c6-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Lost-And-Found,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Mail-Recipient +ldapDisplayName: mailRecipient +governsId: 1.2.840.113556.1.3.46 +objectClassCategory: 3 +rdnAttId: cn +subClassOf: top +systemMustContain: cn +mayContain: msDS-PhoneticDisplayName, userSMIMECertificate,secretary, msExchLabeledURI, msExchAssistantName, labeledURI +systemMayContain: userCertificate, userCert, textEncodedORAddress,telephoneNumber, showInAddressBook, legacyExchangeDN,garbageCollPeriod, info +systemPossSuperiors: container +schemaIdGuid:bf967aa1-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Mail-Recipient,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Meeting +ldapDisplayName: meeting +governsId: 1.2.840.113556.1.5.104 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: meetingName +systemMayContain: meetingURL, meetingType, meetingStartTime,meetingScope, meetingRecurrence, meetingRating, meetingProtocol,meetingOwner, meetingOriginator, meetingMaxParticipants,meetingLocation, meetingLanguage, meetingKeyword,meetingIsEncrypted, meetingIP, meetingID, meetingEndTime,meetingDescription, meetingContactInfo, meetingBlob,meetingBandwidth, meetingApplication, meetingAdvertiseScope +systemPossSuperiors: container +schemaIdGuid:11b6cc94-48c4-11d1-a9c3-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Meeting,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-COM-Partition +ldapDisplayName: msCOM-Partition +governsId: 1.2.840.113556.1.5.193 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: msCOM-ObjectId +systemPossSuperiors: domainDNS, organizationalUnit, container +schemaIdGuid:c9010e74-4e58-49f7-8a89-5e3e2340fcf8 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-COM-Partition,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-COM-PartitionSet +ldapDisplayName: msCOM-PartitionSet +governsId: 1.2.840.113556.1.5.194 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: msCOM-PartitionLink, msCOM-DefaultPartitionLink,msCOM-ObjectId +systemPossSuperiors: domainDNS, organizationalUnit, container +schemaIdGuid:250464ab-c417-497a-975a-9e0d459a7ca1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-COM-PartitionSet,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DFS-Deleted-Link-v2 +ldapDisplayName: msDFS-DeletedLinkv2 +governsId: 1.2.840.113556.1.5.260 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: msDFS-NamespaceIdentityGUIDv2,msDFS-LinkIdentityGUIDv2, msDFS-LastModifiedv2, msDFS-LinkPathv2 +systemMayContain: msDFS-Commentv2, msDFS-ShortNameLinkPathv2 +systemPossSuperiors: msDFS-Namespacev2 +schemaIdGuid: 25173408-04ca-40e8-865e-3f9ce9bf1bd3 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DFS-Deleted-Link-v2, CN=Schema,CN=Configuration, <RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DFS-Link-v2 +ldapDisplayName: msDFS-Linkv2 +governsId: 1.2.840.113556.1.5.259 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: msDFS-GenerationGUIDv2,msDFS-NamespaceIdentityGUIDv2, msDFS-LinkIdentityGUIDv2,msDFS-LastModifiedv2, msDFS-Ttlv2, msDFS-TargetListv2,msDFS-Propertiesv2, msDFS-LinkPathv2 +systemMayContain: msDFS-Commentv2, msDFS-LinkSecurityDescriptorv2,msDFS-ShortNameLinkPathv2 +systemPossSuperiors: msDFS-Namespacev2 +schemaIdGuid: 7769fb7a-1159-4e96-9ccd-68bc487073eb +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DFS-Link-v2, CN=Schema,CN=Configuration, <RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DFS-Namespace-Anchor +ldapDisplayName: msDFS-NamespaceAnchor +governsId: 1.2.840.113556.1.5.257 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: msDFS-SchemaMajorVersion +systemPossSuperiors: dfsConfiguration +schemaIdGuid: da73a085-6e64-4d61-b064-015d04164795 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DFS-Namespace-Anchor, CN=Schema,CN=Configuration, <RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DFS-Namespace-v2 +ldapDisplayName: msDFS-Namespacev2 +governsId: 1.2.840.113556.1.5.258 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: msDFS-SchemaMajorVersion,msDFS-SchemaMinorVersion, msDFS-GenerationGUIDv2,msDFS-NamespaceIdentityGUIDv2, msDFS-LastModifiedv2, msDFS-Ttlv2,msDFS-TargetListv2, msDFS-Propertiesv2 +systemMayContain: msDFS-Commentv2 +systemPossSuperiors: msDFS-NamespaceAnchor +schemaIdGuid: 21cb8628-f3c3-4bbf-bff6-060b2d8f299a +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DFS-Namespace-v2, CN=Schema,CN=Configuration, <RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DFSR-Connection +ldapDisplayName: msDFSR-Connection +governsId: 1.2.840.113556.1.6.13.4.10 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mustContain: fromServer +mayContain: msDFSR-Options2, msDFSR-DisablePacketPrivacy,msDFSR-Priority, msDFSR-Enabled, msDFSR-RdcEnabled,msDFSR-RdcMinFileSizeInKb, msDFSR-Keywords, msDFSR-Schedule,msDFSR-Flags, msDFSR-Options, msDFSR-Extension +possSuperiors: msDFSR-Member +schemaIdGuid:e58f972e-64b5-46ef-8d8b-bbc3e1897eab +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;DA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;CO)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DFSR-Connection,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: ms-DFSR-Content +ldapDisplayName: msDFSR-Content +governsId: 1.2.840.113556.1.6.13.4.6 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mayContain: msDFSR-Options2, msDFSR-Flags, msDFSR-Options,msDFSR-Extension +possSuperiors: msDFSR-ReplicationGroup +schemaIdGuid:64759b35-d3a1-42e4-b5f1-a3de162109b3 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;DA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;CO)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DFSR-Content,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: ms-DFSR-ContentSet +ldapDisplayName: msDFSR-ContentSet +governsId: 1.2.840.113556.1.6.13.4.7 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mayContain: msDFSR-Options2, msDFSR-OnDemandExclusionDirectoryFilter,msDFSR-OnDemandExclusionFileFilter,msDFSR-DefaultCompressionExclusionFilter, msDFSR-DeletedSizeInMb,msDFSR-Priority, msDFSR-ConflictSizeInMb, msDFSR-StagingSizeInMb,msDFSR-RootSizeInMb, description, msDFSR-DfsPath, msDFSR-FileFilter,msDFSR-DirectoryFilter, msDFSR-Flags, msDFSR-Options,msDFSR-Extension +possSuperiors: msDFSR-Content +schemaIdGuid:4937f40d-a6dc-4d48-97ca-06e5fbfd3f16 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;DA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;CO)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DFSR-ContentSet,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: ms-DFSR-GlobalSettings +ldapDisplayName: msDFSR-GlobalSettings +governsId: 1.2.840.113556.1.6.13.4.4 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mayContain: msDFSR-Options2, msDFSR-Flags, msDFSR-Options,msDFSR-Extension +possSuperiors: container +schemaIdGuid:7b35dbad-b3ec-486a-aad4-2fec9d6ea6f6 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;DA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;CO)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DFSR-GlobalSettings,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: ms-DFSR-LocalSettings +ldapDisplayName: msDFSR-LocalSettings +governsId: 1.2.840.113556.1.6.13.4.1 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mayContain: msDFSR-StagingCleanupTriggerInPercent,msDFSR-CommonStagingSizeInMb, msDFSR-CommonStagingPath,msDFSR-Options2, msDFSR-Version, msDFSR-Flags, msDFSR-Options,msDFSR-Extension +possSuperiors: computer +schemaIdGuid:fa85c591-197f-477e-83bd-ea5a43df2239 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;DA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;CO)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DFSR-LocalSettings,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: ms-DFSR-Member +ldapDisplayName: msDFSR-Member +governsId: 1.2.840.113556.1.6.13.4.9 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mustContain: msDFSR-ComputerReference +mayContain: msDFSR-Options2, serverReference, msDFSR-Keywords,msDFSR-Flags, msDFSR-Options, msDFSR-Extension +possSuperiors: msDFSR-Topology +schemaIdGuid:4229c897-c211-437c-a5ae-dbf705b696e5 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;DA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;CO)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DFSR-Member,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: ms-DFSR-ReplicationGroup +ldapDisplayName: msDFSR-ReplicationGroup +governsId: 1.2.840.113556.1.6.13.4.5 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mustContain: msDFSR-ReplicationGroupType +mayContain: msDFSR-Options2, msDFSR-OnDemandExclusionDirectoryFilter,msDFSR-OnDemandExclusionFileFilter,msDFSR-DefaultCompressionExclusionFilter, msDFSR-DeletedSizeInMb,msDFSR-DirectoryFilter, msDFSR-FileFilter, msDFSR-ConflictSizeInMb,msDFSR-StagingSizeInMb, msDFSR-RootSizeInMb, description,msDFSR-TombstoneExpiryInMin, msDFSR-Flags, msDFSR-Options,msDFSR-Extension, msDFSR-Schedule, msDFSR-Version +possSuperiors: msDFSR-GlobalSettings +schemaIdGuid:1c332fe0-0c2a-4f32-afca-23c5e45a9e77 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;DA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;CO)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DFSR-ReplicationGroup,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: ms-DFSR-Subscriber +ldapDisplayName: msDFSR-Subscriber +governsId: 1.2.840.113556.1.6.13.4.2 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mustContain: msDFSR-MemberReference, msDFSR-ReplicationGroupGuid +mayContain: msDFSR-Options2, msDFSR-Flags, msDFSR-Options,msDFSR-Extension +possSuperiors: msDFSR-LocalSettings +schemaIdGuid:e11505d7-92c4-43e7-bf5c-295832ffc896 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;DA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;CO)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DFSR-Subscriber,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: ms-DFSR-Subscription +ldapDisplayName: msDFSR-Subscription +governsId: 1.2.840.113556.1.6.13.4.3 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mustContain: msDFSR-ContentSetGuid, msDFSR-ReplicationGroupGuid +mayContain: msDFSR-StagingCleanupTriggerInPercent, msDFSR-Options2,msDFSR-OnDemandExclusionDirectoryFilter,msDFSR-OnDemandExclusionFileFilter, msDFSR-MaxAgeInCacheInMin,msDFSR-MinDurationCacheInMin, msDFSR-CachePolicy, msDFSR-ReadOnly,msDFSR-DeletedSizeInMb, msDFSR-DeletedPath, msDFSR-RootPath,msDFSR-RootSizeInMb, msDFSR-StagingPath, msDFSR-StagingSizeInMb,msDFSR-ConflictPath, msDFSR-ConflictSizeInMb, msDFSR-Enabled,msDFSR-RootFence, msDFSR-DfsLinkTarget, msDFSR-Flags,msDFSR-Options, msDFSR-Extension +possSuperiors: msDFSR-Subscriber +schemaIdGuid:67212414-7bcc-4609-87e0-088dad8abdee +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;DA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;CO)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DFSR-Subscription,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: ms-DFSR-Topology +ldapDisplayName: msDFSR-Topology +governsId: 1.2.840.113556.1.6.13.4.8 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mayContain: msDFSR-Options2, msDFSR-Flags, msDFSR-Options,msDFSR-Extension +possSuperiors: msDFSR-ReplicationGroup +schemaIdGuid:04828aa9-6e42-4e80-b962-e2fe00754d17 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;DA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;CO)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DFSR-Topology,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: ms-DS-App-Configuration +ldapDisplayName: msDS-App-Configuration +governsId: 1.2.840.113556.1.5.220 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: applicationSettings +mayContain: owner, msDS-ObjectReference, msDS-Integer, msDS-DateTime,msDS-ByteArray, managedBy, keywords +possSuperiors: organizationalUnit, computer, container +schemaIdGuid:90df3c3e-1854-4455-a5d7-cad40d56657a +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DS-App-Configuration,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: 0 + +cn: ms-DS-App-Data +ldapDisplayName: msDS-AppData +governsId: 1.2.840.113556.1.5.241 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: applicationSettings +mayContain: owner, msDS-ObjectReference, msDS-Integer, msDS-DateTime,msDS-ByteArray, managedBy, keywords +possSuperiors: organizationalUnit, computer, container +schemaIdGuid:9e67d761-e327-4d55-bc95-682f875e2f8e +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DS-App-Data,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: 0 + +cn: ms-DS-Az-Admin-Manager +ldapDisplayName: msDS-AzAdminManager +governsId: 1.2.840.113556.1.5.234 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: msDS-AzGenericData, msDS-AzObjectGuid,msDS-AzMinorVersion, msDS-AzMajorVersion, msDS-AzApplicationData,msDS-AzGenerateAudits, msDS-AzScriptTimeout,msDS-AzScriptEngineCacheMax, msDS-AzDomainTimeout, description +systemPossSuperiors: domainDNS, organizationalUnit, container +schemaIdGuid:cfee1051-5f28-4bae-a863-5d0cc18a8ed1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DS-Az-Admin-Manager,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Application +ldapDisplayName: msDS-AzApplication +governsId: 1.2.840.113556.1.5.235 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: msDS-AzGenericData, msDS-AzObjectGuid,msDS-AzApplicationData, msDS-AzGenerateAudits,msDS-AzApplicationVersion, msDS-AzClassId, msDS-AzApplicationName,description +systemPossSuperiors: msDS-AzAdminManager +schemaIdGuid:ddf8de9b-cba5-4e12-842e-28d8b66f75ec +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DS-Az-Application,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Operation +ldapDisplayName: msDS-AzOperation +governsId: 1.2.840.113556.1.5.236 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: msDS-AzOperationID +systemMayContain: msDS-AzGenericData, msDS-AzObjectGuid,msDS-AzApplicationData, description +systemPossSuperiors: container, msDS-AzApplication +schemaIdGuid:860abe37-9a9b-4fa4-b3d2-b8ace5df9ec5 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DS-Az-Operation,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Role +ldapDisplayName: msDS-AzRole +governsId: 1.2.840.113556.1.5.239 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: msDS-AzGenericData, msDS-AzObjectGuid,msDS-AzApplicationData, msDS-TasksForAzRole,msDS-OperationsForAzRole, msDS-MembersForAzRole, description +systemPossSuperiors: container, msDS-AzScope, msDS-AzApplication +schemaIdGuid:8213eac9-9d55-44dc-925c-e9a52b927644 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DS-Az-Role,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Scope +ldapDisplayName: msDS-AzScope +governsId: 1.2.840.113556.1.5.237 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: msDS-AzScopeName +systemMayContain: msDS-AzGenericData, msDS-AzObjectGuid,msDS-AzApplicationData, description +systemPossSuperiors: msDS-AzApplication +schemaIdGuid:4feae054-ce55-47bb-860e-5b12063a51de +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DS-Az-Scope,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Az-Task +ldapDisplayName: msDS-AzTask +governsId: 1.2.840.113556.1.5.238 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: msDS-AzGenericData, msDS-AzObjectGuid,msDS-TasksForAzTask, msDS-OperationsForAzTask,msDS-AzApplicationData, msDS-AzTaskIsRoleDefinition,msDS-AzLastImportedBizRulePath, msDS-AzBizRuleLanguage,msDS-AzBizRule, description +systemPossSuperiors: container, msDS-AzScope, msDS-AzApplication +schemaIdGuid:1ed3a473-9b1b-418a-bfa0-3a37b95a5306 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DS-Az-Task,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Managed-Service-Account +ldapDisplayName: msDS-ManagedServiceAccount +governsId: 1.2.840.113556.1.5.264 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: computer +systemPossSuperiors: domainDNS,organizationalUnit,container +schemaIdGuid: ce206244-5827-4a86-ba1c-1c0c386c1b64 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;AO)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPCRLCLORCSDDT;;;CO)(OA;;WP;4c164200-20c0-11d0-a768-00aa006e0529;;CO)(OA;;SW;72e39547-7b18-11d1-adef-00c04fd8d5cd;;CO)(OA;;SW;f3a64788-5306-11d1-a9c5-0000f80367c1;;CO)(OA;;WP;3e0abfd0-126a-11d0-a060-00aa006c33ed;bf967a86-0de6-11d0-a285-00aa003049e2;CO)(OA;;WP;5f202010-79a5-11d0-9020-00c04fc2d4cf;bf967a86-0de6-11d0-a285-00aa003049e2;CO)(OA;;WP;bf967950-0de6-11d0-a285-00aa003049e2;bf967a86-0de6-11d0-a285-00aa003049e2;CO)(OA;;WP;bf967953-0de6-11d0-a285-00aa003049e2;bf967a86-0de6-11d0-a285-00aa003049e2;CO)(OA;;SW;f3a64788-5306-11d1-a9c5-0000f80367c1;;PS)(OA;;RPWP;77B5B886-944A-11d1-AEBD-0000F80367C1;;PS)(OA;;SW;72e39547-7b18-11d1-adef-00c04fd8d5cd;;PS)(A;;RPLCLORC;;;AU)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;WD)(OA;;RPWP;bf967a7f-0de6-11d0-a285-00aa003049e2;;CA)(OA;;RP;46a9b11d-60ae-405a-b7e8-ff8a58d456d2;;S-1-5-32-560)(OA;;RP;b7c69e6d-2cc7-11d2-854e-00a0c983f608;;ED) +defaultHidingValue: FALSE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DS-Managed-Service-Account,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Optional-Feature +ldapDisplayName: msDS-OptionalFeature +governsId: 1.2.840.113556.1.5.265 