This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Filtered Attribute Set
Filtered Attribute Set

Version management

Difference between version and

At line 1 added 218 lines
!!! Overview
[{$pagename}] ([FAS]) is the set of attributes __NOT__ replicated to a [Read-Only Domain Controller] ([RODC]).
The default FAS contains the following:
* ms-PKIDPAPIMasterKeys
* ms-PKIAccountCredentials
* ms-PKIRoamingTimeStamp
* ms-FVEKeyPackage
* ms-FVERecoveryPassword
* ms-TPMOwnerInformation
[{$pagename}] attributes __ARE NOT__ replicated, in case the [Read-Only Domain Controller] is placed at a lower security site and then compromised.
Additional [Attributes] may be added to the [{$pagename}] so they will __NOT__ replicated
[{$pagename}] attributes will have the [fRODCFilteredAttribute] [X-SEARCH-FLAGS] value if they have been added.
An [attribute] __CANNOT__ be a member of a [{$pagename}] if one of the following conditions is true:
* [FLAG_ATTR_NOT_REPLICATED] [bit] is set in attribute systemFlags of the [attributeSchema] object;
* [FLAG_ATTR_REQ_PARTIAL_SET_MEMBER] [bit] is set in attribute [systemFlags] of the [attributeSchema] object;
* [FLAG_ATTR_IS_CONSTRUCTED] [bit] is set in attribute [systemFlags] of the [attributeSchema] object;
* [FLAG_ATTR_IS_CRITICAL] [bit] is set in attribute [schemaFlagsEx] of the [attributeSchema] object;
* [systemOnly] of the [attributeSchema] object is true;
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop