[cifs-protocol] LDAP_SERVER_SD_FLAGS_OID control and search request

Tom Jebo tomjebo at microsoft.com
Fri Dec 18 09:58:43 MST 2009


Thanks for your question regarding the LDAP_SERVER_SD_FLAGS_OID control code and the nTSecurityDescriptor attribute.  One of the Open Specification Documentation support team will contact you shortly.

Best regards,
Tom Jebo
Microsoft Open Specification Documentation Support

-----Original Message-----
From: Matthieu Patou [mailto:mat+Informatique.Samba at matws.net] 
Sent: Friday, December 18, 2009 11:36 AM
To: cifs-protocol at samba.org; Interoperability Documentation Help; pfif at tridgell.net
Subject: LDAP_SERVER_SD_FLAGS_OID control and search request


While testing ADUC I found that this tool is using the control 
LDAP_SERVER_SD_FLAGS_OID when requesting object with no attributes (ie. 
CN=Users,DC=home,DC=matws,DC=net) and expect to receive the 
Of course if you do not provide this control the nTSecurityDescriptor is 
not returned.

I tested this behavior with w2k3r2 and it is how this server behave.

Can you confirm that it's the expected behavior for this control and if 
possible can you document it if it's not already done.



More information about the cifs-protocol mailing list