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: msDS-OptionalFeatureFlags,msDS-OptionalFeatureGUID +systemMayContain: msDS-RequiredDomainBehaviorVersion,msDS-RequiredForestBehaviorVersion +systemPossSuperiors: container +schemaIdGuid: 44f00041-35af-468b-b20a-6ce8737c580b +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;EA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;CO)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: TRUE +defaultObjectCategory: CN=ms-DS-Optional-Feature,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Password-Settings +ldapDisplayName: msDS-PasswordSettings +governsId: 1.2.840.113556.1.5.255 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: msDS-MaximumPasswordAge, msDS-MinimumPasswordAge,msDS-MinimumPasswordLength, msDS-PasswordComplexityEnabled,msDS-LockoutObservationWindow, msDS-LockoutDuration,msDS-LockoutThreshold, msDS-PasswordReversibleEncryptionEnabled,msDS-PasswordSettingsPrecedence, msDS-PasswordHistoryLength +systemMayContain: msDS-PSOAppliesTo +systemPossSuperiors: msDS-PasswordSettingsContainer +schemaIdGuid: 3bcd9db8-f84b-451c-952f-6c52b81f9ec6 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY) +systemOnly: FALSE +defaultObjectCategory: CN=ms-DS-Password-Settings,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Password-Settings-Container +ldapDisplayName: msDS-PasswordSettingsContainer +governsId: 1.2.840.113556.1.5.256 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemPossSuperiors: container +schemaIdGuid: 5b06b06a-4cf3-44c0-bd16-43bc10a987da +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY) +systemOnly: FALSE +defaultObjectCategory: CN=ms-DS-Password-Settings-Container,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Quota-Container +ldapDisplayName: msDS-QuotaContainer +governsId: 1.2.840.113556.1.5.242 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: cn +systemMayContain: msDS-TopQuotaUsage, msDS-QuotaUsed,msDS-QuotaEffective, msDS-TombstoneQuotaFactor, msDS-DefaultQuota +systemPossSuperiors: configuration, domainDNS +schemaIdGuid:da83fc4f-076f-4aea-b4dc-8f4dab9b5993 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPLCLORC;;;BA)(OA;;CR;4ecc03fe-ffc0-4947-b630-eb672a8a9dbc;;WD) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DS-Quota-Container,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-DS-Quota-Control +ldapDisplayName: msDS-QuotaControl +governsId: 1.2.840.113556.1.5.243 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: msDS-QuotaAmount, msDS-QuotaTrustee, cn +systemPossSuperiors: msDS-QuotaContainer +schemaIdGuid:de91fc26-bd02-4b52-ae26-795999e96fc7 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPLCLORC;;;BA) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-DS-Quota-Control,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-Exch-Configuration-Container +ldapDisplayName: msExchConfigurationContainer +governsId: 1.2.840.113556.1.5.176 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: container +systemMayContain: templateRoots, addressBookRoots, globalAddressList,templateRoots2, addressBookRoots2, globalAddressList2 +schemaIdGuid:d03d6858-06f4-11d2-aa53-00c04fd7d83a +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-Exch-Configuration-Container,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-FVE-RecoveryInformation +ldapDisplayName: msFVE-RecoveryInformation +governsId: 1.2.840.113556.1.5.253 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: msFVE-RecoveryPassword, msFVE-RecoveryGuid +mayContain: msFVE-KeyPackage, msFVE-VolumeGuid +systemPossSuperiors: computer +schemaIdGuid:ea715d30-8f53-40d0-bd1e-6109186d782c +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-FVE-RecoveryInformation,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-ieee-80211-Policy +ldapDisplayName: msieee80211-Policy +governsId: 1.2.840.113556.1.5.240 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: msieee80211-ID, msieee80211-DataType,msieee80211-Data +systemPossSuperiors: organizationalUnit, container, computer +schemaIdGuid:7b9a2d92-b7eb-4382-9772-c3e0f9baaf94 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-ieee-80211-Policy,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-Imaging-PostScanProcess +ldapDisplayName: msImaging-PostScanProcess +governsId: 1.2.840.113556.1.5.263 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: msImaging-PSPString, serverName +systemMustContain: displayName, msImaging-PSPIdentifier +systemPossSuperiors: msImaging-PSPs +schemaIdGuid: 1f7c257c-b8a3-4525-82f8-11ccc7bee36e +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLOLORCWOWDSDDTDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: FALSE +systemOnly: FALSE +defaultObjectCategory: CN=ms-Imaging-PostScanProcess,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-Imaging-PSPs +ldapDisplayName: msImaging-PSPs +governsId: 1.2.840.113556.1.5.262 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: container +systemPossSuperiors: container +schemaIdGuid: a0ed2ac1-970c-4777-848e-ec63a0ec44fc +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLOLORCWOWDSDDTDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: FALSE +systemOnly: FALSE +defaultObjectCategory: CN=ms-Imaging-PSPs,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + + +cn: MSMQ-Configuration +ldapDisplayName: mSMQConfiguration +governsId: 1.2.840.113556.1.5.162 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: mSMQSites, mSMQSignKey, mSMQServiceType,mSMQRoutingServices, mSMQQuota, mSMQOwnerID, mSMQOutRoutingServers,mSMQOSType, mSMQJournalQuota, mSMQInRoutingServers, mSMQForeign,mSMQEncryptKey, mSMQDsServices, mSMQDependentClientServices,mSMQComputerTypeEx, mSMQComputerType +systemPossSuperiors: computer +schemaIdGuid:9a0dc344-c100-11d1-bbc5-0080c76670c0 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=MSMQ-Configuration,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Custom-Recipient +ldapDisplayName: msMQ-Custom-Recipient +governsId: 1.2.840.113556.1.5.218 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: msMQ-Recipient-FormatName +systemPossSuperiors: organizationalUnit, domainDNS, container +schemaIdGuid:876d6817-35cc-436c-acea-5ef7174dd9be +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: FALSE +systemOnly: FALSE +defaultObjectCategory: CN=MSMQ-Custom-Recipient,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Enterprise-Settings +ldapDisplayName: mSMQEnterpriseSettings +governsId: 1.2.840.113556.1.5.163 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: mSMQVersion, mSMQNameStyle, mSMQLongLived,mSMQInterval2, mSMQInterval1, mSMQCSPName +systemPossSuperiors: container +schemaIdGuid:9a0dc345-c100-11d1-bbc5-0080c76670c0 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=MSMQ-Enterprise-Settings,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Group +ldapDisplayName: msMQ-Group +governsId: 1.2.840.113556.1.5.219 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: member +systemPossSuperiors: organizationalUnit +schemaIdGuid:46b27aac-aafa-4ffb-b773-e5bf621ee87b +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=MSMQ-Group,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Migrated-User +ldapDisplayName: mSMQMigratedUser +governsId: 1.2.840.113556.1.5.179 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: mSMQUserSid, mSMQSignCertificatesMig,mSMQSignCertificates, mSMQDigestsMig, mSMQDigests, objectSid +systemPossSuperiors: organizationalUnit, domainDNS, builtinDomain +schemaIdGuid:50776997-3c3d-11d2-90cc-00c04fd91ab1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=MSMQ-Migrated-User,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Queue +ldapDisplayName: mSMQQueue +governsId: 1.2.840.113556.1.5.161 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: mSMQTransactional, MSMQ-SecuredSource,mSMQQueueType, mSMQQueueQuota, mSMQQueueNameExt,mSMQQueueJournalQuota, mSMQPrivacyLevel, mSMQOwnerID,MSMQ-MulticastAddress, mSMQLabelEx, mSMQLabel, mSMQJournal,mSMQBasePriority, mSMQAuthenticate +systemPossSuperiors: mSMQConfiguration +schemaIdGuid:9a0dc343-c100-11d1-bbc5-0080c76670c0 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: FALSE +systemOnly: FALSE +defaultObjectCategory: CN=MSMQ-Queue,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Settings +ldapDisplayName: mSMQSettings +governsId: 1.2.840.113556.1.5.165 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: mSMQSiteNameEx, mSMQSiteName, mSMQServices,mSMQRoutingService, mSMQQMID, mSMQOwnerID, mSMQNt4Flags,mSMQMigrated, mSMQDsService, mSMQDependentClientService +systemPossSuperiors: server +schemaIdGuid:9a0dc347-c100-11d1-bbc5-0080c76670c0 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=MSMQ-Settings,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MSMQ-Site-Link +ldapDisplayName: mSMQSiteLink +governsId: 1.2.840.113556.1.5.164 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: mSMQSite2, mSMQSite1, mSMQCost +systemMayContain: mSMQSiteGatesMig, mSMQSiteGates +systemPossSuperiors: mSMQEnterpriseSettings +schemaIdGuid:9a0dc346-c100-11d1-bbc5-0080c76670c0 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: FALSE +systemOnly: FALSE +defaultObjectCategory: CN=MSMQ-Site-Link,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-net-ieee-80211-GroupPolicy +lDAPDisplayName: ms-net-ieee-80211-GroupPolicy +governsID: 1.2.840.113556.1.5.251 +objectClassCategory: 1 +rDNAttID: cn +subClassOf: top +systemMayContain: ms-net-ieee-80211-GP-PolicyReserved,ms-net-ieee-80211-GP-PolicyData, ms-net-ieee-80211-GP-PolicyGUID +systemPossSuperiors: computer, container, person +schemaIDGUID: 1cb81863-b822-4379-9ea2-5ff7bdc6386d +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-net-ieee-80211-GroupPolicy,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-net-ieee-8023-GroupPolicy +lDAPDisplayName: ms-net-ieee-8023-GroupPolicy +governsID: 1.2.840.113556.1.5.252 +objectClassCategory: 1 +rDNAttID: cn +subClassOf: top +systemMayContain: ms-net-ieee-8023-GP-PolicyReserved,ms-net-ieee-8023-GP-PolicyData, ms-net-ieee-8023-GP-PolicyGUID +systemPossSuperiors: computer, container, person +schemaIDGUID: 99a03a6a-ab19-4446-9350-0cb878ed2d9b +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-net-ieee-8023-GroupPolicy,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-Enterprise-Oid +ldapDisplayName: msPKI-Enterprise-Oid +governsId: 1.2.840.113556.1.5.196 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: msDS-OIDToGroupLink, msPKI-OID-User-Notice,msPKI-OIDLocalizedName, msPKI-OID-CPS, msPKI-OID-Attribute,msPKI-Cert-Template-OID +systemPossSuperiors: msPKI-Enterprise-Oid, container +schemaIdGuid:37cfd85c-6719-4ad8-8f9e-8678ba627563 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-PKI-Enterprise-Oid,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-Key-Recovery-Agent +ldapDisplayName: msPKI-Key-Recovery-Agent +governsId: 1.2.840.113556.1.5.195 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: user +systemPossSuperiors: container +schemaIdGuid:26ccf238-a08e-4b86-9a82-a8c9ac7ee5cb +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-PKI-Key-Recovery-Agent,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-PKI-Private-Key-Recovery-Agent +ldapDisplayName: msPKI-PrivateKeyRecoveryAgent +governsId: 1.2.840.113556.1.5.223 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: userCertificate +systemPossSuperiors: container +schemaIdGuid:1562a632-44b9-4a7e-a2d3-e426c96a3acc +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-PKI-Private-Key-Recovery-Agent,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-Print-ConnectionPolicy +ldapDisplayName: msPrint-ConnectionPolicy +governsId: 1.2.840.113556.1.6.23.2 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mustContain: cn +mayContain: printerName, printAttributes, serverName, uNCName +possSuperiors: container +schemaIdGuid:a16f33c7-7fd6-4828-9364-435138fda08d +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-Print-ConnectionPolicy,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: msSFU-30-Domain-Info +ldapDisplayName: msSFU30DomainInfo +governsId: 1.2.840.113556.1.6.18.2.215 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mayContain: msSFU30Domains, msSFU30YpServers, msSFU30SearchContainer,msSFU30IsValidContainer, msSFU30MasterServerName,msSFU30OrderNumber, msSFU30MaxGidNumber, msSFU30MaxUidNumber,msSFU30CryptMethod +possSuperiors: container +schemaIdGuid:36297dce-656b-4423-ab65-dabb2770819e +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=msSFU-30-Domain-Info,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: msSFU-30-Mail-Aliases +ldapDisplayName: msSFU30MailAliases +governsId: 1.2.840.113556.1.6.18.2.211 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mayContain: msSFU30Name, msSFU30NisDomain, msSFU30Aliases, nisMapName +possSuperiors: domainDNS, nisMap, container +schemaIdGuid:d6710785-86ff-44b7-85b5-f1f8689522ce +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=msSFU-30-Mail-Aliases,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: msSFU-30-Net-Id +ldapDisplayName: msSFU30NetId +governsId: 1.2.840.113556.1.6.18.2.212 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mayContain: msSFU30KeyValues, msSFU30Name, msSFU30NisDomain,nisMapName +possSuperiors: domainDNS, nisMap, container +schemaIdGuid:e263192c-2a02-48df-9792-94f2328781a0 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=msSFU-30-Net-Id,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: msSFU-30-Network-User +ldapDisplayName: msSFU30NetworkUser +governsId: 1.2.840.113556.1.6.18.2.216 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mayContain: msSFU30KeyValues, msSFU30Name, msSFU30NisDomain,nisMapName +possSuperiors: domainDNS, nisMap, container +schemaIdGuid:e15334a3-0bf0-4427-b672-11f5d84acc92 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=msSFU-30-Network-User,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: msSFU-30-NIS-Map-Config +ldapDisplayName: msSFU30NISMapConfig +governsId: 1.2.840.113556.1.6.18.2.217 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mayContain: msSFU30KeyAttributes, msSFU30FieldSeparator,msSFU30NSMAPFieldPosition, msSFU30IntraFieldSeparator,msSFU30SearchAttributes, msSFU30ResultAttributes, msSFU30MapFilter +possSuperiors: container +schemaIdGuid:faf733d0-f8eb-4dcf-8d75-f1753af6a50b +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=msSFU-30-NIS-Map-Config,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: MS-SQL-OLAPCube +ldapDisplayName: mS-SQL-OLAPCube +governsId: 1.2.840.113556.1.5.190 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: mS-SQL-Keywords, mS-SQL-PublicationURL,mS-SQL-InformationURL, mS-SQL-Status, mS-SQL-LastUpdatedDate,mS-SQL-Size, mS-SQL-Description, mS-SQL-Contact, mS-SQL-Name +systemPossSuperiors: mS-SQL-OLAPDatabase +schemaIdGuid:09f0506a-cd28-11d2-9993-0000f87a57d4 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=MS-SQL-OLAPCube,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-OLAPDatabase +ldapDisplayName: mS-SQL-OLAPDatabase +governsId: 1.2.840.113556.1.5.189 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: mS-SQL-Keywords, mS-SQL-PublicationURL,mS-SQL-ConnectionURL, mS-SQL-InformationURL, mS-SQL-Status,mS-SQL-Applications, mS-SQL-LastBackupDate, mS-SQL-LastUpdatedDate,mS-SQL-Size, mS-SQL-Type, mS-SQL-Description, mS-SQL-Contact,mS-SQL-Name +systemPossSuperiors: mS-SQL-OLAPServer +schemaIdGuid:20af031a-ccef-11d2-9993-0000f87a57d4 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=MS-SQL-OLAPDatabase,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-OLAPServer +ldapDisplayName: mS-SQL-OLAPServer +governsId: 1.2.840.113556.1.5.185 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: serviceConnectionPoint +systemMayContain: mS-SQL-Keywords, mS-SQL-PublicationURL,mS-SQL-InformationURL, mS-SQL-Status, mS-SQL-Language,mS-SQL-ServiceAccount, mS-SQL-Contact, mS-SQL-RegisteredOwner,mS-SQL-Build, mS-SQL-Version, mS-SQL-Name +systemPossSuperiors: serviceConnectionPoint +schemaIdGuid:0c7e18ea-ccef-11d2-9993-0000f87a57d4 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=MS-SQL-OLAPServer,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-SQLDatabase +ldapDisplayName: mS-SQL-SQLDatabase +governsId: 1.2.840.113556.1.5.188 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: mS-SQL-Keywords, mS-SQL-InformationURL,mS-SQL-Status, mS-SQL-Applications, mS-SQL-LastDiagnosticDate,mS-SQL-LastBackupDate, mS-SQL-CreationDate, mS-SQL-Size,mS-SQL-Contact, mS-SQL-Alias, mS-SQL-Description, mS-SQL-Name +systemPossSuperiors: mS-SQL-SQLServer +schemaIdGuid:1d08694a-ccef-11d2-9993-0000f87a57d4 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=MS-SQL-SQLDatabase,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-SQLPublication +ldapDisplayName: mS-SQL-SQLPublication +governsId: 1.2.840.113556.1.5.187 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: mS-SQL-ThirdParty,mS-SQL-AllowSnapshotFilesFTPDownloading,mS-SQL-AllowQueuedUpdatingSubscription,mS-SQL-AllowImmediateUpdatingSubscription,mS-SQL-AllowKnownPullSubscription, mS-SQL-Publisher,mS-SQL-AllowAnonymousSubscription, mS-SQL-Database, mS-SQL-Type,mS-SQL-Status, mS-SQL-Description, mS-SQL-Name +systemPossSuperiors: mS-SQL-SQLServer +schemaIdGuid:17c2f64e-ccef-11d2-9993-0000f87a57d4 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=MS-SQL-SQLPublication,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-SQLRepository +ldapDisplayName: mS-SQL-SQLRepository +governsId: 1.2.840.113556.1.5.186 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: mS-SQL-InformationDirectory, mS-SQL-Version,mS-SQL-Description, mS-SQL-Status, mS-SQL-Build, mS-SQL-Contact,mS-SQL-Name +systemPossSuperiors: mS-SQL-SQLServer +schemaIdGuid:11d43c5c-ccef-11d2-9993-0000f87a57d4 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=MS-SQL-SQLRepository,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: MS-SQL-SQLServer +ldapDisplayName: mS-SQL-SQLServer +governsId: 1.2.840.113556.1.5.184 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: serviceConnectionPoint +systemMayContain: mS-SQL-Keywords, mS-SQL-GPSHeight,mS-SQL-GPSLongitude, mS-SQL-GPSLatitude, mS-SQL-InformationURL,mS-SQL-LastUpdatedDate, mS-SQL-Status, mS-SQL-Vines,mS-SQL-AppleTalk, mS-SQL-TCPIP, mS-SQL-SPX, mS-SQL-MultiProtocol,mS-SQL-NamedPipe, mS-SQL-Clustered, mS-SQL-UnicodeSortOrder,mS-SQL-SortOrder, mS-SQL-CharacterSet, mS-SQL-ServiceAccount,mS-SQL-Build, mS-SQL-Memory, mS-SQL-Location, mS-SQL-Contact,mS-SQL-RegisteredOwner, mS-SQL-Name +systemPossSuperiors: serviceConnectionPoint +schemaIdGuid:05f6c878-ccef-11d2-9993-0000f87a57d4 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=MS-SQL-SQLServer,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TAPI-Rt-Conference +ldapDisplayName: msTAPI-RtConference +governsId: 1.2.840.113556.1.5.221 +objectClassCategory: 1 +rdnAttId: msTAPI-uid +subClassOf: top +systemMustContain: msTAPI-uid +systemMayContain: msTAPI-ConferenceBlob, msTAPI-ProtocolId +systemPossSuperiors: organizationalUnit +schemaIdGuid:ca7b9735-4b2a-4e49-89c3-99025334dc94 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-TAPI-Rt-Conference,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-TAPI-Rt-Person +ldapDisplayName: msTAPI-RtPerson +governsId: 1.2.840.113556.1.5.222 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: msTAPI-uid, msTAPI-IpAddress +systemPossSuperiors: organization, organizationalUnit +schemaIdGuid:53ea1cb5-b704-4df9-818f-5cb4ec86cac1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-TAPI-Rt-Person,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-IntRangeParam +ldapDisplayName: msWMI-IntRangeParam +governsId: 1.2.840.113556.1.5.205 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: msWMI-RangeParam +systemMustContain: msWMI-IntDefault +systemMayContain: msWMI-IntMax, msWMI-IntMin +systemPossSuperiors: msWMI-MergeablePolicyTemplate +schemaIdGuid:50ca5d7d-5c8b-4ef3-b9df-5b66d491e526 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-WMI-IntRangeParam,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-IntSetParam +ldapDisplayName: msWMI-IntSetParam +governsId: 1.2.840.113556.1.5.206 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: msWMI-RangeParam +systemMustContain: msWMI-IntDefault +systemMayContain: msWMI-IntValidValues +systemPossSuperiors: msWMI-MergeablePolicyTemplate +schemaIdGuid:292f0d9a-cf76-42b0-841f-b650f331df62 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPCCDCLCLODTRC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-WMI-IntSetParam,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-MergeablePolicyTemplate +ldapDisplayName: msWMI-MergeablePolicyTemplate +governsId: 1.2.840.113556.1.5.202 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: msWMI-PolicyTemplate +systemPossSuperiors: container +schemaIdGuid:07502414-fdca-4851-b04a-13645b11d226 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPCCDCLCLODTRC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-WMI-MergeablePolicyTemplate,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-ObjectEncoding +ldapDisplayName: msWMI-ObjectEncoding +governsId: 1.2.840.113556.1.5.217 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: msWMI-Class, msWMI-ScopeGuid, msWMI-Parm1,msWMI-Parm2, msWMI-Parm3, msWMI-Parm4, msWMI-Genus, msWMI-intFlags1,msWMI-intFlags2, msWMI-intFlags3, msWMI-intFlags4, msWMI-ID,msWMI-TargetObject +systemPossSuperiors: container +schemaIdGuid:55dd81c9-c312-41f9-a84d-c6adbdf1e8e1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-WMI-ObjectEncoding,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-PolicyTemplate +ldapDisplayName: msWMI-PolicyTemplate +governsId: 1.2.840.113556.1.5.200 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: msWMI-NormalizedClass, msWMI-TargetPath,msWMI-TargetClass, msWMI-TargetNameSpace, msWMI-Name, msWMI-ID +systemMayContain: msWMI-TargetType, msWMI-SourceOrganization,msWMI-Parm4, msWMI-Parm3, msWMI-Parm2, msWMI-Parm1, msWMI-intFlags4,msWMI-intFlags3, msWMI-intFlags2, msWMI-intFlags1,msWMI-CreationDate, msWMI-ChangeDate, msWMI-Author +systemPossSuperiors: container +schemaIdGuid:e2bc80f1-244a-4d59-acc6-ca5c4f82e6e1 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSW;;;DA)(A;;CC;;;PA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-WMI-PolicyTemplate,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-PolicyType +ldapDisplayName: msWMI-PolicyType +governsId: 1.2.840.113556.1.5.211 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: msWMI-TargetObject, msWMI-ID +systemMayContain: msWMI-SourceOrganization, msWMI-Parm4,msWMI-Parm3, msWMI-Parm2, msWMI-Parm1, msWMI-intFlags4,msWMI-intFlags3, msWMI-intFlags2, msWMI-intFlags1,msWMI-CreationDate, msWMI-ChangeDate, msWMI-Author +systemPossSuperiors: container +schemaIdGuid:595b2613-4109-4e77-9013-a3bb4ef277c7 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSW;;;DA)(A;;CC;;;PA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-WMI-PolicyType,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-RangeParam +ldapDisplayName: msWMI-RangeParam +governsId: 1.2.840.113556.1.5.203 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: msWMI-TargetType, msWMI-TargetClass,msWMI-PropertyName +systemPossSuperiors: msWMI-MergeablePolicyTemplate +schemaIdGuid:45fb5a57-5018-4d0f-9056-997c8c9122d9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPCCDCLCLODTRC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-WMI-RangeParam,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-RealRangeParam +ldapDisplayName: msWMI-RealRangeParam +governsId: 1.2.840.113556.1.5.209 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: msWMI-RangeParam +systemMustContain: msWMI-Int8Default +systemMayContain: msWMI-Int8Max, msWMI-Int8Min +systemPossSuperiors: msWMI-MergeablePolicyTemplate +schemaIdGuid:6afe8fe2-70bc-4cce-b166-a96f7359c514 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-WMI-RealRangeParam,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-Rule +ldapDisplayName: msWMI-Rule +governsId: 1.2.840.113556.1.5.214 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: msWMI-QueryLanguage, msWMI-TargetNameSpace,msWMI-Query +systemPossSuperiors: msWMI-Som, container +schemaIdGuid:3c7e6f83-dd0e-481b-a0c2-74cd96ef2a66 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-WMI-Rule,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-ShadowObject +ldapDisplayName: msWMI-ShadowObject +governsId: 1.2.840.113556.1.5.212 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: msWMI-TargetObject +systemPossSuperiors: msWMI-PolicyType +schemaIdGuid:f1e44bdf-8dd3-4235-9c86-f91f31f5b569 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-WMI-ShadowObject,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-SimplePolicyTemplate +ldapDisplayName: msWMI-SimplePolicyTemplate +governsId: 1.2.840.113556.1.5.201 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: msWMI-PolicyTemplate +systemMustContain: msWMI-TargetObject +systemPossSuperiors: container +schemaIdGuid:6cc8b2b5-12df-44f6-8307-e74f5cdee369 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPCCDCLCLODTRC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-WMI-SimplePolicyTemplate,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-Som +ldapDisplayName: msWMI-Som +governsId: 1.2.840.113556.1.5.213 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: msWMI-Name, msWMI-ID +systemMayContain: msWMI-SourceOrganization, msWMI-Parm4, msWMI-Parm3,msWMI-Parm2, msWMI-Parm1, msWMI-intFlags4, msWMI-intFlags3,msWMI-intFlags2, msWMI-intFlags1, msWMI-CreationDate,msWMI-ChangeDate, msWMI-Author +systemPossSuperiors: container +schemaIdGuid:ab857078-0142-4406-945b-34c9b6b13372 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSW;;;DA)(A;;CC;;;PA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-WMI-Som,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-StringSetParam +ldapDisplayName: msWMI-StringSetParam +governsId: 1.2.840.113556.1.5.210 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: msWMI-RangeParam +systemMustContain: msWMI-StringDefault +systemMayContain: msWMI-StringValidValues +systemPossSuperiors: msWMI-MergeablePolicyTemplate +schemaIdGuid:0bc579a2-1da7-4cea-b699-807f3b9d63a4 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPCCDCLCLODTRC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-WMI-StringSetParam,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-UintRangeParam +ldapDisplayName: msWMI-UintRangeParam +governsId: 1.2.840.113556.1.5.207 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: msWMI-RangeParam +systemMustContain: msWMI-IntDefault +systemMayContain: msWMI-IntMax, msWMI-IntMin +systemPossSuperiors: msWMI-MergeablePolicyTemplate +schemaIdGuid:d9a799b2-cef3-48b3-b5ad-fb85f8dd3214 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-WMI-UintRangeParam,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-UintSetParam +ldapDisplayName: msWMI-UintSetParam +governsId: 1.2.840.113556.1.5.208 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: msWMI-RangeParam +systemMustContain: msWMI-IntDefault +systemMayContain: msWMI-IntValidValues +systemPossSuperiors: msWMI-MergeablePolicyTemplate +schemaIdGuid:8f4beb31-4e19-46f5-932e-5fa03c339b1d +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPCCDCLCLODTRC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-WMI-UintSetParam,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-UnknownRangeParam +ldapDisplayName: msWMI-UnknownRangeParam +governsId: 1.2.840.113556.1.5.204 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: msWMI-RangeParam +systemMustContain: msWMI-TargetObject, msWMI-NormalizedClass +systemPossSuperiors: msWMI-MergeablePolicyTemplate +schemaIdGuid:b82ac26b-c6db-4098-92c6-49c18a3336e1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-WMI-UnknownRangeParam,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ms-WMI-WMIGPO +ldapDisplayName: msWMI-WMIGPO +governsId: 1.2.840.113556.1.5.215 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: msWMI-TargetClass +systemMayContain: msWMI-Parm4, msWMI-Parm3, msWMI-Parm2, msWMI-Parm1,msWMI-intFlags4, msWMI-intFlags3, msWMI-intFlags2, msWMI-intFlags1 +systemPossSuperiors: container +schemaIdGuid:05630000-3927-4ede-bf27-ca91f275c26f +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSW;;;DA)(A;;CC;;;PA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ms-WMI-WMIGPO,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: NisMap +ldapDisplayName: nisMap +governsId: 1.3.6.1.1.1.2.9 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mustContain: cn, nisMapName +mayContain: description +possSuperiors: domainDNS, container, organizationalUnit +schemaIdGuid:7672666c-02c1-4f33-9ecf-f649c1dd9b7c +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=NisMap,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: NisNetgroup +ldapDisplayName: nisNetgroup +governsId: 1.3.6.1.1.1.2.8 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mustContain: cn +mayContain: description, memberNisNetgroup, nisNetgroupTriple,msSFU30Name, msSFU30NisDomain, nisMapName,msSFU30NetgroupHostAtDomain, msSFU30NetgroupUserAtDomain +possSuperiors: domainDNS, nisMap, container, organizationalUnit +schemaIdGuid:72efbf84-6e7b-4a5c-a8db-8a75a7cad254 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=NisNetgroup,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: NisObject +ldapDisplayName: nisObject +governsId: 1.3.6.1.1.1.2.10 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mustContain: cn, nisMapName, nisMapEntry +mayContain: description, msSFU30Name, msSFU30NisDomain +possSuperiors: domainDNS, nisMap, container, organizationalUnit +schemaIdGuid:904f8a93-4954-4c5f-b1e1-53c097a31e13 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=NisObject,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: NTDS-Connection +ldapDisplayName: nTDSConnection +governsId: 1.2.840.113556.1.5.71 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: leaf +systemMustContain: options, fromServer, enabledConnection +systemMayContain: transportType, schedule, mS-DS-ReplicatesNCReason,generatedConnection +systemPossSuperiors: nTFRSMember, nTFRSReplicaSet, nTDSDSA +schemaIdGuid:19195a60-6da0-11d0-afd3-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=NTDS-Connection,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: NTDS-DSA +ldapDisplayName: nTDSDSA +governsId: 1.2.840.113556.1.5.7000.47 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: applicationSettings +systemMayContain: msDS-IsUserCachableAtRodc, msDS-SiteName,msDS-isRODC, msDS-isGC, msDS-RevealedUsers,msDS-NeverRevealGroup, msDS-RevealOnDemandGroup,msDS-hasFullReplicaNCs, serverReference,msDS-RetiredReplNCSignatures, retiredReplDSASignatures,queryPolicyObject, options, networkAddress, msDS-ReplicationEpoch,msDS-HasInstantiatedNCs, msDS-hasMasterNCs, msDS-HasDomainNCs,msDS-Behavior-Version, managedBy, lastBackupRestorationTime,invocationId, hasPartialReplicaNCs, hasMasterNCs, fRSRootPath,dMDLocation, msDS-EnabledFeature +systemPossSuperiors: organization, server +schemaIdGuid:f0f8ffab-1191-11d0-a060-00aa006c33ed +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: TRUE +defaultObjectCategory: CN=NTDS-DSA,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: NTDS-DSA-RO +ldapDisplayName: nTDSDSARO +governsId: 1.2.840.113556.1.5.254 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: nTDSDSA +systemPossSuperiors: server, organization +schemaIdGuid:85d16ec1-0791-4bc8-8ab3-70980602ff8c +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: TRUE +defaultObjectCategory: CN=NTDS-DSA-RO,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: NTDS-Service +ldapDisplayName: nTDSService +governsId: 1.2.840.113556.1.5.72 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: msDS-DeletedObjectLifetime, tombstoneLifetime,sPNMappings, replTopologyStayOfExecution, msDS-Other-Settings,garbageCollPeriod, dSHeuristics +systemPossSuperiors: container +schemaIdGuid:19195a5f-6da0-11d0-afd3-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=NTDS-Service,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: NTDS-Site-Settings +ldapDisplayName: nTDSSiteSettings +governsId: 1.2.840.113556.1.5.69 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: applicationSiteSettings +systemMayContain: schedule, queryPolicyObject, options,msDS-Preferred-GC-Site, managedBy, interSiteTopologyRenew,interSiteTopologyGenerator, interSiteTopologyFailover +systemPossSuperiors: site +schemaIdGuid:19195a5d-6da0-11d0-afd3-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=NTDS-Site-Settings,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: NTFRS-Member +ldapDisplayName: nTFRSMember +governsId: 1.2.840.113556.1.5.153 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: serverReference, fRSUpdateTimeout,fRSServiceCommand, fRSRootSecurity, fRSPartnerAuthLevel, fRSFlags,fRSExtensions, fRSControlOutboundBacklog, fRSControlInboundBacklog,fRSControlDataCreation, frsComputerReference +systemPossSuperiors: nTFRSReplicaSet +schemaIdGuid:2a132586-9373-11d1-aebc-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;DA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;CO)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=NTFRS-Member,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: NTFRS-Replica-Set +ldapDisplayName: nTFRSReplicaSet +governsId: 1.2.840.113556.1.5.102 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: schedule, msFRS-Topology-Pref, msFRS-Hub-Member,managedBy, fRSVersionGUID, fRSServiceCommand, fRSRootSecurity,fRSReplicaSetType, fRSReplicaSetGUID, fRSPrimaryMember,fRSPartnerAuthLevel, fRSLevelLimit, fRSFlags, fRSFileFilter,fRSExtensions, fRSDSPoll, fRSDirectoryFilter +systemPossSuperiors: nTFRSSettings +schemaIdGuid:5245803a-ca6a-11d0-afff-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;DA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;CO)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY)(OA;;CCDC;2a132586-9373-11d1-aebc-0000f80367c1;;ED) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=NTFRS-Replica-Set,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: NTFRS-Settings +ldapDisplayName: nTFRSSettings +governsId: 1.2.840.113556.1.5.89 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: applicationSettings +systemMayContain: managedBy, fRSExtensions +systemPossSuperiors: nTFRSSettings, container, organizationalUnit,organization +schemaIdGuid:f780acc2-56f0-11d1-a9c6-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;DA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;CO)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=NTFRS-Settings,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: NTFRS-Subscriber +ldapDisplayName: nTFRSSubscriber +governsId: 1.2.840.113556.1.5.155 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: fRSStagingPath, fRSRootPath +systemMayContain: schedule, fRSUpdateTimeout,fRSTimeLastConfigChange, fRSTimeLastCommand,fRSServiceCommandStatus, fRSServiceCommand, fRSMemberReference,fRSFlags, fRSFaultCondition, fRSExtensions +systemPossSuperiors: nTFRSSubscriptions +schemaIdGuid:2a132588-9373-11d1-aebc-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=NTFRS-Subscriber,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: NTFRS-Subscriptions +ldapDisplayName: nTFRSSubscriptions +governsId: 1.2.840.113556.1.5.154 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: fRSWorkingPath, fRSVersion, fRSExtensions +systemPossSuperiors: user, computer, nTFRSSubscriptions +schemaIdGuid:2a132587-9373-11d1-aebc-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=NTFRS-Subscriptions,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: OncRpc +ldapDisplayName: oncRpc +governsId: 1.3.6.1.1.1.2.5 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mustContain: cn, oncRpcNumber +mayContain: description, msSFU30Name, msSFU30NisDomain, nisMapName,msSFU30Aliases +possSuperiors: domainDNS, nisMap, container, organizationalUnit +schemaIdGuid:cadd1e5e-fefc-4f3f-b5a9-70e994204303 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=OncRpc,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: Organization +ldapDisplayName: organization +governsId: 2.5.6.4 +objectClassCategory: 1 +rdnAttId: o +subClassOf: top +systemMustContain: o +systemMayContain: x121Address, userPassword, telexNumber,teletexTerminalIdentifier, telephoneNumber, street, st, seeAlso,searchGuide, registeredAddress, preferredDeliveryMethod, postalCode,postalAddress, postOfficeBox, physicalDeliveryOfficeName, l,internationalISDNNumber, facsimileTelephoneNumber,destinationIndicator, businessCategory +systemPossSuperiors: locality, country, domainDNS +schemaIdGuid:bf967aa3-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: FALSE +systemOnly: FALSE +defaultObjectCategory: CN=Organization,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Organizational-Person +ldapDisplayName: organizationalPerson +governsId: 2.5.6.7 +objectClassCategory: 0 +rdnAttId: cn +subClassOf: person +mayContain: msDS-HABSeniorityIndex, msDS-PhoneticDisplayName,msDS-PhoneticCompanyName, msDS-PhoneticDepartment,msDS-PhoneticLastName, msDS-PhoneticFirstName, houseIdentifier,msExchHouseIdentifier, homePostalAddress +systemMayContain: x121Address, comment, title, co,primaryTelexNumber, telexNumber, teletexTerminalIdentifier, street,st, registeredAddress, preferredDeliveryMethod, postalCode,postalAddress, postOfficeBox, thumbnailPhoto,physicalDeliveryOfficeName, pager, otherPager, otherTelephone,mobile, otherMobile, primaryInternationalISDNNumber, ipPhone,otherIpPhone, otherHomePhone, homePhone,otherFacsimileTelephoneNumber, personalTitle, middleName,otherMailbox, ou, o, mhsORAddress, msDS-AllowedToDelegateTo,manager, thumbnailLogo, l, internationalISDNNumber, initials,givenName, generationQualifier, facsimileTelephoneNumber,employeeID, mail, division, destinationIndicator, department, c,countryCode, company, assistant, streetAddress +systemPossSuperiors: organizationalUnit, organization, container +schemaIdGuid:bf967aa4-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Person,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Organizational-Role +ldapDisplayName: organizationalRole +governsId: 2.5.6.8 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: cn +systemMayContain: x121Address, telexNumber,teletexTerminalIdentifier, telephoneNumber, street, st, seeAlso,roleOccupant, registeredAddress, preferredDeliveryMethod,postalCode, postalAddress, postOfficeBox,physicalDeliveryOfficeName, ou, l, internationalISDNNumber,facsimileTelephoneNumber, destinationIndicator +systemPossSuperiors: organizationalUnit, organization, container +schemaIdGuid:a8df74bf-c5ea-11d1-bbcb-0080c76670c0 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Organizational-Role,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Organizational-Unit +ldapDisplayName: organizationalUnit +governsId: 2.5.6.5 +objectClassCategory: 1 +rdnAttId: ou +subClassOf: top +systemMustContain: ou +systemMayContain: x121Address, userPassword, uPNSuffixes, co,telexNumber, teletexTerminalIdentifier, telephoneNumber, street, st,seeAlso, searchGuide, registeredAddress, preferredDeliveryMethod,postalCode, postalAddress, postOfficeBox,physicalDeliveryOfficeName, msCOM-UserPartitionSetLink, managedBy,thumbnailLogo, l, internationalISDNNumber, gPOptions, gPLink,facsimileTelephoneNumber, destinationIndicator, desktopProfile,defaultGroup, countryCode, c, businessCategory +systemPossSuperiors: country, organization, organizationalUnit,domainDNS +schemaIdGuid:bf967aa5-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(OA;;CCDC;bf967a86-0de6-11d0-a285-00aa003049e2;;AO)(OA;;CCDC;bf967aba-0de6-11d0-a285-00aa003049e2;;AO)(OA;;CCDC;bf967a9c-0de6-11d0-a285-00aa003049e2;;AO)(OA;;CCDC;bf967aa8-0de6-11d0-a285-00aa003049e2;;PO)(A;;RPLCLORC;;;AU)(A;;LCRPLORC;;;ED)(OA;;CCDC;4828CC14-1437-45bc-9B07-AD6F015E5F28;;AO) +defaultHidingValue: FALSE +systemOnly: FALSE +defaultObjectCategory: CN=Organizational-Unit,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Package-Registration +ldapDisplayName: packageRegistration +governsId: 1.2.840.113556.1.5.49 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: versionNumberLo, versionNumberHi, vendor,upgradeProductCode, setupCommand, productCode, packageType,packageName, packageFlags, msiScriptSize, msiScriptPath,msiScriptName, msiScript, msiFileList, managedBy,machineArchitecture, localeID, lastUpdateSequence, installUiLevel,iconPath, fileExtPriority, cOMTypelibId, cOMProgID, cOMInterfaceID,cOMClassID, categories, canUpgradeScript +systemPossSuperiors: classStore +schemaIdGuid:bf967aa6-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Package-Registration,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Person +ldapDisplayName: person +governsId: 2.5.6.6 +objectClassCategory: 0 +rdnAttId: cn +subClassOf: top +systemMustContain: cn +mayContain: attributeCertificateAttribute +systemMayContain: userPassword, telephoneNumber, sn, serialNumber,seeAlso +systemPossSuperiors: organizationalUnit, container +schemaIdGuid:bf967aa7-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Person,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Physical-Location +ldapDisplayName: physicalLocation +governsId: 1.2.840.113556.1.5.97 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: locality +systemMayContain: managedBy +systemPossSuperiors: physicalLocation, configuration +schemaIdGuid:b7b13122-b82e-11d0-afee-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Physical-Location,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: PKI-Certificate-Template +ldapDisplayName: pKICertificateTemplate +governsId: 1.2.840.113556.1.5.177 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: pKIOverlapPeriod, pKIMaxIssuingDepth, pKIKeyUsage,pKIExtendedKeyUsage, pKIExpirationPeriod, pKIEnrollmentAccess,pKIDefaultCSPs, pKIDefaultKeySpec, pKICriticalExtensions,msPKI-RA-Signature, msPKI-RA-Policies,msPKI-RA-Application-Policies, msPKI-Template-Schema-Version,msPKI-Template-Minor-Revision, msPKI-Supersede-Templates,msPKI-Private-Key-Flag, msPKI-Minimal-Key-Size,msPKI-Enrollment-Flag, msPKI-Certificate-Policy,msPKI-Certificate-Name-Flag, msPKI-Certificate-Application-Policy,msPKI-Cert-Template-OID, flags, displayName +systemPossSuperiors: container +schemaIdGuid:e5209ca2-3bba-11d2-90cc-00c04fd91ab1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=PKI-Certificate-Template,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: PKI-Enrollment-Service +ldapDisplayName: pKIEnrollmentService +governsId: 1.2.840.113556.1.5.178 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: msPKI-Enrollment-Servers, msPKI-Site-Name,signatureAlgorithms, enrollmentProviders, dNSHostName,certificateTemplates, cACertificateDN, cACertificate +systemPossSuperiors: container +schemaIdGuid:ee4aa692-3bba-11d2-90cc-00c04fd91ab1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=PKI-Enrollment-Service,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: PosixAccount +ldapDisplayName: posixAccount +governsId: 1.3.6.1.1.1.2.0 +objectClassCategory: 3 +rdnAttId: uid +subClassOf: top +mayContain: uid, cn, uidNumber, gidNumber, unixHomeDirectory,homeDirectory, userPassword, unixUserPassword, loginShell, gecos,description +schemaIdGuid:ad44bb41-67d5-4d88-b575-7b20674e76d8 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=PosixAccount,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: PosixGroup +ldapDisplayName: posixGroup +governsId: 1.3.6.1.1.1.2.2 +objectClassCategory: 3 +rdnAttId: cn +subClassOf: top +mayContain: cn, userPassword, unixUserPassword, description,gidNumber, memberUid +schemaIdGuid:2a9350b8-062c-4ed0-9903-dde10d06deba +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=PosixGroup,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: Print-Queue +ldapDisplayName: printQueue +governsId: 1.2.840.113556.1.5.23 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: connectionPoint +systemMustContain: versionNumber, uNCName, shortServerName,serverName, printerName +systemMayContain: priority, printStatus, printStartTime,printStaplingSupported, printSpooling, printShareName,printSeparatorFile, printRateUnit, printRate, printPagesPerMinute,printOwner, printOrientationsSupported, printNumberUp, printNotify,printNetworkAddress, printMinYExtent, printMinXExtent, printMemory,printMediaSupported, printMediaReady, printMaxYExtent,printMaxXExtent, printMaxResolutionSupported, printMaxCopies,printMACAddress, printLanguage, printKeepPrintedJobs, printFormName,printEndTime, printDuplexSupported, printColor, printCollate,printBinNames, printAttributes, portName, physicalLocationObject,operatingSystemVersion, operatingSystemServicePack,operatingSystemHotfix, operatingSystem, location, driverVersion,driverName, defaultPriority, bytesPerMinute, assetNumber +systemPossSuperiors: organizationalUnit, domainDNS, container,computer +schemaIdGuid:bf967aa8-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;PO)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO)(A;;RPLCLORC;;;AU) +defaultHidingValue: FALSE +systemOnly: FALSE +defaultObjectCategory: CN=Print-Queue,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Query-Policy +ldapDisplayName: queryPolicy +governsId: 1.2.840.113556.1.5.106 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: lDAPIPDenyList, lDAPAdminLimits +systemPossSuperiors: container +schemaIdGuid:83cc7075-cca7-11d0-afff-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Query-Policy,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Remote-Mail-Recipient +ldapDisplayName: remoteMailRecipient +governsId: 1.2.840.113556.1.5.24 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemAuxiliaryClass: mailRecipient +systemMayContain: remoteSourceType, remoteSource, managedBy +systemPossSuperiors: organizationalUnit, domainDNS +schemaIdGuid:bf967aa9-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(OA;;CR;ab721a55-1e2f-11d0-9819-00aa0040529b;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Remote-Mail-Recipient,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Remote-Storage-Service-Point +ldapDisplayName: remoteStorageServicePoint +governsId: 1.2.840.113556.1.5.146 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: serviceAdministrationPoint +systemMayContain: remoteStorageGUID +systemPossSuperiors: computer +schemaIdGuid:2a39c5bd-8960-11d1-aebc-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;DA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;CO)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Remote-Storage-Service-Point,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Residential-Person +ldapDisplayName: residentialPerson +governsId: 2.5.6.10 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: person +systemMayContain: x121Address, title, telexNumber,teletexTerminalIdentifier, street, st, registeredAddress,preferredDeliveryMethod, postalCode, postalAddress, postOfficeBox,physicalDeliveryOfficeName, ou, l, internationalISDNNumber,facsimileTelephoneNumber, destinationIndicator, businessCategory +systemPossSuperiors: locality, container +schemaIdGuid:a8df74d6-c5ea-11d1-bbcb-0080c76670c0 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Residential-Person,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: rFC822LocalPart +ldapDisplayName: rFC822LocalPart +governsId: 0.9.2342.19200300.100.4.14 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: domain +mayContain: x121Address, telexNumber, teletexTerminalIdentifier,telephoneNumber, street, sn, seeAlso, registeredAddress,preferredDeliveryMethod, postOfficeBox, postalCode, postalAddress,physicalDeliveryOfficeName, internationalISDNNumber,facsimileTelephoneNumber, destinationIndicator, description, cn +possSuperiors: organizationalUnit, container +schemaIdGuid:b93e3a78-cbae-485e-a07b-5ef4ae505686 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLOLORCWOWDSDDTDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=rFC822LocalPart,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: RID-Manager +ldapDisplayName: rIDManager +governsId: 1.2.840.113556.1.5.83 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: rIDAvailablePool +systemPossSuperiors: container +schemaIdGuid:6617188d-8f3c-11d0-afda-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)S:(AU;SA;CRWP;;;WD) +defaultHidingValue: TRUE +systemOnly: TRUE +defaultObjectCategory: CN=RID-Manager,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: RID-Set +ldapDisplayName: rIDSet +governsId: 1.2.840.113556.1.5.129 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: rIDUsedPool, rIDPreviousAllocationPool,rIDNextRID, rIDAllocationPool +systemPossSuperiors: user, container, computer +schemaIdGuid:7bfdcb89-4807-11d1-a9c3-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: TRUE +defaultObjectCategory: CN=RID-Set,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: room +ldapDisplayName: room +governsId: 0.9.2342.19200300.100.4.7 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +mustContain: cn +mayContain: location, telephoneNumber, seeAlso, description,roomNumber +possSuperiors: organizationalUnit, container +schemaIdGuid:7860e5d2-c8b0-4cbb-bd45-d9455beb9206 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLOLORCWOWDSDDTDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=room,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: Rpc-Container +ldapDisplayName: rpcContainer +governsId: 1.2.840.113556.1.5.136 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: container +systemMayContain: nameServiceFlags +systemPossSuperiors: container +schemaIdGuid:80212842-4bdc-11d1-a9c4-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Rpc-Container,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: rpc-Entry +ldapDisplayName: rpcEntry +governsId: 1.2.840.113556.1.5.27 +objectClassCategory: 2 +rdnAttId: cn +subClassOf: connectionPoint +systemPossSuperiors: container +schemaIdGuid:bf967aac-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=rpc-Entry,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: rpc-Group +ldapDisplayName: rpcGroup +governsId: 1.2.840.113556.1.5.80 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: rpcEntry +systemMayContain: rpcNsObjectID, rpcNsGroup +systemPossSuperiors: container +schemaIdGuid:88611bdf-8cf4-11d0-afda-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=rpc-Group,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: rpc-Profile +ldapDisplayName: rpcProfile +governsId: 1.2.840.113556.1.5.82 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: rpcEntry +systemPossSuperiors: container +schemaIdGuid:88611be1-8cf4-11d0-afda-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=rpc-Profile,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: rpc-Profile-Element +ldapDisplayName: rpcProfileElement +governsId: 1.2.840.113556.1.5.26 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: rpcEntry +systemMustContain: rpcNsPriority, rpcNsInterfaceID +systemMayContain: rpcNsProfileEntry, rpcNsAnnotation +systemPossSuperiors: rpcProfile +schemaIdGuid:f29653cf-7ad0-11d0-afd6-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=rpc-Profile-Element,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: rpc-Server +ldapDisplayName: rpcServer +governsId: 1.2.840.113556.1.5.81 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: rpcEntry +systemMayContain: rpcNsObjectID, rpcNsEntryFlags, rpcNsCodeset +systemPossSuperiors: container +schemaIdGuid:88611be0-8cf4-11d0-afda-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=rpc-Server,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: rpc-Server-Element +ldapDisplayName: rpcServerElement +governsId: 1.2.840.113556.1.5.73 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: rpcEntry +systemMustContain: rpcNsTransferSyntax, rpcNsInterfaceID,rpcNsBindings +systemPossSuperiors: rpcServer +schemaIdGuid:f29653d0-7ad0-11d0-afd6-00c04fd930c9 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=rpc-Server-Element,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: RRAS-Administration-Connection-Point +ldapDisplayName: rRASAdministrationConnectionPoint +governsId: 1.2.840.113556.1.5.150 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: serviceAdministrationPoint +systemMayContain: msRRASAttribute +systemPossSuperiors: computer +schemaIdGuid:2a39c5be-8960-11d1-aebc-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;DA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;CO)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=RRAS-Administration-Connection-Point,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: RRAS-Administration-Dictionary +ldapDisplayName: rRASAdministrationDictionary +governsId: 1.2.840.113556.1.5.156 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: msRRASVendorAttributeEntry +systemPossSuperiors: container +schemaIdGuid:f39b98ae-938d-11d1-aebd-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=RRAS-Administration-Dictionary,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Sam-Domain +ldapDisplayName: samDomain +governsId: 1.2.840.113556.1.5.3 +objectClassCategory: 3 +rdnAttId: cn +subClassOf: top +systemAuxiliaryClass: samDomainBase +systemMayContain: treeName, rIDManagerReference, replicaSource,pwdProperties, pwdHistoryLength, privateKey, pekList,pekKeyChangeInterval, nTMixedDomain, nextRid, nETBIOSName,msDS-PerUserTrustTombstonesQuota, msDS-PerUserTrustQuota,ms-DS-MachineAccountQuota, msDS-LogonTimeSyncInterval,msDS-AllUsersTrustQuota, modifiedCountAtLastProm, minPwdLength,minPwdAge, maxPwdAge, lSAModifiedCount, lSACreationTime,lockoutThreshold, lockoutDuration, lockOutObservationWindow,gPOptions, gPLink, eFSPolicy, domainPolicyObject, desktopProfile,description, defaultLocalPolicyObject, creationTime,controlAccessRights, cACertificate, builtinModifiedCount,builtinCreationTime, auditingPolicy +schemaIdGuid:bf967a90-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(OA;;CR;1131f6aa-9c07-11d1-f79f-00c04fc2dcd2;;S-1-5-21-2848215498-2472035911-1947525656-498)(A;;RP;;;WD)(OA;;CR;1131f6aa-9c07-11d1-f79f-00c04fc2dcd2;;ED)(OA;;CR;1131f6ab-9c07-11d1-f79f-00c04fc2dcd2;;ED)(OA;;CR;1131f6ac-9c07-11d1-f79f-00c04fc2dcd2;;ED)(OA;;CR;1131f6aa-9c07-11d1-f79f-00c04fc2dcd2;;BA)(OA;;CR;1131f6ab-9c07-11d1-f79f-00c04fc2dcd2;;BA)(OA;;CR;1131f6ac-9c07-11d1-f79f-00c04fc2dcd2;;BA)(A;;RPLCLORC;;;AU)(A;;RPWPCRLCLOCCRCWDWOSW;;;DA)(A;CI;RPWPCRLCLOCCRCWDWOSDSW;;;BA)(A;;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;SY)(A;CI;RPWPCRLCLOCCDCRCWDWOSDDTSW;;;EA)(A;CI;LC;;;RU)(OA;CIIO;RP;037088f8-0ae1-11d2-b422-00a0c968f939;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIIO;RP;59ba2f42-79a2-11d0-9020-00c04fc2d3cf;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIIO;RP;bc0ac240-79a9-11d0-9020-00c04fc2d4cf;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIIO;RP;4c164200-20c0-11d0-a768-00aa006e0529;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;CIIO;RP;5f202010-79a5-11d0-9020-00c04fc2d4cf;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(OA;;RP;c7407360-20bf-11d0-a768-00aa006e0529;;RU)(OA;CIIO;RPLCLORC;;bf967a9c-0de6-11d0-a285-00aa003049e2;RU)(A;;RPRC;;;RU)(OA;CIIO;RPLCLORC;;bf967aba-0de6-11d0-a285-00aa003049e2;RU)(A;;LCRPLORC;;;ED)(OA;CIIO;RP;037088f8-0ae1-11d2-b422-00a0c968f939;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;CIIO;RP;59ba2f42-79a2-11d0-9020-00c04fc2d3cf;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;CIIO;RP;bc0ac240-79a9-11d0-9020-00c04fc2d4cf;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;CIIO;RP;4c164200-20c0-11d0-a768-00aa006e0529;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;CIIO;RP;5f202010-79a5-11d0-9020-00c04fc2d4cf;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;CIIO;RPLCLORC;;4828CC14-1437-45bc-9B07-AD6F015E5F28;RU)(OA;;RP;b8119fd0-04f6-4762-ab7a-4986c76b3f9a;;RU)(OA;;RP;b8119fd0-04f6-4762-ab7a-4986c76b3f9a;;AU)(OA;CIIO;RP;b7c69e6d-2cc7-11d2-854e-00a0c983f608;bf967aba-0de6-11d0-a285-00aa003049e2;ED)(OA;CIIO;RP;b7c69e6d-2cc7-11d2-854e-00a0c983f608;bf967a9c-0de6-11d0-a285-00aa003049e2;ED)(OA;CIIO;RP;b7c69e6d-2cc7-11d2-854e-00a0c983f608;bf967a86-0de6-11d0-a285-00aa003049e2;ED)(OA;;CR;1131f6ad-9c07-11d1-f79f-00c04fc2dcd2;;DD)(OA;;CR;89e95b76-444d-4c62-991a-0facbeda640c;;ED)(OA;;CR;1131f6ad-9c07-11d1-f79f-00c04fc2dcd2;;BA)(OA;;CR;89e95b76-444d-4c62-991a-0facbeda640c;;BA)(OA;;CR;e2a36dc9-ae17-47c3-b58b-be34c55ba633;;S-1-5-32-557)(OA;;CR;280f369c-67c7-438e-ae98-1d46f3c6f541;;AU)(OA;;CR;ccc2dc7d-a6ad-4a7a-8846-c04e3cc53501;;AU)(OA;;CR;05c74c5e-4deb-43b4-bd9f-86664c2a7fd5;;AU)(OA;;CR;1131f6ae-9c07-11d1-f79f-00c04fc2dcd2;;ED)(OA;;CR;1131f6ae-9c07-11d1-f79f-00c04fc2dcd2;;BA)(OA;CIIO;CRRPWP;91e647de-d96f-4b70-9557-d63ff4f3ccd8;;PS)S:(AU;SA;WDWOWP;;;WD)(AU;SA;CR;;;BA)(AU;SA;CR;;;DU)(OU;CISA;WP;f30e3bbe-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)(OU;CISA;WP;f30e3bbf-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Sam-Domain,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Sam-Domain-Base +ldapDisplayName: samDomainBase +governsId: 1.2.840.113556.1.5.2 +objectClassCategory: 3 +rdnAttId: cn +subClassOf: top +systemMayContain: uASCompat, serverState, serverRole, revision,pwdProperties, pwdHistoryLength, oEMInformation, objectSid,nTSecurityDescriptor, nextRid, modifiedCountAtLastProm,modifiedCount, minPwdLength, minPwdAge, maxPwdAge, lockoutThreshold,lockoutDuration, lockOutObservationWindow, forceLogoff,domainReplica, creationTime +schemaIdGuid:bf967a91-0de6-11d0-a285-00aa003049e2 +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Sam-Domain-Base,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Sam-Server +ldapDisplayName: samServer +governsId: 1.2.840.113556.1.5.5 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: securityObject +systemMayContain: samDomainUpdates +systemPossSuperiors: domainDNS +schemaIdGuid:bf967aad-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(A;;RPLCLORC;;;RU)(OA;;CR;91d67418-0135-4acc-8d79-c08e857cfbec;;AU)(OA;;CR;91d67418-0135-4acc-8d79-c08e857cfbec;;RU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Sam-Server,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Secret +ldapDisplayName: secret +governsId: 1.2.840.113556.1.5.28 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: leaf +systemMayContain: priorValue, priorSetTime, lastSetTime, currentValue +systemPossSuperiors: container +schemaIdGuid:bf967aae-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Secret,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Security-Object +ldapDisplayName: securityObject +governsId: 1.2.840.113556.1.5.1 +objectClassCategory: 2 +rdnAttId: cn +subClassOf: top +systemMustContain: cn +systemPossSuperiors: container +schemaIdGuid:bf967aaf-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Security-Object,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Security-Principal +ldapDisplayName: securityPrincipal +governsId: 1.2.840.113556.1.5.6 +objectClassCategory: 3 +rdnAttId: cn +subClassOf: top +systemMustContain: sAMAccountName, objectSid +systemMayContain: supplementalCredentials, sIDHistory,securityIdentifier, sAMAccountType, rid, tokenGroupsNoGCAcceptable,tokenGroupsGlobalAndUniversal, tokenGroups, nTSecurityDescriptor,msDS-KeyVersionNumber, altSecurityIdentities, accountNameHistory +schemaIdGuid:bf967ab0-0de6-11d0-a285-00aa003049e2 +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Security-Principal,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Server +ldapDisplayName: server +governsId: 1.2.840.113556.1.5.17 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: msDS-IsUserCachableAtRodc, msDS-SiteName,msDS-isRODC, msDS-isGC, mailAddress, serverReference, serialNumber,managedBy, dNSHostName, bridgeheadTransportList +systemPossSuperiors: serversContainer +schemaIdGuid:bf967a92-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;CI;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Server,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Servers-Container +ldapDisplayName: serversContainer +governsId: 1.2.840.113556.1.5.7000.48 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemPossSuperiors: site +schemaIdGuid:f780acc0-56f0-11d1-a9c6-0000f80367c1 +defaultSecurityDescriptor: D:(A;;CC;;;BA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Servers-Container,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Service-Administration-Point +ldapDisplayName: serviceAdministrationPoint +governsId: 1.2.840.113556.1.5.94 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: serviceConnectionPoint +systemPossSuperiors: computer +schemaIdGuid:b7b13123-b82e-11d0-afee-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Service-Administration-Point,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Service-Class +ldapDisplayName: serviceClass +governsId: 1.2.840.113556.1.5.29 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: leaf +systemMustContain: serviceClassID, displayName +systemMayContain: serviceClassInfo +systemPossSuperiors: container +schemaIdGuid:bf967ab1-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Service-Class,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Service-Connection-Point +ldapDisplayName: serviceConnectionPoint +governsId: 1.2.840.113556.1.5.126 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: connectionPoint +systemMayContain: versionNumberLo, versionNumberHi, versionNumber,vendor, serviceDNSNameType, serviceDNSName, serviceClassName,serviceBindingInformation, appSchemaVersion +systemPossSuperiors: organizationalUnit, container, computer +schemaIdGuid:28630ec1-41d5-11d1-a9c1-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;CO)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Service-Connection-Point,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Service-Instance +ldapDisplayName: serviceInstance +governsId: 1.2.840.113556.1.5.30 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: connectionPoint +systemMustContain: serviceClassID, displayName +systemMayContain: winsockAddresses, serviceInstanceVersion +systemPossSuperiors: container +schemaIdGuid:bf967ab2-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Service-Instance,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: ShadowAccount +ldapDisplayName: shadowAccount +governsId: 1.3.6.1.1.1.2.1 +objectClassCategory: 3 +rdnAttId: uid +subClassOf: top +mayContain: uid, userPassword, description, shadowLastChange,shadowMin, shadowMax, shadowWarning, shadowInactive, shadowExpire,shadowFlag +schemaIdGuid:5b6d8467-1a18-4174-b350-9cc6e7b4ac8d +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=ShadowAccount,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: simpleSecurityObject +ldapDisplayName: simpleSecurityObject +governsId: 0.9.2342.19200300.100.4.19 +objectClassCategory: 3 +rdnAttId: cn +subClassOf: top +mayContain: userPassword +schemaIdGuid:5fe69b0b-e146-4f15-b0ab-c1e5d488e094 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLOLORCWOWDSDDTDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=simpleSecurityObject,CN=Schema,CN=Configuration,<RootDomainDN> + +cn: Site +ldapDisplayName: site +governsId: 1.2.840.113556.1.5.31 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: notificationList, mSMQSiteID, mSMQSiteForeign,mSMQNt4Stub, mSMQInterval2, mSMQInterval1, managedBy, location,gPOptions, gPLink, msDS-BridgeHeadServersUsed +systemPossSuperiors: sitesContainer +schemaIdGuid:bf967ab3-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(A;;LCRPLORC;;;ED) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Site,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Site-Link +ldapDisplayName: siteLink +governsId: 1.2.840.113556.1.5.147 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: siteList +systemMayContain: schedule, replInterval, options, cost +systemPossSuperiors: interSiteTransport +schemaIdGuid:d50c2cde-8951-11d1-aebc-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: FALSE +systemOnly: FALSE +defaultObjectCategory: CN=Site-Link,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Site-Link-Bridge +ldapDisplayName: siteLinkBridge +governsId: 1.2.840.113556.1.5.148 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMustContain: siteLinkList +systemPossSuperiors: interSiteTransport +schemaIdGuid:d50c2cdf-8951-11d1-aebc-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: FALSE +systemOnly: FALSE +defaultObjectCategory: CN=Site-Link-Bridge,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Sites-Container +ldapDisplayName: sitesContainer +governsId: 1.2.840.113556.1.5.107 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemPossSuperiors: configuration +schemaIdGuid:7a4117da-cd67-11d0-afff-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Sites-Container,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Storage +ldapDisplayName: storage +governsId: 1.2.840.113556.1.5.33 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: connectionPoint +systemMayContain: monikerDisplayName, moniker, iconPath +systemPossSuperiors: container +schemaIdGuid:bf967ab5-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Storage,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Subnet +ldapDisplayName: subnet +governsId: 1.2.840.113556.1.5.96 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: siteObject, physicalLocationObject, location +systemPossSuperiors: subnetContainer +schemaIdGuid:b7b13124-b82e-11d0-afee-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Subnet,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Subnet-Container +ldapDisplayName: subnetContainer +governsId: 1.2.840.113556.1.5.95 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemPossSuperiors: sitesContainer +schemaIdGuid:b7b13125-b82e-11d0-afee-0000f80367c1 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Subnet-Container,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: SubSchema +ldapDisplayName: subSchema +governsId: 2.5.20.1 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: objectClasses, modifyTimeStamp, extendedClassInfo,extendedAttributeInfo, dITContentRules, attributeTypes +systemPossSuperiors: dMD +schemaIdGuid:5a8b3261-c38d-11d1-bbc9-0080c76670c0 +defaultSecurityDescriptor: D:S: +defaultHidingValue: TRUE +systemOnly: TRUE +defaultObjectCategory: CN=SubSchema,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_DOMAIN_DISALLOW_RENAME + +cn: Top +ldapDisplayName: top +governsId: 2.5.6.0 +objectClassCategory: 2 +rdnAttId: cn +subClassOf: top +systemMustContain: objectClass, objectCategory, nTSecurityDescriptor,instanceType +mayContain: msSFU30PosixMemberOf, msDFSR-ComputerReferenceBL,msDFSR-MemberReferenceBL, msDS-ObjectReferenceBL +systemMayContain: msDS-EnabledFeatureBL, msDS-LastKnownRDN, msDS-HostServiceAccountBL,msDS-OIDToGroupLinkBl, msDS-LocalEffectiveRecycleTime,msDS-LocalEffectiveDeletionTime, isRecycled, msDS-NcType,msDS-PSOApplied, msDS-PrincipalName,msDS-RevealedListBL, msDS-AuthenticatedToAccountlist,msDS-IsPartialReplicaFor, msDS-IsDomainFor, msDS-IsFullReplicaFor,msDS-RevealedDSAs, msDS-KrbTgtLinkBl, url, wWWHomePage, whenCreated,whenChanged, wellKnownObjects, wbemPath, uSNSource, uSNLastObjRem,USNIntersite, uSNDSALastObjRemoved, uSNCreated, uSNChanged,systemFlags, subSchemaSubEntry, subRefs, structuralObjectClass,siteObjectBL, serverReferenceBL, sDRightsEffective, revision,repsTo, repsFrom, directReports, replUpToDateVector,replPropertyMetaData, name, queryPolicyBL, proxyAddresses,proxiedObjectName, possibleInferiors, partialAttributeSet,partialAttributeDeletionList, otherWellKnownObjects, objectVersion,objectGUID, distinguishedName, nonSecurityMemberBL, netbootSCPBL,ownerBL, msDS-ReplValueMetaData, msDS-ReplAttributeMetaData,msDS-NonMembersBL, msDS-NCReplOutboundNeighbors,msDS-NCReplInboundNeighbors, msDS-NCReplCursors,msDS-TasksForAzRoleBL, msDS-TasksForAzTaskBL,msDS-OperationsForAzRoleBL, msDS-OperationsForAzTaskBL,msDS-MembersForAzRoleBL, msDs-masteredBy, mS-DS-ConsistencyGuid,mS-DS-ConsistencyChildCount, msDS-Approx-Immed-Subordinates,msCOM-PartitionSetLink, msCOM-UserLink, modifyTimeStamp, masteredBy,managedObjects, lastKnownParent, isPrivilegeHolder, memberOf,isDeleted, isCriticalSystemObject, showInAdvancedViewOnly,fSMORoleOwner, fRSMemberReferenceBL, frsComputerReferenceBL,fromEntry, flags, extensionName, dSASignature,dSCorePropagationData, displayNamePrintable, displayName,description, createTimeStamp, cn, canonicalName,bridgeheadServerListBL, allowedChildClassesEffective,allowedChildClasses, allowedAttributesEffective, allowedAttributes,adminDisplayName, adminDescription, msDS-NC-RO-Replica-Locations-BL +systemPossSuperiors: lostAndFound +schemaIdGuid:bf967ab7-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: TRUE +defaultObjectCategory: CN=Top,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Trusted-Domain +ldapDisplayName: trustedDomain +governsId: 1.2.840.113556.1.5.34 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: leaf +systemMayContain: msDS-SupportedEncryptionTypes, trustType,trustPosixOffset, trustPartner, trustDirection, trustAuthOutgoing,trustAuthIncoming, trustAttributes, securityIdentifier,msDS-TrustForestTrustInfo, mS-DS-CreatorSID, initialAuthOutgoing,initialAuthIncoming, flatName, domainIdentifier, domainCrossRef,additionalTrustedServiceNames +systemPossSuperiors: container +schemaIdGuid:bf967ab8-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(OA;;WP;736e4812-af31-11d2-b7df-00805f48caeb;bf967ab8-0de6-11d0-a285-00aa003049e2;CO)(A;;SD;;;CO) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Trusted-Domain,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Type-Library +ldapDisplayName: typeLibrary +governsId: 1.2.840.113556.1.5.53 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: top +systemMayContain: cOMUniqueLIBID, cOMInterfaceID, cOMClassID +systemPossSuperiors: classStore +schemaIdGuid:281416e2-1968-11d0-a28f-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: TRUE +systemOnly: FALSE +defaultObjectCategory: CN=Type-Library,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: User +ldapDisplayName: user +governsId: 1.2.840.113556.1.5.9 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: organizationalPerson +auxiliaryClass: shadowAccount, posixAccount +systemAuxiliaryClass: securityPrincipal, mailRecipient +mayContain: msSFU30NisDomain, msSFU30Name, msDS-SourceObjectDN,x500uniqueIdentifier, userSMIMECertificate, userPKCS12, uid,secretary, roomNumber, preferredLanguage, photo, labeledURI,jpegPhoto, homePostalAddress, givenName, employeeType,employeeNumber, displayName, departmentNumber, carLicense, audio +systemMayContain: msTSPrimaryDesktop, msTSSecondaryDesktops,msPKI-CredentialRoamingTokens, msDS-ResultantPSO, msTSLSProperty01,msTSLSProperty02, msTSManagingLS2, msTSManagingLS3, msTSManagingLS4,msTSLicenseVersion2, msTSLicenseVersion3, msTSLicenseVersion4,msTSExpireDate2, msTSExpireDate3, msTSExpireDate4,msDS-AuthenticatedAtDC, msDS-UserPasswordExpiryTimeComputed,msTSManagingLS, msTSLicenseVersion, msTSExpireDate, msTSProperty02,msTSProperty01, msTSInitialProgram, msTSWorkDirectory,msTSDefaultToMainPrinter, msTSConnectPrinterDrives,msTSConnectClientDrives, msTSBrokenConnectionAction,msTSReconnectionAction, msTSMaxIdleTime, msTSMaxConnectionTime,msTSMaxDisconnectionTime, msTSRemoteControl, msTSAllowLogon,msTSHomeDrive, msTSHomeDirectory, msTSProfilePath,msDS-FailedInteractiveLogonCountAtLastSuccessfulLogon,msDS-FailedInteractiveLogonCount,msDS-LastFailedInteractiveLogonTime,msDS-LastSuccessfulInteractiveLogonTime,msRADIUS-SavedFramedIpv6Route, msRADIUS-FramedIpv6Route,msRADIUS-SavedFramedIpv6Prefix, msRADIUS-FramedIpv6Prefix,msRADIUS-SavedFramedInterfaceId, msRADIUS-FramedInterfaceId,msPKIAccountCredentials, msPKIDPAPIMasterKeys,msPKIRoamingTimeStamp, msDS-SupportedEncryptionTypes,msDS-SecondaryKrbTgtNumber, pager, o, mobile, manager, mail,initials, homePhone, businessCategory, userCertificate,userWorkstations, userSharedFolderOther, userSharedFolder,userPrincipalName, userParameters, userAccountControl, unicodePwd,terminalServer, servicePrincipalName, scriptPath, pwdLastSet,profilePath, primaryGroupID, preferredOU, otherLoginWorkstations,operatorCount, ntPwdHistory, networkAddress, msRASSavedFramedRoute,msRASSavedFramedIPAddress, msRASSavedCallbackNumber,msRADIUSServiceType, msRADIUSFramedRoute, msRADIUSFramedIPAddress,msRADIUSCallbackNumber, msNPSavedCallingStationID,msNPCallingStationID, msNPAllowDialin, mSMQSignCertificatesMig,mSMQSignCertificates, mSMQDigestsMig, mSMQDigests, msIIS-FTPRoot,msIIS-FTPDir, msDS-User-Account-Control-Computed,msDS-Site-Affinity, mS-DS-CreatorSID,msDS-Cached-Membership-Time-Stamp, msDS-Cached-Membership,msDRM-IdentityCertificate, msCOM-UserPartitionSetLink, maxStorage,logonWorkstation, logonHours, logonCount, lockoutTime, localeID,lmPwdHistory, lastLogonTimestamp, lastLogon, lastLogoff, homeDrive,homeDirectory, groupsToIgnore, groupPriority, groupMembershipSAM,dynamicLDAPServer, desktopProfile, defaultClassStore, dBCSPwd,controlAccessRights, codePage, badPwdCount, badPasswordTime,adminCount, aCSPolicyName, accountExpires +schemaIdGuid:bf967aba-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;AO)(A;;RPLCLORC;;;PS)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;CR;ab721a54-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;CR;ab721a56-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;RPWP;77B5B886-944A-11d1-AEBD-0000F80367C1;;PS)(OA;;RPWP;E45795B2-9455-11d1-AEBD-0000F80367C1;;PS)(OA;;RPWP;E45795B3-9455-11d1-AEBD-0000F80367C1;;PS)(OA;;RP;037088f8-0ae1-11d2-b422-00a0c968f939;;RS)(OA;;RP;4c164200-20c0-11d0-a768-00aa006e0529;;RS)(OA;;RP;bc0ac240-79a9-11d0-9020-00c04fc2d4cf;;RS)(A;;RC;;;AU)(OA;;RP;59ba2f42-79a2-11d0-9020-00c04fc2d3cf;;AU)(OA;;RP;77B5B886-944A-11d1-AEBD-0000F80367C1;;AU)(OA;;RP;E45795B3-9455-11d1-AEBD-0000F80367C1;;AU)(OA;;RP;e48d0154-bcf8-11d1-8702-00c04fb96050;;AU)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;WD)(OA;;RP;5f202010-79a5-11d0-9020-00c04fc2d4cf;;RS)(OA;;RPWP;bf967a7f-0de6-11d0-a285-00aa003049e2;;CA)(OA;;RP;46a9b11d-60ae-405a-b7e8-ff8a58d456d2;;S-1-5-32-560)(OA;;WPRP;6db69a1c-9422-11d1-aebd-0000f80367c1;;S-1-5-32-561)(OA;;WPRP;5805bc62-bdc9-4428-a5e2-856a0f4c185e;;S-1-5-32-561) +systemPossSuperiors: builtinDomain, organizationalUnit, domainDNS +defaultHidingValue: FALSE +systemOnly: FALSE +defaultObjectCategory: CN=Person,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + +cn: Volume +ldapDisplayName: volume +governsId: 1.2.840.113556.1.5.36 +objectClassCategory: 1 +rdnAttId: cn +subClassOf: connectionPoint +systemMustContain: uNCName +systemMayContain: lastContentIndexed, contentIndexingAllowed +systemPossSuperiors: organizationalUnit, domainDNS +schemaIdGuid:bf967abb-0de6-11d0-a285-00aa003049e2 +defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) +defaultHidingValue: FALSE +systemOnly: FALSE +defaultObjectCategory: CN=Volume,CN=Schema,CN=Configuration,<RootDomainDN> +systemFlags: FLAG_SCHEMA_BASE_OBJECT + diff --git a/source4/setup/aggregate_schema.ldif b/source4/setup/aggregate_schema.ldif index 2726704719..662f1abd00 100644 --- a/source4/setup/aggregate_schema.ldif +++ b/source4/setup/aggregate_schema.ldif @@ -1,3 +1,5 @@ dn: CN=Aggregate,${SCHEMADN} objectClass: top objectClass: subSchema +showInAdvancedViewOnly: FALSE +systemFlags: 134217728 diff --git a/source4/setup/provision.ldif b/source4/setup/provision.ldif index 395d404268..93fa0bf322 100644 --- a/source4/setup/provision.ldif +++ b/source4/setup/provision.ldif @@ -431,7 +431,7 @@ dn: CN=RID Manager$,CN=System,${DOMAINDN} objectClass: top objectClass: rIDManager systemFlags: -1946157056 -rIDAvailablePool: 4611686014132423217 +rIDAvailablePool: 1001-1073741823 isCriticalSystemObject: TRUE dn: CN=RpcServices,CN=System,${DOMAINDN} diff --git a/source4/setup/provision_schema_basedn.ldif b/source4/setup/provision_schema_basedn.ldif index 6fe0b0ea93..77720fa82b 100644 --- a/source4/setup/provision_schema_basedn.ldif +++ b/source4/setup/provision_schema_basedn.ldif @@ -7,3 +7,4 @@ objectClass: dMD cn: Schema nTSecurityDescriptor:: ${DESCRIPTOR} instanceType: 13 +msDS-NcType: 0 diff --git a/source4/setup/provision_self_join.ldif b/source4/setup/provision_self_join.ldif index 0d28b51a43..6cfdc197cc 100644 --- a/source4/setup/provision_self_join.ldif +++ b/source4/setup/provision_self_join.ldif @@ -15,7 +15,6 @@ localPolicyFlags: 0 operatingSystem: Samba operatingSystemVersion: ${SAMBA_VERSION_STRING} primaryGroupID: 516 -# "rIDSetReferences" doesn't exist since we still miss distributed RIDs sAMAccountName: ${NETBIOSNAME}$ # "servicePrincipalName" for FRS doesn't exit since we still miss FRS support # "servicePrincipalName"s for DNS ("ldap/../ForestDnsZones", @@ -33,9 +32,10 @@ servicePrincipalName: ldap/${DNSNAME} servicePrincipalName: ldap/${DNSNAME}/${REALM} userAccountControl: 532480 userPassword:: ${MACHINEPASS_B64} +objectSID: ${DOMAINSID}-1000 -# Here are missing the objects for the NTFRS subscription and the RID set since -# we don't support those techniques (FRS, distributed RIDs) yet. +# Here are missing the objects for the NTFRS subscription since we don't +# support this technique yet. # Objects under "Configuration/Sites/<Default sitename>/Servers" @@ -68,17 +68,3 @@ msDS-hasMasterNCs: ${DOMAINDN} options: 1 systemFlags: 33554432 ${NTDSGUID} - -# Provides an account for DNS keytab export -dn: CN=dns,CN=Users,${DOMAINDN} -objectClass: top -objectClass: person -objectClass: organizationalPerson -objectClass: user -description: DNS Service Account -userAccountControl: 514 -accountExpires: 9223372036854775807 -sAMAccountName: dns -servicePrincipalName: DNS/${DNSDOMAIN} -userPassword:: ${DNSPASS_B64} -isCriticalSystemObject: TRUE diff --git a/source4/setup/provision_self_join_modify.ldif b/source4/setup/provision_self_join_modify.ldif index dfcca728f2..f81a2b69c7 100644 --- a/source4/setup/provision_self_join_modify.ldif +++ b/source4/setup/provision_self_join_modify.ldif @@ -33,3 +33,18 @@ changetype: modify add: servicePrincipalName servicePrincipalName: E3514235-4B06-11D1-AB04-00C04FC2DCD2/${NTDSGUID}/${DNSDOMAIN} servicePrincipalName: ldap/${NTDSGUID}._msdcs.${DNSDOMAIN} + +# NOTE: This account is SAMBA4 specific! +dn: CN=dns,CN=Users,${DOMAINDN} +changetype: add +objectClass: top +objectClass: person +objectClass: organizationalPerson +objectClass: user +description: DNS Service Account +userAccountControl: 514 +accountExpires: 9223372036854775807 +sAMAccountName: dns +servicePrincipalName: DNS/${DNSDOMAIN} +userPassword:: ${DNSPASS_B64} +isCriticalSystemObject: TRUE diff --git a/source4/setup/schema_samba4.ldif b/source4/setup/schema_samba4.ldif index 70ae5d8d77..e28aa0e5cb 100644 --- a/source4/setup/schema_samba4.ldif +++ b/source4/setup/schema_samba4.ldif @@ -182,6 +182,7 @@ #Allocated: DSDB_EXTENDED_SCHEMA_UPDATE_NOW_OID 1.3.6.1.4.1.7165.4.4.2 #Allocated: LDB_EXTENDED_SEQUENCE_NUMBER 1.3.6.1.4.1.7165.4.4.3 #Allocated: DSDB_EXTENDED_CREATE_PARTITION_OID 1.3.6.1.4.1.7165.4.4.4 +#Allocated: DSDB_EXTENDED_ALLOCATE_RID_POOL 1.3.6.1.4.1.7165.4.4.5 #Allocated: (middleName) attributeID: 1.3.6.1.4.1.7165.4.255.1 diff --git a/source4/smbd/process_prefork.c b/source4/smbd/process_prefork.c index f890a528d5..721856bb46 100644 --- a/source4/smbd/process_prefork.c +++ b/source4/smbd/process_prefork.c @@ -114,6 +114,9 @@ static void prefork_new_task(struct tevent_context *ev, /* This is now the child code. We need a completely new event_context to work with */ ev2 = s4_event_context_init(NULL); + /* setup this as the default context */ + s4_event_context_set_default(ev2); + /* the service has given us a private pointer that encapsulates the context it needs for this new connection - everything else will be freed */ @@ -171,7 +174,10 @@ static void prefork_new_task(struct tevent_context *ev, /* But we need a events system to handle reaping children */ ev_parent = s4_event_context_init(NULL); - + + /* setup this as the default context */ + s4_event_context_set_default(ev_parent); + /* TODO: Handle some events... */ /* we can't return to the top level here, as that event context is gone, diff --git a/source4/smbd/process_single.c b/source4/smbd/process_single.c index ff57a0bc34..f873de47af 100644 --- a/source4/smbd/process_single.c +++ b/source4/smbd/process_single.c @@ -99,7 +99,7 @@ static void single_new_task(struct tevent_context *ev, /* called when a task goes down */ static void single_terminate(struct tevent_context *ev, struct loadparm_context *lp_ctx, const char *reason) { - DEBUG(2,("single_terminate: reason[%s]\n",reason)); + DEBUG(3,("single_terminate: reason[%s]\n",reason)); } /* called to set a title of a task or connection */ diff --git a/source4/smbd/process_standard.c b/source4/smbd/process_standard.c index ab5ad5760c..145cbc0a2b 100644 --- a/source4/smbd/process_standard.c +++ b/source4/smbd/process_standard.c @@ -108,6 +108,9 @@ static void standard_accept_connection(struct tevent_context *ev, /* This is now the child code. We need a completely new event_context to work with */ ev2 = s4_event_context_init(NULL); + /* setup this as the default context */ + s4_event_context_set_default(ev2); + /* the service has given us a private pointer that encapsulates the context it needs for this new connection - everything else will be freed */ @@ -179,6 +182,9 @@ static void standard_new_task(struct tevent_context *ev, /* This is now the child code. We need a completely new event_context to work with */ ev2 = s4_event_context_init(NULL); + /* setup this as the default context */ + s4_event_context_set_default(ev2); + /* the service has given us a private pointer that encapsulates the context it needs for this new connection - everything else will be freed */ diff --git a/source4/smbd/server.c b/source4/smbd/server.c index e73cdfd659..99e9c68a87 100644 --- a/source4/smbd/server.c +++ b/source4/smbd/server.c @@ -376,6 +376,9 @@ static int binary_smbd_main(const char *binary_name, int argc, const char *argv[ should hang off that */ event_ctx = s4_event_context_init(talloc_autofree_context()); + /* setup this as the default context */ + s4_event_context_set_default(event_ctx); + if (event_ctx == NULL) { DEBUG(0,("Initializing event context failed\n")); return 1; diff --git a/source4/torture/raw/lock.c b/source4/torture/raw/lock.c index 7eb461048b..6c86a6f615 100644 --- a/source4/torture/raw/lock.c +++ b/source4/torture/raw/lock.c @@ -80,10 +80,14 @@ #define TARGET_SUPPORTS_INVALID_LOCK_RANGE(_tctx) \ (torture_setting_bool(_tctx, "invalid_lock_range_support", true)) +#define TARGET_SUPPORTS_SMBEXIT(_tctx) \ + (torture_setting_bool(_tctx, "smbexit_pdu_support", true)) #define TARGET_SUPPORTS_SMBLOCK(_tctx) \ (torture_setting_bool(_tctx, "smblock_pdu_support", true)) #define TARGET_SUPPORTS_OPENX_DENY_DOS(_tctx) \ (torture_setting_bool(_tctx, "openx_deny_dos_support", true)) +#define TARGET_RETURNS_RANGE_NOT_LOCKED(_tctx) \ + (torture_setting_bool(_tctx, "range_not_locked_on_file_close", true)) /* test SMBlock and SMBunlock ops */ @@ -786,7 +790,10 @@ static bool test_async(struct torture_context *tctx, CHECK_STATUS(status, NT_STATUS_OK); status = smbcli_request_simple_recv(req); - CHECK_STATUS(status, NT_STATUS_RANGE_NOT_LOCKED); + if (TARGET_RETURNS_RANGE_NOT_LOCKED(tctx)) + CHECK_STATUS(status, NT_STATUS_RANGE_NOT_LOCKED); + else + CHECK_STATUS(status, NT_STATUS_FILE_LOCK_CONFLICT); torture_assert(tctx,!(time(NULL) > t+2), talloc_asprintf(tctx, "lock cancel by close was not immediate (%s)\n", __location__)); @@ -816,46 +823,57 @@ static bool test_async(struct torture_context *tctx, tree->tid = tcon.tconx.out.tid; torture_comment(tctx, "testing cancel by exit\n"); - fname = BASEDIR "\\test_exit.txt"; - fnum = smbcli_open(tree, fname, O_RDWR|O_CREAT, DENY_NONE); - torture_assert(tctx,(fnum != -1), talloc_asprintf(tctx, - "Failed to reopen %s - %s\n", - fname, smbcli_errstr(tree))); - - io.lockx.level = RAW_LOCK_LOCKX; - io.lockx.in.file.fnum = fnum; - io.lockx.in.mode = LOCKING_ANDX_LARGE_FILES; - io.lockx.in.timeout = 0; - io.lockx.in.ulock_cnt = 0; - io.lockx.in.lock_cnt = 1; - lock[0].pid = session->pid; - lock[0].offset = 100; - lock[0].count = 10; - io.lockx.in.locks = &lock[0]; - status = smb_raw_lock(tree, &io); - CHECK_STATUS(status, NT_STATUS_OK); - - io.lockx.in.ulock_cnt = 0; - io.lockx.in.lock_cnt = 1; - io.lockx.in.mode = LOCKING_ANDX_LARGE_FILES; - io.lockx.in.timeout = 0; - status = smb_raw_lock(tree, &io); - CHECK_STATUS(status, NT_STATUS_LOCK_NOT_GRANTED); + if (TARGET_SUPPORTS_SMBEXIT(tctx)) { + fname = BASEDIR "\\test_exit.txt"; + fnum = smbcli_open(tree, fname, O_RDWR|O_CREAT, DENY_NONE); + torture_assert(tctx,(fnum != -1), talloc_asprintf(tctx, + "Failed to reopen %s - %s\n", + fname, smbcli_errstr(tree))); + + io.lockx.level = RAW_LOCK_LOCKX; + io.lockx.in.file.fnum = fnum; + io.lockx.in.mode = LOCKING_ANDX_LARGE_FILES; + io.lockx.in.timeout = 0; + io.lockx.in.ulock_cnt = 0; + io.lockx.in.lock_cnt = 1; + lock[0].pid = session->pid; + lock[0].offset = 100; + lock[0].count = 10; + io.lockx.in.locks = &lock[0]; + status = smb_raw_lock(tree, &io); + CHECK_STATUS(status, NT_STATUS_OK); - io.lockx.in.timeout = 10000; - t = time(NULL); - req = smb_raw_lock_send(tree, &io); - torture_assert(tctx,(req != NULL), talloc_asprintf(tctx, - "Failed to setup timed lock (%s)\n", __location__)); + io.lockx.in.ulock_cnt = 0; + io.lockx.in.lock_cnt = 1; + io.lockx.in.mode = LOCKING_ANDX_LARGE_FILES; + io.lockx.in.timeout = 0; + status = smb_raw_lock(tree, &io); + CHECK_STATUS(status, NT_STATUS_LOCK_NOT_GRANTED); + + io.lockx.in.timeout = 10000; + t = time(NULL); + req = smb_raw_lock_send(tree, &io); + torture_assert(tctx,(req != NULL), talloc_asprintf(tctx, + "Failed to setup timed lock (%s)\n", + __location__)); + + status = smb_raw_exit(session); + CHECK_STATUS(status, NT_STATUS_OK); - status = smb_raw_exit(session); - CHECK_STATUS(status, NT_STATUS_OK); + status = smbcli_request_simple_recv(req); + if (TARGET_RETURNS_RANGE_NOT_LOCKED(tctx)) + CHECK_STATUS(status, NT_STATUS_RANGE_NOT_LOCKED); + else + CHECK_STATUS(status, NT_STATUS_FILE_LOCK_CONFLICT); - status = smbcli_request_simple_recv(req); - CHECK_STATUS(status, NT_STATUS_RANGE_NOT_LOCKED); - - torture_assert(tctx,!(time(NULL) > t+2), talloc_asprintf(tctx, - "lock cancel by exit was not immediate (%s)\n", __location__)); + torture_assert(tctx,!(time(NULL) > t+2), talloc_asprintf(tctx, + "lock cancel by exit was not immediate (%s)\n", + __location__)); + } + else { + torture_comment(tctx, + " skipping test, SMBExit not supported\n"); + } torture_comment(tctx, "testing cancel by ulogoff\n"); fname = BASEDIR "\\test_ulogoff.txt"; @@ -894,15 +912,20 @@ static bool test_async(struct torture_context *tctx, CHECK_STATUS(status, NT_STATUS_OK); status = smbcli_request_simple_recv(req); - if (NT_STATUS_EQUAL(NT_STATUS_FILE_LOCK_CONFLICT, status)) { - torture_result(tctx, TORTURE_FAIL, - "lock not canceled by ulogoff - %s (ignored because of vfs_vifs fails it)\n", - nt_errstr(status)); - smb_tree_disconnect(tree); - smb_raw_exit(session); - goto done; + if (TARGET_RETURNS_RANGE_NOT_LOCKED(tctx)) { + if (NT_STATUS_EQUAL(NT_STATUS_FILE_LOCK_CONFLICT, status)) { + torture_result(tctx, TORTURE_FAIL, + "lock not canceled by ulogoff - %s " + "(ignored because of vfs_vifs fails it)\n", + nt_errstr(status)); + smb_tree_disconnect(tree); + smb_raw_exit(session); + goto done; + } + CHECK_STATUS(status, NT_STATUS_RANGE_NOT_LOCKED); + } else { + CHECK_STATUS(status, NT_STATUS_FILE_LOCK_CONFLICT); } - CHECK_STATUS(status, NT_STATUS_RANGE_NOT_LOCKED); torture_assert(tctx,!(time(NULL) > t+2), talloc_asprintf(tctx, "lock cancel by ulogoff was not immediate (%s)\n", __location__)); @@ -942,7 +965,10 @@ static bool test_async(struct torture_context *tctx, CHECK_STATUS(status, NT_STATUS_OK); status = smbcli_request_simple_recv(req); - CHECK_STATUS(status, NT_STATUS_RANGE_NOT_LOCKED); + if (TARGET_RETURNS_RANGE_NOT_LOCKED(tctx)) + CHECK_STATUS(status, NT_STATUS_RANGE_NOT_LOCKED); + else + CHECK_STATUS(status, NT_STATUS_FILE_LOCK_CONFLICT); torture_assert(tctx,!(time(NULL) > t+2), talloc_asprintf(tctx, "lock cancel by tdis was not immediate (%s)\n", __location__)); diff --git a/source4/torture/raw/open.c b/source4/torture/raw/open.c index 8c4311b530..e37fd8e09a 100644 --- a/source4/torture/raw/open.c +++ b/source4/torture/raw/open.c @@ -1879,6 +1879,203 @@ done: return ret; } +/** + * Test what happens when trying to open a file with directory parameters and + * vice-versa. Also test that NTCREATEX_OPTIONS_DIRECTORY is treated as + * mandatory and FILE_ATTRIBUTE_DIRECTORY is advisory for directory + * creation/opening. + */ +static bool test_ntcreatexdir(struct torture_context *tctx, + struct smbcli_state *cli) +{ + union smb_open io; + union smb_fileinfo finfo; + const char *fname = BASEDIR "\\torture_ntcreatex.txt"; + const char *dname = BASEDIR "\\torture_ntcreatex_dir"; + NTSTATUS status, expected_status; + bool ret = true; + int i; + uint32_t access_mask = 0; + + struct { + uint32_t open_disp; + uint32_t file_attr; + uint32_t create_options; + NTSTATUS correct_status; + } open_funcs[] = { + { NTCREATEX_DISP_SUPERSEDE, 0, NTCREATEX_OPTIONS_DIRECTORY, + NT_STATUS_INVALID_PARAMETER }, + { NTCREATEX_DISP_OPEN, 0, NTCREATEX_OPTIONS_DIRECTORY, + NT_STATUS_OBJECT_NAME_NOT_FOUND }, + { NTCREATEX_DISP_CREATE, 0, NTCREATEX_OPTIONS_DIRECTORY, + NT_STATUS_OK }, + { NTCREATEX_DISP_OPEN_IF, 0, NTCREATEX_OPTIONS_DIRECTORY, + NT_STATUS_OK }, + { NTCREATEX_DISP_OVERWRITE, 0, NTCREATEX_OPTIONS_DIRECTORY, + NT_STATUS_INVALID_PARAMETER }, + { NTCREATEX_DISP_OVERWRITE_IF, 0, NTCREATEX_OPTIONS_DIRECTORY, + NT_STATUS_INVALID_PARAMETER }, + { NTCREATEX_DISP_SUPERSEDE, FILE_ATTRIBUTE_DIRECTORY, 0, + NT_STATUS_OK }, + { NTCREATEX_DISP_OPEN, FILE_ATTRIBUTE_DIRECTORY, 0, + NT_STATUS_OBJECT_NAME_NOT_FOUND }, + { NTCREATEX_DISP_CREATE, FILE_ATTRIBUTE_DIRECTORY, 0, + NT_STATUS_OK }, + { NTCREATEX_DISP_OPEN_IF, FILE_ATTRIBUTE_DIRECTORY, 0, + NT_STATUS_OK }, + { NTCREATEX_DISP_OVERWRITE, FILE_ATTRIBUTE_DIRECTORY, 0, + NT_STATUS_OBJECT_NAME_NOT_FOUND }, + { NTCREATEX_DISP_OVERWRITE_IF, FILE_ATTRIBUTE_DIRECTORY, 0, + NT_STATUS_OK }, + + }; + + if (!torture_setup_dir(cli, BASEDIR)) { + return false; + } + + /* setup some base params. */ + io.generic.level = RAW_OPEN_NTCREATEX; + io.ntcreatex.in.flags = NTCREATEX_FLAGS_EXTENDED; + io.ntcreatex.in.root_fid.fnum = 0; + io.ntcreatex.in.access_mask = SEC_RIGHTS_FILE_ALL; + io.ntcreatex.in.alloc_size = 0; + io.ntcreatex.in.share_access = NTCREATEX_SHARE_ACCESS_NONE; + io.ntcreatex.in.impersonation = NTCREATEX_IMPERSONATION_ANONYMOUS; + io.ntcreatex.in.security_flags = 0; + io.ntcreatex.in.fname = fname; + + /* + * Test the validity checking for create dispositions, which is done + * against the requested parameters rather than what's actually on + * disk. + */ + for (i=0; i<ARRAY_SIZE(open_funcs); i++) { + io.ntcreatex.in.open_disposition = open_funcs[i].open_disp; + io.ntcreatex.in.file_attr = open_funcs[i].file_attr; + io.ntcreatex.in.create_options = open_funcs[i].create_options; + status = smb_raw_open(cli->tree, tctx, &io); + if (!NT_STATUS_EQUAL(status, open_funcs[i].correct_status)) { + torture_result(tctx, TORTURE_FAIL, + "(%s) incorrect status %s should be %s " + "(i=%d open_disp=%d)\n", + __location__, nt_errstr(status), + nt_errstr(open_funcs[i].correct_status), + i, (int)open_funcs[i].open_disp); + ret = false; + } + /* Close and delete the file. */ + if (NT_STATUS_IS_OK(status)) { + if (open_funcs[i].create_options != 0) { + /* out attrib should be a directory. */ + torture_assert_int_equal(tctx, + io.ntcreatex.out.attrib, + FILE_ATTRIBUTE_DIRECTORY, "should have " + "created a directory"); + + smbcli_close(cli->tree, + io.ntcreatex.out.file.fnum); + + /* Make sure unlink fails. */ + status = smbcli_unlink(cli->tree, fname); + torture_assert_ntstatus_equal(tctx, status, + NT_STATUS_FILE_IS_A_DIRECTORY, + "unlink should fail for a directory"); + + status = smbcli_rmdir(cli->tree, fname); + torture_assert_ntstatus_ok(tctx, status, + "rmdir failed"); + } else { + torture_assert_int_equal(tctx, + io.ntcreatex.out.attrib, + FILE_ATTRIBUTE_ARCHIVE, "should not have " + "created a directory"); + + smbcli_close(cli->tree, + io.ntcreatex.out.file.fnum); + + /* Make sure rmdir fails. */ + status = smbcli_rmdir(cli->tree, fname); + torture_assert_ntstatus_equal(tctx, status, + NT_STATUS_NOT_A_DIRECTORY, + "rmdir should fail for a file"); + + status = smbcli_unlink(cli->tree, fname); + torture_assert_ntstatus_ok(tctx, status, + "unlink failed"); + } + } + } + + /* Create a file. */ + io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL; + io.ntcreatex.in.create_options = 0; + io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE; + status = smb_raw_open(cli->tree, tctx, &io); + torture_assert_ntstatus_ok(tctx, status, "Failed to create file."); + smbcli_close(cli->tree, io.ntcreatex.out.file.fnum); + + /* Try and open the file with file_attr_dir and check the error. */ + io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_DIRECTORY; + io.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN; + + status = smb_raw_open(cli->tree, tctx, &io); + torture_assert_ntstatus_ok(tctx, status, "FILE_ATTRIBUTE_DIRECTORY " + "doesn't produce a hard failure."); + smbcli_close(cli->tree, io.ntcreatex.out.file.fnum); + + /* Try and open file with createx_option_dir and check the error. */ + io.ntcreatex.in.file_attr = 0; + io.ntcreatex.in.create_options = NTCREATEX_OPTIONS_DIRECTORY; + + status = smb_raw_open(cli->tree, tctx, &io); + torture_assert_ntstatus_equal(tctx, status, NT_STATUS_NOT_A_DIRECTORY, + "NTCREATEX_OPTIONS_DIRECTORY will a file from being opened."); + smbcli_close(cli->tree, io.ntcreatex.out.file.fnum); + + /* Delete the file and move onto directory testing. */ + smbcli_unlink(cli->tree, fname); + + /* Now try some tests on a directory. */ + io.ntcreatex.in.open_disposition = NTCREATEX_DISP_CREATE; + io.ntcreatex.in.file_attr = 0; + io.ntcreatex.in.create_options = NTCREATEX_OPTIONS_DIRECTORY; + io.ntcreatex.in.fname = dname; + + status = smb_raw_open(cli->tree, tctx, &io); + torture_assert_ntstatus_ok(tctx, status, "Failed to create dir."); + + /* out attrib should be a directory. */ + torture_assert_int_equal(tctx, io.ntcreatex.out.attrib, + FILE_ATTRIBUTE_DIRECTORY, "should have created a directory"); + + smbcli_close(cli->tree, io.ntcreatex.out.file.fnum); + + /* Try and open it with normal attr and check the error. */ + io.ntcreatex.in.file_attr = FILE_ATTRIBUTE_NORMAL; + io.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN; + + status = smb_raw_open(cli->tree, tctx, &io); + torture_assert_ntstatus_ok(tctx, status, "FILE_ATTRIBUTE_NORMAL " + "doesn't produce a hard failure."); + smbcli_close(cli->tree, io.ntcreatex.out.file.fnum); + + /* Try and open it with file create_options and check the error. */ + io.ntcreatex.in.file_attr = 0; + io.ntcreatex.in.create_options = NTCREATEX_OPTIONS_NON_DIRECTORY_FILE; + + status = smb_raw_open(cli->tree, tctx, &io); + torture_assert_ntstatus_equal(tctx, status, + NT_STATUS_FILE_IS_A_DIRECTORY, + "NTCREATEX_OPTIONS_NON_DIRECTORY_FILE should be returned "); + smbcli_close(cli->tree, io.ntcreatex.out.file.fnum); + +done: + smbcli_close(cli->tree, io.ntcreatex.out.file.fnum); + smbcli_deltree(cli->tree, BASEDIR); + + return ret; +} /* basic testing of all RAW_OPEN_* calls */ @@ -1902,6 +2099,7 @@ struct torture_suite *torture_raw_open(TALLOC_CTX *mem_ctx) torture_suite_add_1smb_test(suite, "OPENX-OVER-DIR", test_openx_over_dir); torture_suite_add_1smb_test(suite, "OPEN-FOR-DELETE", test_open_for_delete); torture_suite_add_1smb_test(suite, "OPENDISP-DIR", test_ntcreatex_opendisp_dir); + torture_suite_add_1smb_test(suite, "NTCREATEDIR", test_ntcreatexdir); return suite; } diff --git a/source4/torture/rpc/rpc.c b/source4/torture/rpc/rpc.c index 3362bad605..2ab0d12743 100644 --- a/source4/torture/rpc/rpc.c +++ b/source4/torture/rpc/rpc.c @@ -462,6 +462,7 @@ NTSTATUS torture_rpc_init(void) torture_suite_add_suite(suite, torture_rpc_samr_accessmask(suite)); torture_suite_add_suite(suite, torture_rpc_samr_workstation_auth(suite)); torture_suite_add_suite(suite, torture_rpc_samr_passwords_pwdlastset(suite)); + torture_suite_add_suite(suite, torture_rpc_samr_passwords_badpwdcount(suite)); torture_suite_add_suite(suite, torture_rpc_samr_user_privileges(suite)); torture_suite_add_suite(suite, torture_rpc_samr_large_dc(suite)); torture_suite_add_suite(suite, torture_rpc_epmapper(suite)); diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c index b5aa761b79..8b466e8ef0 100644 --- a/source4/torture/rpc/samr.c +++ b/source4/torture/rpc/samr.c @@ -4,7 +4,7 @@ Copyright (C) Andrew Tridgell 2003 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2003 - Copyright (C) Guenther Deschner 2008,2009 + Copyright (C) Guenther Deschner 2008-2010 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -33,6 +33,10 @@ #include "libcli/security/security.h" #include "torture/rpc/rpc.h" #include "param/param.h" +#include "auth/gensec/gensec.h" +#include "auth/gensec/gensec_proto.h" +#include "../libcli/auth/schannel.h" +#include "auth/gensec/schannel_state.h" #include <unistd.h> @@ -46,6 +50,7 @@ enum torture_samr_choice { TORTURE_SAMR_PASSWORDS, TORTURE_SAMR_PASSWORDS_PWDLASTSET, + TORTURE_SAMR_PASSWORDS_BADPWDCOUNT, TORTURE_SAMR_USER_ATTRIBUTES, TORTURE_SAMR_USER_PRIVILEGES, TORTURE_SAMR_OTHER, @@ -2634,11 +2639,13 @@ static bool test_GetAliasMembership(struct dcerpc_pipe *p, /* only true for w2k8 it seems * win7, xp, w2k3 will return a 0 length array pointer */ - torture_assert(tctx, (rids.ids && !rids.count), - "samr_GetAliasMembership protocol misbehaviour"); + if (rids.ids && (rids.count == 0)) { + torture_fail(tctx, "samr_GetAliasMembership returned 0 count and a rids array"); + } #endif - torture_assert(tctx, (!rids.ids && rids.count), - "samr_GetAliasMembership protocol misbehaviour"); + if (!rids.ids && rids.count) { + torture_fail(tctx, "samr_GetAliasMembership returned non-0 count but no rids"); + } return true; } @@ -2730,17 +2737,24 @@ static bool test_QueryUserInfo_pwdlastset(struct dcerpc_pipe *p, static bool test_SamLogon(struct torture_context *tctx, struct dcerpc_pipe *p, struct cli_credentials *test_credentials, - NTSTATUS expected_result) + NTSTATUS expected_result, + bool interactive) { NTSTATUS status; struct netr_LogonSamLogonEx r; union netr_LogonLevel logon; union netr_Validation validation; uint8_t authoritative; + struct netr_IdentityInfo identity; struct netr_NetworkInfo ninfo; + struct netr_PasswordInfo pinfo; DATA_BLOB names_blob, chal, lm_resp, nt_resp; int flags = CLI_CRED_NTLM_AUTH; uint32_t samlogon_flags = 0; + struct netlogon_creds_CredentialState *creds; + struct netr_Authenticator a; + + torture_assert_ntstatus_ok(tctx, dcerpc_schannel_creds(p->conn->security_state.generic_state, tctx, &creds), ""); if (lp_client_lanman_auth(tctx->lp_ctx)) { flags |= CLI_CRED_LANMAN_AUTH; @@ -2751,50 +2765,74 @@ static bool test_SamLogon(struct torture_context *tctx, } cli_credentials_get_ntlm_username_domain(test_credentials, tctx, - &ninfo.identity_info.account_name.string, - &ninfo.identity_info.domain_name.string); + &identity.account_name.string, + &identity.domain_name.string); + + identity.parameter_control = + MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT | + MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT; + identity.logon_id_low = 0; + identity.logon_id_high = 0; + identity.workstation.string = cli_credentials_get_workstation(test_credentials); + + if (interactive) { + netlogon_creds_client_authenticator(creds, &a); + + if (!E_deshash(cli_credentials_get_password(test_credentials), pinfo.lmpassword.hash)) { + ZERO_STRUCT(pinfo.lmpassword.hash); + } + E_md4hash(cli_credentials_get_password(test_credentials), pinfo.ntpassword.hash); + + if (creds->negotiate_flags & NETLOGON_NEG_ARCFOUR) { + netlogon_creds_arcfour_crypt(creds, pinfo.lmpassword.hash, 16); + netlogon_creds_arcfour_crypt(creds, pinfo.ntpassword.hash, 16); + } else { + netlogon_creds_des_encrypt(creds, &pinfo.lmpassword); + netlogon_creds_des_encrypt(creds, &pinfo.ntpassword); + } - generate_random_buffer(ninfo.challenge, - sizeof(ninfo.challenge)); - chal = data_blob_const(ninfo.challenge, - sizeof(ninfo.challenge)); + pinfo.identity_info = identity; + logon.password = &pinfo; - names_blob = NTLMv2_generate_names_blob(tctx, cli_credentials_get_workstation(test_credentials), - cli_credentials_get_domain(test_credentials)); + r.in.logon_level = NetlogonInteractiveInformation; + } else { + generate_random_buffer(ninfo.challenge, + sizeof(ninfo.challenge)); + chal = data_blob_const(ninfo.challenge, + sizeof(ninfo.challenge)); - status = cli_credentials_get_ntlm_response(test_credentials, tctx, - &flags, - chal, - names_blob, - &lm_resp, &nt_resp, - NULL, NULL); - torture_assert_ntstatus_ok(tctx, status, "cli_credentials_get_ntlm_response failed"); + names_blob = NTLMv2_generate_names_blob(tctx, cli_credentials_get_workstation(test_credentials), + cli_credentials_get_domain(test_credentials)); - ninfo.lm.data = lm_resp.data; - ninfo.lm.length = lm_resp.length; + status = cli_credentials_get_ntlm_response(test_credentials, tctx, + &flags, + chal, + names_blob, + &lm_resp, &nt_resp, + NULL, NULL); + torture_assert_ntstatus_ok(tctx, status, "cli_credentials_get_ntlm_response failed"); - ninfo.nt.data = nt_resp.data; - ninfo.nt.length = nt_resp.length; + ninfo.lm.data = lm_resp.data; + ninfo.lm.length = lm_resp.length; - ninfo.identity_info.parameter_control = - MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT | - MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT; - ninfo.identity_info.logon_id_low = 0; - ninfo.identity_info.logon_id_high = 0; - ninfo.identity_info.workstation.string = cli_credentials_get_workstation(test_credentials); + ninfo.nt.data = nt_resp.data; + ninfo.nt.length = nt_resp.length; - logon.network = &ninfo; + ninfo.identity_info = identity; + logon.network = &ninfo; + + r.in.logon_level = NetlogonNetworkInformation; + } r.in.server_name = talloc_asprintf(tctx, "\\\\%s", dcerpc_server_name(p)); r.in.computer_name = cli_credentials_get_workstation(test_credentials); - r.in.logon_level = NetlogonNetworkInformation; r.in.logon = &logon; r.in.flags = &samlogon_flags; r.out.flags = &samlogon_flags; r.out.validation = &validation; r.out.authoritative = &authoritative; - torture_comment(tctx, "Testing LogonSamLogon with name %s\n", ninfo.identity_info.account_name.string); + torture_comment(tctx, "Testing LogonSamLogon with name %s\n", identity.account_name.string); r.in.validation_level = 6; @@ -2818,7 +2856,8 @@ static bool test_SamLogon_with_creds(struct torture_context *tctx, struct cli_credentials *machine_creds, const char *acct_name, char *password, - NTSTATUS expected_samlogon_result) + NTSTATUS expected_samlogon_result, + bool interactive) { bool ret = true; struct cli_credentials *test_credentials; @@ -2834,11 +2873,11 @@ static bool test_SamLogon_with_creds(struct torture_context *tctx, cli_credentials_set_password(test_credentials, password, CRED_SPECIFIED); - torture_comment(tctx, "testing samlogon as %s password: %s\n", - acct_name, password); + torture_comment(tctx, "testing samlogon (%s) as %s password: %s\n", + interactive ? "interactive" : "network", acct_name, password); if (!test_SamLogon(tctx, p, test_credentials, - expected_samlogon_result)) { + expected_samlogon_result, interactive)) { torture_warning(tctx, "new password did not work\n"); ret = false; } @@ -2904,7 +2943,8 @@ static bool test_SetPassword_level(struct dcerpc_pipe *p, machine_creds, acct_name, *password, - expected_samlogon_result)) { + expected_samlogon_result, + false)) { ret = false; } @@ -3337,6 +3377,428 @@ static bool test_SetPassword_pwdlastset(struct dcerpc_pipe *p, return ret; } +static bool test_QueryUserInfo_badpwdcount(struct dcerpc_pipe *p, + struct torture_context *tctx, + struct policy_handle *handle, + uint32_t *badpwdcount) +{ + union samr_UserInfo *info; + struct samr_QueryUserInfo r; + + r.in.user_handle = handle; + r.in.level = 3; + r.out.info = &info; + + torture_comment(tctx, "Testing QueryUserInfo level %d", r.in.level); + + torture_assert_ntstatus_ok(tctx, dcerpc_samr_QueryUserInfo(p, tctx, &r), + "failed to query userinfo"); + + *badpwdcount = info->info3.bad_password_count; + + torture_comment(tctx, " (bad password count: %d)\n", *badpwdcount); + + return true; +} + +static bool test_reset_badpwdcount(struct dcerpc_pipe *p, + struct torture_context *tctx, + struct policy_handle *user_handle, + uint32_t acct_flags, + char **password) +{ + struct samr_SetUserInfo r; + union samr_UserInfo user_info; + + torture_assert(tctx, test_SetUserPass(p, tctx, user_handle, password), + "failed to set password"); + + torture_comment(tctx, "Testing SetUserInfo level 16 (enable account)\n"); + + user_info.info16.acct_flags = acct_flags; + user_info.info16.acct_flags &= ~ACB_DISABLED; + + r.in.user_handle = user_handle; + r.in.level = 16; + r.in.info = &user_info; + + torture_assert_ntstatus_ok(tctx, dcerpc_samr_SetUserInfo(p, tctx, &r), + "failed to enable user"); + + torture_assert(tctx, test_SetUserPass(p, tctx, user_handle, password), + "failed to set password"); + + return true; +} + +static bool test_Password_badpwdcount(struct dcerpc_pipe *p, + struct dcerpc_pipe *np, + struct torture_context *tctx, + uint32_t acct_flags, + const char *acct_name, + struct policy_handle *domain_handle, + struct policy_handle *user_handle, + char **password, + struct cli_credentials *machine_credentials, + const char *comment, + bool disable, + bool interactive, + NTSTATUS expected_success_status, + struct samr_DomInfo1 *info1, + struct samr_DomInfo12 *info12) +{ + union samr_DomainInfo info; + char **passwords; + int i; + uint32_t badpwdcount, tmp; + uint32_t password_history_length = 12; + uint32_t lockout_threshold = 15; + + torture_comment(tctx, "\nTesting bad pwd count with: %s\n", comment); + + torture_assert(tctx, password_history_length < lockout_threshold, + "password history length needs to be smaller than account lockout threshold for this test"); + + + /* set policies */ + + info.info1 = *info1; + + info.info1.password_history_length = password_history_length; + + { + struct samr_SetDomainInfo r; + + r.in.domain_handle = domain_handle; + r.in.level = DomainPasswordInformation; + r.in.info = &info; + + torture_assert_ntstatus_ok(tctx, + dcerpc_samr_SetDomainInfo(p, tctx, &r), + "failed to set domain info level 1"); + } + + info.info12 = *info12; + + info.info12.lockout_threshold = lockout_threshold; + + { + struct samr_SetDomainInfo r; + + r.in.domain_handle = domain_handle; + r.in.level = DomainLockoutInformation; + r.in.info = &info; + + torture_assert_ntstatus_ok(tctx, + dcerpc_samr_SetDomainInfo(p, tctx, &r), + "failed to set domain info level 12"); + } + + /* reset bad pwd count */ + + torture_assert(tctx, + test_reset_badpwdcount(p, tctx, user_handle, acct_flags, password), ""); + + + /* enable or disable account */ + { + struct samr_SetUserInfo r; + union samr_UserInfo user_info; + + torture_comment(tctx, "Testing SetUserInfo level 16 (%s account)\n", + disable ? "disable" : "enable"); + + user_info.info16.acct_flags = acct_flags; + if (disable) { + user_info.info16.acct_flags |= ACB_DISABLED; + } else { + user_info.info16.acct_flags &= ~ACB_DISABLED; + } + + r.in.user_handle = user_handle; + r.in.level = 16; + r.in.info = &user_info; + + torture_assert_ntstatus_ok(tctx, dcerpc_samr_SetUserInfo(p, tctx, &r), + "failed to enable user"); + } + + + /* setup password history */ + + passwords = talloc_array(tctx, char *, password_history_length); + + for (i=0; i < password_history_length; i++) { + + torture_assert(tctx, test_SetUserPass(p, tctx, user_handle, password), + "failed to set password"); + passwords[i] = talloc_strdup(tctx, *password); + + if (!test_SamLogon_with_creds(tctx, np, machine_credentials, + acct_name, passwords[i], + expected_success_status, interactive)) { + torture_fail(tctx, "failed to auth with latest password"); + } + + torture_assert(tctx, + test_QueryUserInfo_badpwdcount(p, tctx, user_handle, &badpwdcount), ""); + + torture_assert_int_equal(tctx, badpwdcount, 0, "expected badpwdcount to be 0"); + } + + + /* test with wrong password */ + + if (!test_SamLogon_with_creds(tctx, np, machine_credentials, + acct_name, "random_crap", + NT_STATUS_WRONG_PASSWORD, interactive)) { + torture_fail(tctx, "succeeded to authenticate with wrong password"); + } + + torture_assert(tctx, + test_QueryUserInfo_badpwdcount(p, tctx, user_handle, &badpwdcount), ""); + + torture_assert_int_equal(tctx, badpwdcount, 1, "expected badpwdcount to be 1"); + + + /* test with latest good password */ + + if (!test_SamLogon_with_creds(tctx, np, machine_credentials, acct_name, + passwords[password_history_length-1], + expected_success_status, interactive)) { + torture_fail(tctx, "succeeded to authenticate with wrong password"); + } + + torture_assert(tctx, + test_QueryUserInfo_badpwdcount(p, tctx, user_handle, &badpwdcount), ""); + + if (disable) { + torture_assert_int_equal(tctx, badpwdcount, 1, "expected badpwdcount to be 1"); + } else { + /* only enabled accounts get the bad pwd count reset upon + * successful logon */ + torture_assert_int_equal(tctx, badpwdcount, 0, "expected badpwdcount to be 0"); + } + + tmp = badpwdcount; + + + /* test password history */ + + for (i=0; i < password_history_length; i++) { + + torture_comment(tctx, "Testing bad password count behavior with " + "password #%d of #%d\n", i, password_history_length); + + /* - network samlogon will succeed auth and not + * increase badpwdcount for 2 last entries + * - interactive samlogon only for the last one */ + + if (i == password_history_length - 1 || + (i == password_history_length - 2 && !interactive)) { + + if (!test_SamLogon_with_creds(tctx, np, machine_credentials, + acct_name, passwords[i], + expected_success_status, interactive)) { + torture_fail(tctx, talloc_asprintf(tctx, "succeeded to authenticate with old password (#%d of #%d in history)", i, password_history_length)); + } + + torture_assert(tctx, + test_QueryUserInfo_badpwdcount(p, tctx, user_handle, &badpwdcount), ""); + + if (disable) { + /* torture_comment(tctx, "expecting bad pwd count to *NOT INCREASE* for pwd history entry %d\n", i); */ + torture_assert_int_equal(tctx, badpwdcount, tmp, "unexpected badpwdcount"); + } else { + /* torture_comment(tctx, "expecting bad pwd count to be 0 for pwd history entry %d\n", i); */ + torture_assert_int_equal(tctx, badpwdcount, 0, "expected badpwdcount to be 0"); + } + + tmp = badpwdcount; + + continue; + } + + if (!test_SamLogon_with_creds(tctx, np, machine_credentials, + acct_name, passwords[i], + NT_STATUS_WRONG_PASSWORD, interactive)) { + torture_fail(tctx, talloc_asprintf(tctx, "succeeded to authenticate with old password (#%d of #%d in history)", i, password_history_length)); + } + + torture_assert(tctx, + test_QueryUserInfo_badpwdcount(p, tctx, user_handle, &badpwdcount), ""); + + /* - network samlogon will fail auth but not increase + * badpwdcount for 3rd last entry + * - interactive samlogon for 3rd and 2nd last entry */ + + if (i == password_history_length - 3 || + (i == password_history_length - 2 && interactive)) { + /* torture_comment(tctx, "expecting bad pwd count to *NOT INCREASE * by one for pwd history entry %d\n", i); */ + torture_assert_int_equal(tctx, badpwdcount, tmp, "unexpected badpwdcount"); + } else { + /* torture_comment(tctx, "expecting bad pwd count to increase by one for pwd history entry %d\n", i); */ + torture_assert_int_equal(tctx, badpwdcount, tmp + 1, "unexpected badpwdcount"); + } + + tmp = badpwdcount; + } + + return true; +} + +static bool test_Password_badpwdcount_wrap(struct dcerpc_pipe *p, + struct torture_context *tctx, + uint32_t acct_flags, + const char *acct_name, + struct policy_handle *domain_handle, + struct policy_handle *user_handle, + char **password, + struct cli_credentials *machine_credentials) +{ + union samr_DomainInfo *q_info, s_info; + struct samr_DomInfo1 info1, _info1; + struct samr_DomInfo12 info12, _info12; + bool ret = true; + struct dcerpc_binding *b; + struct dcerpc_pipe *np; + int i; + + struct { + const char *comment; + bool disabled; + bool interactive; + NTSTATUS expected_success_status; + } creds[] = { + { + .comment = "network logon (disabled account)", + .disabled = true, + .interactive = false, + .expected_success_status= NT_STATUS_ACCOUNT_DISABLED + }, + { + .comment = "network logon (enabled account)", + .disabled = false, + .interactive = false, + .expected_success_status= NT_STATUS_OK + }, + { + .comment = "interactive logon (disabled account)", + .disabled = true, + .interactive = true, + .expected_success_status= NT_STATUS_ACCOUNT_DISABLED + }, + { + .comment = "interactive logon (enabled account)", + .disabled = false, + .interactive = true, + .expected_success_status= NT_STATUS_OK + }, + }; + + /* setup netlogon schannel pipe */ + + torture_assert_ntstatus_ok(tctx, torture_rpc_binding(tctx, &b), "failed to obtain rpc binding"); + + b->flags &= ~DCERPC_AUTH_OPTIONS; + b->flags |= DCERPC_SCHANNEL | DCERPC_SIGN | DCERPC_SCHANNEL_128; + + torture_assert_ntstatus_ok(tctx, dcerpc_pipe_connect_b(tctx, &np, b, &ndr_table_netlogon, + machine_credentials, tctx->ev, tctx->lp_ctx), + "failed to connect to NETLOGON pipe"); + + /* backup old policies */ + + { + struct samr_QueryDomainInfo2 r; + + r.in.domain_handle = domain_handle; + r.in.level = DomainPasswordInformation; + r.out.info = &q_info; + + torture_assert_ntstatus_ok(tctx, + dcerpc_samr_QueryDomainInfo2(p, tctx, &r), + "failed to query domain info level 1"); + + info1 = q_info->info1; + } + + { + struct samr_QueryDomainInfo2 r; + + r.in.domain_handle = domain_handle; + r.in.level = DomainLockoutInformation; + r.out.info = &q_info; + + torture_assert_ntstatus_ok(tctx, + dcerpc_samr_QueryDomainInfo2(p, tctx, &r), + "failed to query domain info level 12"); + + info12 = q_info->info12; + } + + _info1 = info1; + _info12 = info12; + + /* run tests */ + + for (i=0; i < ARRAY_SIZE(creds); i++) { + + /* skip trust tests for now */ + if (acct_flags & ACB_WSTRUST || + acct_flags & ACB_SVRTRUST || + acct_flags & ACB_DOMTRUST) { + continue; + } + + ret &= test_Password_badpwdcount(p, np, tctx, acct_flags, acct_name, + domain_handle, user_handle, password, + machine_credentials, + creds[i].comment, + creds[i].disabled, + creds[i].interactive, + creds[i].expected_success_status, + &_info1, &_info12); + if (!ret) { + torture_warning(tctx, "TEST #%d (%s) failed\n", i, creds[i].comment); + } else { + torture_comment(tctx, "TEST #%d (%s) succeeded\n", i, creds[i].comment); + } + } + + /* restore policies */ + + s_info.info1 = info1; + + { + struct samr_SetDomainInfo r; + + r.in.domain_handle = domain_handle; + r.in.level = DomainPasswordInformation; + r.in.info = &s_info; + + torture_assert_ntstatus_ok(tctx, + dcerpc_samr_SetDomainInfo(p, tctx, &r), + "failed to set domain info level 1"); + } + + s_info.info12 = info12; + + { + struct samr_SetDomainInfo r; + + r.in.domain_handle = domain_handle; + r.in.level = DomainLockoutInformation; + r.in.info = &s_info; + + torture_assert_ntstatus_ok(tctx, + dcerpc_samr_SetDomainInfo(p, tctx, &r), + "failed to set domain info level 12"); + } + + return ret; +} + static bool test_DeleteUser_with_privs(struct dcerpc_pipe *p, struct dcerpc_pipe *lp, struct torture_context *tctx, @@ -3836,6 +4298,25 @@ static bool test_user_ops(struct dcerpc_pipe *p, break; + case TORTURE_SAMR_PASSWORDS_BADPWDCOUNT: + + /* test bad pwd count change behaviour */ + if (!test_Password_badpwdcount_wrap(p, tctx, base_acct_flags, + base_acct_name, + domain_handle, + user_handle, &password, + machine_credentials)) { + ret = false; + } + + if (ret == true) { + torture_comment(tctx, "badPwdCount test succeeded\n"); + } else { + torture_warning(tctx, "badPwdCount test failed\n"); + } + + break; + case TORTURE_SAMR_USER_PRIVILEGES: { struct dcerpc_pipe *lp; @@ -6527,12 +7008,13 @@ static bool test_OpenDomain(struct dcerpc_pipe *p, struct torture_context *tctx, } break; case TORTURE_SAMR_PASSWORDS_PWDLASTSET: + case TORTURE_SAMR_PASSWORDS_BADPWDCOUNT: if (!torture_setting_bool(tctx, "samba3", false)) { ret &= test_CreateUser2(p, tctx, &domain_handle, sid, ctx->choice, ctx->machine_credentials); } ret &= test_CreateUser(p, tctx, &domain_handle, TEST_ACCOUNT_NAME, &user_handle, sid, ctx->choice, ctx->machine_credentials, true); if (!ret) { - torture_warning(tctx, "Testing PASSWORDS PWDLASTSET on domain %s failed!\n", dom_sid_string(tctx, sid)); + torture_warning(tctx, "Testing PASSWORDS PWDLASTSET or BADPWDCOUNT on domain %s failed!\n", dom_sid_string(tctx, sid)); } break; case TORTURE_SAMR_MANY_ACCOUNTS: @@ -7123,3 +7605,46 @@ struct torture_suite *torture_rpc_samr_large_dc(TALLOC_CTX *mem_ctx) return suite; } + +static bool torture_rpc_samr_badpwdcount(struct torture_context *torture, + struct dcerpc_pipe *p2, + struct cli_credentials *machine_credentials) +{ + NTSTATUS status; + struct dcerpc_pipe *p; + bool ret = true; + struct torture_samr_context *ctx; + + status = torture_rpc_connection(torture, &p, &ndr_table_samr); + if (!NT_STATUS_IS_OK(status)) { + return false; + } + + ctx = talloc_zero(torture, struct torture_samr_context); + + ctx->choice = TORTURE_SAMR_PASSWORDS_BADPWDCOUNT; + ctx->machine_credentials = machine_credentials; + + ret &= test_Connect(p, torture, &ctx->handle); + + ret &= test_EnumDomains(p, torture, ctx); + + ret &= test_samr_handle_Close(p, torture, &ctx->handle); + + return ret; +} + +struct torture_suite *torture_rpc_samr_passwords_badpwdcount(TALLOC_CTX *mem_ctx) +{ + struct torture_suite *suite = torture_suite_create(mem_ctx, "SAMR-PASSWORDS-BADPWDCOUNT"); + struct torture_rpc_tcase *tcase; + + tcase = torture_suite_add_machine_bdc_rpc_iface_tcase(suite, "samr", + &ndr_table_samr, + TEST_ACCOUNT_NAME_PWD); + + torture_rpc_tcase_add_test_creds(tcase, "badPwdCount", + torture_rpc_samr_badpwdcount); + + return suite; +} diff --git a/source4/torture/smbtorture.c b/source4/torture/smbtorture.c index 8e0a25b032..53e860a144 100644 --- a/source4/torture/smbtorture.c +++ b/source4/torture/smbtorture.c @@ -550,8 +550,11 @@ int main(int argc,char *argv[]) lp_set_cmdline(cmdline_lp_ctx, "torture:onefs", "true"); lp_set_cmdline(cmdline_lp_ctx, "torture:openx_deny_dos_support", "false"); + lp_set_cmdline(cmdline_lp_ctx, "torture:range_not_locked_on_file_close", "false"); lp_set_cmdline(cmdline_lp_ctx, "torture:sacl_support", "false"); lp_set_cmdline(cmdline_lp_ctx, "torture:ea_support", "false"); + lp_set_cmdline(cmdline_lp_ctx, "torture:smbexit_pdu_support", + "false"); lp_set_cmdline(cmdline_lp_ctx, "torture:smblock_pdu_support", "false"); lp_set_cmdline(cmdline_lp_ctx, "torture:2_step_break_to_none", diff --git a/source4/torture/smbtorture.h b/source4/torture/smbtorture.h index 38969f1bcc..5b12f4e3f5 100644 --- a/source4/torture/smbtorture.h +++ b/source4/torture/smbtorture.h @@ -74,6 +74,15 @@ bool torture_register_suite(struct torture_suite *suite); * This parameter specifies whether the server supports the DENY_DOS open mode * of the SMBOpenX PDU. */ +/* torture:range_not_locked_on_file_close + * + * When a byte range lock is pending, and the file which is being locked is + * closed, Windows servers return the error NT_STATUS_RANGE_NOT_LOCKED. This + * is strange, as this error is meant to be returned only for unlock requests. + * When true, torture will expect the Windows behavior, otherwise it will + * expect the more logical NT_STATUS_LOCK_NOT_GRANTED. + */ + /* torture:sacl_support * * This parameter specifies whether the server supports the setting and @@ -81,6 +90,10 @@ bool torture_register_suite(struct torture_suite *suite); * supports the use of the SEC_FLAG_SYSTEM_SECURITY bit in the open access * mask.*/ +/* torture:smbexit_pdu_support + * + * This parameter specifies whether the server supports the SMBExit (0x11) PDU. */ + /* torture:smblock_pdu_support * * This parameter specifies whether the server supports the SMBLock (0x0C) PDU. */ @@ -119,4 +132,5 @@ bool torture_register_suite(struct torture_suite *suite); * denied. When true, torture will expect NT_STATUS_OBJECT_NAME_NOT_FOUND * rather than NT_STATUS_ACCESS_DENIED when trying to open one of these files. */ + #endif /* __SMBTORTURE_H__ */ |