2.8 Attribute managedBy

This attribute can be used by administrators to specify the DN of an object representing the entity assigned to manage this object. A read-only domain controller object uses this attribute to store the DNs of security principals who would be implicit members of the Administrators group of the RODC as specified in [MS-ADTS] section

 cn: Managed-By
 ldapDisplayName: managedBy
 attributeId: 1.2.840.113556.1.4.653
 omSyntax: 127
 isSingleValued: TRUE
 schemaIdGuid: 0296c120-40da-11d1-a9c0-0000f80367c1
 systemOnly: FALSE
 searchFlags: 0
 linkID: 72
 mapiID: 32780

Version-Specific Behavior: First implemented on Windows 2000 Server operating system.

The schemaFlagsEx attribute was added to this attribute definition in Windows Server 2008 operating system.