[MS-ADTS]: Active Directory Technical Specification

This topic lists the Errata found in the MS-ADTS document since it was last published. Since this topic is updated frequently, we recommend that you subscribe to these RSS or Atom feeds to receive update notifications.

Errata are subject to the same terms as the Open Specifications documentation referenced.

Mt226583.image001(en-us,PROT.20).pngRSS

Mt226583.image001(en-us,PROT.20).pngAtom

To view a PDF file of the errata for the previous versions of this document, see the following ERRATA Archives:

October 16, 2015 - Download

June 30, 2015 - Download

July 18, 2016 - Download

March 20, 2017 - Download

September 15, 2017 - Download

December 1, 2017 - Download

March 16, 2018 - Download

September 12, 2018 - Download

Errata below are for Protocol Document Version V49.0 – 2018/09/12.

Errata Published*

Description

2018/10/29

In Section 2.2.9, Search Flags, information about confidential attributes and their interaction with certain flags has been added.

Changed from:

CF (fCONFIDENTIAL, 0x00000080): Specifies that the attribute is confidential. An extended access check (section 3.1.1.4.4) is required.

NV (fNEVERVALUEAUDIT, 0x00000100): Specifies that auditing of changes to individual values contained in this attribute MUST NOT be performed. Auditing is outside of the state model.

Changed to:

CF (fCONFIDENTIAL, 0x00000080): Specifies that the attribute is confidential. An extended access check (section 3.1.1.4.4) is required.

   Note: The effect of this flag can vary depending on whether the LDAP_SERVER_DIRSYNC_OID control (section 3.1.1.3.4.1.3) or the LDAP_SERVER_DIRSYNC_EX_OID control (section 3.1.1.3.4.1.29) is present in an LDAP search request. If neither of these controls is present, a confidential attribute will not be included in the LDAP search response. If one of these controls is present and the LDAP_DIRSYNC_OBJECT_SECURITY flag is set, a confidential attribute might be included in the response, but its value will be empty.

NV (fNEVERVALUEAUDIT, 0x00000100): Specifies that auditing of changes to individual values contained in this attribute MUST NOT be performed. Auditing is outside of the state model.

In Section 3.1.1.2.3, Attributes, the section reference for Extended Access Checks has been corrected in the row for searchFlags.

Changed from:

fCONFIDENTIAL: This attribute is confidential, special access check is needed; see section Reads:Access Checks in section 3.1.1.4.

Changed to:

fCONFIDENTIAL: This attribute is confidential, so a special access check is required; for details, see the Extended Access Checks in section 3.1.1.4.4.

*Date format: YYYY/MM/DD

Show: