[cifs-protocol] LDAP_SERVER_SD_FLAGS_OID control and search request
tomjebo at microsoft.com
Fri Dec 18 09:58:43 MST 2009
Thanks for your question regarding the LDAP_SERVER_SD_FLAGS_OID control code and the nTSecurityDescriptor attribute. One of the Open Specification Documentation support team will contact you shortly.
Microsoft Open Specification Documentation Support
From: Matthieu Patou [mailto:mat+Informatique.Samba at matws.net]
Sent: Friday, December 18, 2009 11:36 AM
To: cifs-protocol at samba.org; Interoperability Documentation Help; pfif at tridgell.net
Subject: LDAP_SERVER_SD_FLAGS_OID control and search request
While testing ADUC I found that this tool is using the control
LDAP_SERVER_SD_FLAGS_OID when requesting object with no attributes (ie.
CN=Users,DC=home,DC=matws,DC=net) and expect to receive the
Of course if you do not provide this control the nTSecurityDescriptor is
I tested this behavior with w2k3r2 and it is how this server behave.
Can you confirm that it's the expected behavior for this control and if
possible can you document it if it's not already done.
More information about the cifs-protocol