Hi Joe,
Actually I think my terminology is a little off. From snooping around
a bit I think I want the attributeSchema information under
CN=Schema,CN=Configuration,DC=example,DC=com. What I was thinking of
originally are the attribute syntax definitions like:
( 2.5.18.3 NAME 'creatorsName'
have a look at:
Addressing Problems Due to Access Token Limitation
http://www.microsoft.com/downloads/details.aspx?FamilyID=22dd9251-0781-42e6-9346-89d577a3e74aDisplayLang=en#filelist
http://www.microsoft.com/downloads/details.aspx?FamilyID=4a303fa5-cf20-43fb-9483-0f0b0dae265cDisplayLang=en
Are you maybe looking for the extendedAttributeInfo of the Aggregate object
from the schema? That is the closest thing to that format in AD that I am
aware of.
AD's schema is entirely within the LDAP directory and is readable directly
with LDAP, there is no need to go to extra files etc. The
My first reaction is, NOOO don't do that. That's silly. I absolutely abhor the concept of convenience to this level when it comes to access to secured resources. Saying that, DG's are often created by default as a security group. I'd actually be surprised, and I would applaud the person
Apparently I don't have CN=Aggregate,CN=Schema,DC=X. I'm using W2K 2003
but maybe it's because it's SBS?
I think it's clear that this is a problem that requires work on several
fronts. These are:
1) Build a local table of attributes. The table would not be read from
the schema on startup but be
On Sat, 21 Oct 2006 18:30:47 -0400
Michael B Allen [EMAIL PROTECTED] wrote:
Apparently I don't have CN=Aggregate,CN=Schema,DC=X. I'm using W2K 2003
but maybe it's because it's SBS?
Correction: I do have it. I left out CN=Configuration. The exact DN is
available through the subschemaSubentry in
Oops sorry, accidently took everyone else off if anyone else was interested.
--
O'Reilly Active Directory Third Edition -
http://www.joeware.net/win/ad3e.htm
-Original Message-
From: joe [mailto:[EMAIL PROTECTED]
Sent: Saturday, October 21, 2006 8:12 PM
To: 'Michael B Allen'