# This file is a concatenation of schema files from the WS2012R2 DVD. # The order of concatenation may not be correct. The order is: # sch57.ldf+sch58.ldf+sch59.ldf+sch60.ldf+sch61.ldf+ # sch62.ldf+sch63.ldf+sch64.ldf+sch65.ldf+sch66.ldf+ # sch67.ldf+sch68.ldf+sch69.ldf # dn: CN=ms-DS-Issuer-Certificates,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema cn: ms-DS-Issuer-Certificates adminDisplayName: ms-DS-Issuer-Certificates adminDescription: The keys used to sign certificates issued by the Registration Service. ldapDisplayName: msDS-IssuerCertificates attributeId: 1.2.840.113556.1.4.2240 omSyntax: 4 attributeSyntax: 2.5.5.10 isSingleValued: FALSE instanceType: 4 rangeLower: 1 rangeUpper: 65536 searchFlags: 0 systemOnly: FALSE schemaIdGuid:: 2m89a5MIxEOJ+x+1KmYWqQ== showInAdvancedViewOnly: TRUE systemFlags: 16 dn: CN=ms-DS-Registration-Quota,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema cn: ms-DS-Registration-Quota adminDisplayName: ms-DS-Registration-Quota adminDescription: Policy used to limit the number of registrations allowed for a single user. ldapDisplayName: msDS-RegistrationQuota attributeId: 1.2.840.113556.1.4.2241 omSyntax: 2 attributeSyntax: 2.5.5.9 isSingleValued: TRUE instanceType: 4 searchFlags: 0 systemOnly: FALSE schemaIdGuid:: woYyymQfeUCWvOYrYQ5zDw== systemFlags: 16 dn: CN=ms-DS-Maximum-Registration-Inactivity-Period,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema cn: ms-DS-Maximum-Registration-Inactivity-Period adminDisplayName: ms-DS-Maximum-Registration-Inactivity-Period adminDescription: The maximum ammount of days used to detect inactivty of registration objects. ldapDisplayName: msDS-MaximumRegistrationInactivityPeriod attributeId: 1.2.840.113556.1.4.2242 omSyntax: 2 attributeSyntax: 2.5.5.9 isSingleValued: TRUE instanceType: 4 searchFlags: 0 systemOnly: FALSE schemaIdGuid:: OapcCuYFykm4CAJbk2YQ5w== systemFlags: 16 dn: CN=ms-DS-Is-Enabled,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema cn: ms-DS-Is-Enabled adminDisplayName: ms-DS-Is-Enabled adminDescription: This attribute is used to enable or disable the user-device relationship. ldapDisplayName: msDS-IsEnabled attributeId: 1.2.840.113556.1.4.2248 omSyntax: 1 attributeSyntax: 2.5.5.8 isSingleValued: TRUE instanceType: 4 searchFlags: 0 systemOnly: FALSE schemaIdGuid:: DlypIoMfgkyUzr6miM/IcQ== systemFlags: 16 dn: CN=ms-DS-Device-OS-Type,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema cn: ms-DS-Device-OS-Type adminDisplayName: ms-DS-Device-OS-Type adminDescription: This attribute is used to track the type of device based on the OS. ldapDisplayName: msDS-DeviceOSType attributeId: 1.2.840.113556.1.4.2249 omSyntax: 64 attributeSyntax: 2.5.5.12 isSingleValued: FALSE instanceType: 4 rangeLower: 0 rangeUpper: 1024 searchFlags: 0 systemOnly: FALSE schemaIdGuid:: TUUOELvzy02EX41e3EccWQ== systemFlags: 16 dn: CN=ms-DS-Device-OS-Version,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema cn: ms-DS-Device-OS-Version adminDisplayName: ms-DS-Device-OS-Version adminDescription: This attribute is used to track the OS version of the device. ldapDisplayName: msDS-DeviceOSVersion attributeId: 1.2.840.113556.1.4.2250 omSyntax: 64 attributeSyntax: 2.5.5.12 isSingleValued: FALSE instanceType: 4 rangeLower: 0 rangeUpper: 512 searchFlags: 0 systemOnly: FALSE schemaIdGuid:: Y4z7cKtfBEWrnRSzKain+A== systemFlags: 16 dn: CN=ms-DS-Device-Physical-IDs,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema cn: ms-DS-Device-Physical-IDs adminDisplayName: ms-DS-Device-Physical-IDs adminDescription: This attribute is used