Yes it is a binary octet string, it is a normal security descriptor and can be manipulated like you would manipulate security descriptors in compiled apps normally. If you are scripting, then use adfind to dump the attribute with the -sddl+ or -sddl++ switches and if you want the SIDs and SDDL encoded secprins decoded use -resolvesids. joe -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm
_____ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Yann Sent: Monday, January 08, 2007 5:42 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Decode the msExchMailboxSecurityDescriptor attribute. Hello, I'd like to dump the msExchMailboxSecurityDescriptor attribute of a user object into readable format. It seems that the value is in binary blob format. Is there a way to do this ? Thanks, Yann __________________________________________________ Do You Yahoo!? En finir avec le spam? Yahoo! Mail vous offre la meilleure protection possible contre les messages non sollicités http://mail.yahoo.fr Yahoo! Mail
