6.1.1.3 Critical Domain Objects

  • Article

References

  • FSMO Roles

  • Forest Requirements

  • Security

  • Originating Updates

  • LDAP

Attribute Syntaxes: DN-Binary

Glossary terms: NC, NC replica, NC root, DC, Domain NC, FSMO, Forest, UUID, SPN (2), PDC, RID

LDAP attributes: name, objectClass, distinguishedName, systemFlags, primaryGroupID, servicePrincipalName, dNSHostName, msDS-AdditionalDnsHostName, wellKnownObjects, isDeleted, revision

LDAP classes: computer, container, msDS-QuotaContainer, infrastructureUpdate, organizationalUnit, domainPolicy, samServer

WKGuids: GUID_USERS_CONTAINER_W, GUID_COMPUTERS_CONTAINER_W, GUID_SYSTEMS_CONTAINER_W, GUID_DOMAIN_CONTROLLERS_CONTAINER_W, GUID_INFRASTRUCTURE_CONTAINER_W, GUID_DELETED_OBJECTS_CONTAINER_W, GUID_LOSTANDFOUND_CONTAINER_W, GUID_FOREIGNSECURITYPRINCIPALS_CONTAINER_W, GUID_PROGRAM_DATA_CONTAINER_W, GUID_NTDS_QUOTAS_CONTAINER_W

Constants

  • systemFlags bits: FLAG_DISALLOW_DELETE, FLAG_DOMAIN_DISALLOW_RENAME, FLAG_DOMAIN_DISALLOW_MOVE

  • userAccountControl bits: ADS_UF_SERVER_TRUST_ACCOUNT, ADS_UF_TRUSTED_FOR_DELEGATION

  • groupType bits: GROUP_TYPE_RESOURCE_GROUP, GROUP_TYPE_SECURITY_ENABLED, GROUP_TYPE_ACCOUNT_GROUP