2.169 Class msPKI-Key-Recovery-Agent

An object that is associated with a key recovery agent (KRA) instance. One KRA object instance is created for each installed Cert Server (with a unique common name) during Cert Server setup. If two certificate authorities (CAs) are given the same common name during CA setup, they share a single KRA object instance.

 cn: ms-PKI-Key-Recovery-Agent
 ldapDisplayName: msPKI-Key-Recovery-Agent
 governsId: 1.2.840.113556.1.5.195
 objectClassCategory: 1
 rdnAttId: cn
 subClassOf: user
 systemPossSuperiors: container
 schemaIdGuid: 26ccf238-a08e-4b86-9a82-a8c9ac7ee5cb
 defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)
  (A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)
 defaultHidingValue: TRUE
 systemOnly: FALSE
 defaultObjectCategory: CN=ms-PKI-Key-Recovery-Agent,<SchemaNCDN>
 systemFlags: FLAG_SCHEMA_BASE_OBJECT

Version-Specific Behavior: Implemented on Windows Server 2003 operating system, Windows Server 2003 R2 operating system, Windows Server 2008 operating system, Windows Server 2008 R2 operating system, Windows Server 2012 operating system, Windows Server 2012 R2 operating system, Windows Server 2016 operating system, and Windows Server operating system.

Show: