3.1.1.4.5.35 msDS-RevealedListBL

The msDS-RevealedListBL attribute exists on AD DS (starting with Windows Server 2008 operating system) but not on AD LDS.

This attribute behaves precisely like a back link attribute for the msDS-RevealedList constructed attributes described in the previous section.

Therefore, the msDS-RevealedList attribute exists only on a user object, one or more of whose secret attributes have been "revealed" to an RODC. The value is the set of RODCs (represented by their computer objects) to which one or more of the given user object's secret attributes have been revealed.