to store identifiers of the physical device. ldapDisplayName: msDS-DevicePhysicalIDs attributeId: 1.2.840.113556.1.4.2251 omSyntax: 4 attributeSyntax: 2.5.5.10 isSingleValued: FALSE instanceType: 4 rangeLower: 1 rangeUpper: 10485760 searchFlags: 1 systemOnly: FALSE schemaIdGuid:: FFRhkKCiR0Spk1NAlZm3Tg== systemFlags: 16 dn: CN=ms-DS-Device-ID,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema cn: ms-DS-Device-ID adminDisplayName: ms-DS-Device-ID adminDescription: This attribute stores the ID of the device. ldapDisplayName: msDS-DeviceID attributeId: 1.2.840.113556.1.4.2252 omSyntax: 4 attributeSyntax: 2.5.5.10 isSingleValued: TRUE instanceType: 4 rangeLower: 16 rangeUpper: 16 searchFlags: 1 systemOnly: FALSE schemaIdGuid:: x4EBw0Jj+0GyeffFZsvgpw== systemFlags: 16 dn: changetype: modify add: schemaUpdateNow schemaUpdateNow: 1 - dn: CN=ms-DS-Device-Registration-Service-Container,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: classSchema cn: ms-DS-Device-Registration-Service-Container adminDisplayName: ms-DS-Device-Registration-Service-Container adminDescription: A class for the container used to house all enrollment services used for device registrations. ldapDisplayName: msDS-DeviceRegistrationServiceContainer rDNAttID: cn defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLOLORCWOWDSDDTDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY) governsId: 1.2.840.113556.1.5.287 instanceType: 4 objectClassCategory: 1 schemaIdGuid:: zlULMc09kkOpbcnjU5fCTw== showInAdvancedViewOnly: TRUE defaultHidingValue: TRUE systemOnly: FALSE systemFlags: 16 subClassOf: top systemPossSuperiors: 1.2.840.113556.1.3.23 dn: CN=ms-DS-Device-Container,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: classSchema cn: ms-DS-Device-Container adminDisplayName: ms-DS-Device-Container adminDescription: A class for the container used to hold device objects. ldapDisplayName: msDS-DeviceContainer rDNAttID: cn defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLOLORCWOWDSDDTDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY) governsId: 1.2.840.113556.1.5.289 instanceType: 4 objectClassCategory: 1 schemaIdGuid:: WIyefBuQqE627E656fwOEQ== showInAdvancedViewOnly: TRUE defaultHidingValue: TRUE systemOnly: FALSE systemFlags: 16 subClassOf: top systemPossSuperiors: 1.2.840.113556.1.5.67 dn: changetype: modify add: schemaUpdateNow schemaUpdateNow: 1 - dn: CN=ms-DS-Device-Registration-Service,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: classSchema cn: ms-DS-Device-Registration-Service adminDisplayName: ms-DS-Device-Registration-Service adminDescription: An object of this class holds the registration service configuration used for devices. ldapDisplayName: msDS-DeviceRegistrationService rDNAttID: cn defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLOLORCWOWDSDDTDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY) governsId: 1.2.840.113556.1.5.284 instanceType: 4 objectClassCategory: 1 schemaIdGuid:: Gjq8ltLj00mvEXsN951n9Q== showInAdvancedViewOnly: TRUE defaultHidingValue: TRUE systemOnly: FALSE systemFlags: 16 subClassOf: top systemPossSuperiors: 1.2.840.113556.1.5.287 systemMayContain: 1.2.840.113556.1.4.2240 systemMayContain: 1.2.840.113556.1.4.2241 systemMayContain: 1.2.840.113556.1.4.2242 dn: CN=ms-DS-Device,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: classSchema cn: ms-DS-Device adminDisplayName: ms-DS-Device adminDescription: An object of this type represents a registered device. ldapDisplayName: msDS-Device rDNAttID: cn defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLOLORCWOWDSDDTDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY) governsId: 1.2.840.113556.1.5.286 instanceType: 4 objectClassCategory: 1 schemaIdGuid:: c7byXUFtdEez6NUujun/mQ== showInAdvancedViewOnly: TRUE defaultHidingValue: TRUE systemOnly: FALSE systemFlags: 16 subClassOf: top systemPossSuperiors: 1.2.840.113556.1.5.289 systemMayContain: 1.2.840.113556.1.4.2248 systemMayContain: 1.2.840.113556.1.4.2249 systemMayContain: 1.2.840.113556.1.4.2250 systemMayContain: 1.2.840.113556.1.4.2251 systemMayContain: 1.2.840.113556.1.4.2252 dn: changetype: modify add: schemaUpdateNow schemaUpdateNow: 1 - dn: CN=Schema,CN=Configuration,DC=X changeType: ntdsSchemaModify replace: objectVersion objectVersion: 57 - dn: CN=ms-DS-Resource-Property-List,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify replace: defaultHidingValue defaultHidingValue: FALSE - dn: changetype: modify add: schemaUpdateNow schemaUpdateNow: 1 - dn: CN=Schema,CN=Configuration,DC=X changeType: ntdsSchemaModify replace: objectVersion objectVersion: 58 - dn: CN=ms-DS-User-Device-Registration,CN=Schema,CN=Configuration,DC=X changeType: ntdsSchemaModify replace: isDefunct isDefunct: TRUE - dn: CN=ms-DS-User-Device-Registration-Container,CN=Schema,CN=Configuration,DC=X changeType: ntdsSchemaModify replace: isDefunct isDefunct: TRUE - dn: CN=ms-DS-Device,CN=Schema,CN=Configuration,DC=X changeType: ntdsSchemaModify delete: systemMayContain systemMayContain: 1.2.840.113556.1.4.2246 - dn: CN=User,CN=Schema,CN=Configuration,DC=X changeType: ntdsSchemaModify delete: systemMayContain systemMayContain: 1.2.840.113556.1.4.2244 - dn: CN=ms-DS-User-Device-Registration-Link,CN=Schema,CN=Configuration,DC=X changeType: ntdsSchemaModify replace: isDefunct isDefunct: TRUE - dn: CN=ms-DS-User-Device-Registration-Link-BL,CN=Schema,CN=Configuration,DC=X changeType: ntdsSchemaModify replace: isDefunct isDefunct: TRUE - dn: CN=ms-DS-Authentication-Level,CN=Schema,CN=Configuration,DC=X changeType: ntdsSchemaModify replace: isDefunct isDefunct: TRUE - dn: CN=ms-DS-Approximate-Last-Use-Time-Stamp,CN=Schema,CN=Configuration,DC=X changeType: ntdsSchemaModify replace: isDefunct isDefunct: TRUE - dn: CN=ms-DS-Device-Reference,CN=Schema,CN=Configuration,DC=X changeType: ntdsSchemaModify replace: isDefunct isDefunct: TRUE - dn: CN=ms-DS-Device-Location,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema cn: ms-DS-Device-Location adminDisplayName: ms-DS-Device-Location adminDescription: The DN under which the device objects will be created. ldapDisplayName: msDS-DeviceLocation attributeId: 1.2.840.113556.1.4.2261 omSyntax: 127 omObjectClass:: KwwCh3McAIVK attributeSyntax: 2.5.5.1 isSingleValued: TRUE instanceType: 4 searchFlags: 0 systemOnly: TRUE schemaIdGuid:: yFb74+hd9UWxsdK2zTHnYg== showInAdvancedViewOnly: TRUE systemFlags: 16 dn: CN=ms-DS-Registered-Owner,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema cn: ms-DS-Registered-Owner adminDisplayName: ms-DS-Registered-Owner adminDescription: Single valued binary attribute containing the primary SID referencing the first user to register the device. The value is not removed during de-registration, but could be managed by an administrator. ldapDisplayName: msDS-RegisteredOwner attributeId: 1.2.840.113556.1.4.2258 omSyntax: 4 attributeSyntax: 2.5.5.10 isSingleValued: TRUE instanceType: 4 searchFlags: 1 isMemberOfPartialAttributeSet: TRUE systemOnly: FALSE schemaIdGuid:: 6SZ2YesBz0KZH85heYIjfg== systemFlags: 18 dn: CN=ms-DS-Registered-Users,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema cn: ms-DS-Registered-Users adminDisplayName: ms-DS-Registered-Users adminDescription: Contains the list of users that have registered the device. Users in this list have all of the features provided by the "Company Portal" app. And they have SSO to company resources. ldapDisplayName: msDS-RegisteredUsers attributeId: 1.2.840.113556.1.4.2263 omSyntax: 4 attributeSyntax: 2.5.5.10 isSingleValued: FALSE instanceType: 4 searchFlags: 1 isMemberOfPartialAttributeSet: TRUE systemOnly: FALSE schemaIdGuid:: DBZJBI5ayE+wUgHA9uSPAg== systemFlags: 18 dn: CN=ms-DS-Approximate-Last-Logon-Time-Stamp,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema cn: ms-DS-Approximate-Last-Logon-Time-Stamp adminDisplayName: ms-DS-Approximate-Last-Logon-Time-Stamp adminDescription: The approximate time a user last logged on with from the device. ldapDisplayName: msDS-ApproximateLastLogonTimeStamp attributeId: 1.2.840.113556.1.4.2262 omSyntax: 65 attributeSyntax: 2.5.5.16 isSingleValued: TRUE instanceType: 4 searchFlags: 1 isMemberOfPartialAttributeSet: TRUE systemOnly: FALSE schemaIdGuid:: O5hPo8aEDE+QUKOhSh01pA== systemFlags: 16 dn: CN=ms-DS-Device-Object-Version,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema cn: ms-DS-Device-Object-Version adminDisplayName: ms-DS-Device-Object-Version adminDescription: This attribute is used to identify the schema version of the device. ldapDisplayName: msDS-DeviceObjectVersion attributeId: 1.2.840.113556.1.4.2257 omSyntax: 2 attributeSyntax: 2.5.5.9 isSingleValued: TRUE instanceType: 4 searchFlags: 1 isMemberOfPartialAttributeSet: TRUE systemOnly: FALSE schemaIdGuid:: Wmll73nxak6T3rAeBmgc+w== systemFlags: 18 dn: CN=ms-DS-Device-OS-Type,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify replace: isSingleValued isSingleValued: TRUE - dn: CN=ms-DS-Device-OS-Type,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify replace: searchFlags searchFlags: 1 - dn: CN=ms-DS-Device-OS-Version,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify replace: isSingleValued isSingleValued: TRUE - dn: CN=ms-DS-Device-Physical-IDs,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify replace: omSyntax omSyntax: 64 - dn: CN=ms-DS-Device-Physical-IDs,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify replace: attributeSyntax attributeSyntax: 2.5.5.12 - dn: CN=ms-DS-Device-Physical-IDs,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify replace: rangeUpper rangeUpper: 1024 - dn: changetype: modify add: schemaUpdateNow schemaUpdateNow: 1 - dn: CN=ms-DS-Device-Registration-Service,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify add: systemMustContain systemMustContain: 1.2.840.113556.1.4.2261 - dn: CN=ms-DS-Device,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify add: systemMayContain systemMayContain: 1.2.840.113556.1.4.2257 systemMayContain: 1.2.840.113556.1.4.2258 systemMayContain: 1.2.840.113556.1.4.2262 systemMayContain: 1.2.840.113556.1.4.2263 - dn: CN=ms-DS-Device,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify delete: systemMayContain systemMayContain: 1.2.840.113556.1.4.2248 - dn: CN=ms-DS-Device,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify add: systemMustContain systemMustContain: 1.2.840.113556.1.4.2248 systemMustContain: 1.2.840.113556.1.2.13 systemMustContain: 1.2.840.113556.1.4.867 - dn: changetype: modify add: schemaUpdateNow schemaUpdateNow: 1 - dn: CN=Schema,CN=Configuration,DC=X changeType: ntdsSchemaModify replace: objectVersion objectVersion: 59 - dn: CN=ms-DS-Is-Member-Of-DL-Transitive,CN=Schema,CN=Configuration,DC=X # This constructed attribute transitively expands the # linked attribute "isMemberOfDL" changetype: ntdsschemaadd objectClass: attributeSchema lDAPDisplayName: msds-memberOfTransitive adminDisplayName: msds-memberOfTransitive adminDescription: msds-memberOfTransitive attributeID: 1.2.840.113556.1.4.2236 attributeSyntax: 2.5.5.1 oMSyntax: 127 oMObjectClass:: KwwCh3McAIVK isSingleValued: FALSE systemOnly: TRUE # 0x800(only return on base search) searchFlags: 2048 showInAdvancedViewOnly: TRUE schemaIdGuid:: tmYhhkHJJ0eVZUi//ylB3g== # 0x10 (base schema) + # 0x08 (operational) + # 0x04 (constructed) + # 0x01 (not replicated) systemFlags: 29 dn: CN=ms-DS-Member-Transitive,CN=Schema,CN=Configuration,DC=X # This constructed attribute transitively expands the # linked attribute "member" changetype: ntdsschemaadd objectClass: attributeSchema lDAPDisplayName: msds-memberTransitive adminDisplayName: msds-memberTransitive adminDescription: msds-memberTransitive attributeID: 1.2.840.113556.1.4.2238 attributeSyntax: 2.5.5.1 oMSyntax: 127 oMObjectClass:: KwwCh3McAIVK isSingleValued: FALSE systemOnly: TRUE # 0x800(only return on base search) searchFlags: 2048 showInAdvancedViewOnly: TRUE schemaIdGuid:: WzkV4gSR2US4lDmeyeId/A== # 0x10 (base schema) + # 0x08 (operational) + # 0x04 (constructed) + # 0x01 (not replicated) systemFlags: 29 dn: CN=ms-DS-Parent-Dist-Name,CN=Schema,CN=Configuration,DC=X changetype: ntdsschemaadd objectClass: attributeSchema lDAPDisplayName: msDS-parentdistname adminDisplayName: ms-DS-Parent-Dist-Name adminDescription: ms-DS-Parent-Dist-Name attributeID: 1.2.840.113556.1.4.2203 attributeSyntax: 2.5.5.1 oMSyntax: 127 oMObjectClass:: KwwCh3McAIVK isSingleValued: TRUE systemOnly: TRUE searchFlags: 0 schemaIDGUID:: ff4YuRqXBPSeIZJhq+yXCw== showInAdvancedViewOnly: TRUE # 0x10 (base schema) + # 0x08 (operational) + # 0x04 (constructed) + # 0x01 (not replicated) systemFlags: 29 dn: CN=ms-DS-Repl-Value-Meta-Data-Ext,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema ldapDisplayName: msDS-ReplValueMetaDataExt adminDisplayName: ms-DS-Repl-Value-Meta-Data-Ext adminDescription: ms-DS-Repl-Value-Meta-Data-Ext attributeId: 1.2.840.113556.1.4.2235 attributeSyntax: 2.5.5.12 omSyntax: 64 isSingleValued: FALSE systemOnly: FALSE searchFlags: 0 schemaIdGuid:: 79ICHq1EskamfZ/RjXgLyg== showInAdvancedViewOnly: TRUE # 0x10 (base schema) + # 0x04 (constructed) systemFlags: 20 dn: changetype: modify add: schemaUpdateNow schemaUpdateNow: 1 - dn: cn=Top,cn=Schema,cn=Configuration,dc=X changetype: ntdsschemamodify add: systemMayContain systemMayContain: 1.2.840.113556.1.4.2238 systemMayContain: 1.2.840.113556.1.4.2236 systemMayContain: 1.2.840.113556.1.4.2203 systemMayContain: 1.2.840.113556.1.4.2235 - dn: CN=DS-Set-Owner,CN=Extended-Rights,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: controlAccessRight displayName: Set Owner of an object during creation. rightsGuid: 4125c71f-7fac-4ff0-bcb7-f09a41325286 appliesTo: 26f11b08-a29d-4869-99bb-ef0b99fd883e validAccesses: 256 dn: CN=DS-Bypass-Quota,CN=Extended-Rights,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: controlAccessRight displayName: Bypass the quota restrictions during creation. rightsGuid: 88a9933e-e5c8-4f2a-9dd7-2527416b8092 appliesTo: 26f11b08-a29d-4869-99bb-ef0b99fd883e validAccesses: 256 dn: CN=DS-Read-Partition-Secrets,CN=Extended-Rights,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: controlAccessRight displayName: Read secret attributes of objects in a Partition rightsGuid: 084c93a2-620d-4879-a836-f0ae47de0e89 appliesTo: 26f11b08-a29d-4869-99bb-ef0b99fd883e validAccesses: 256 dn: CN=DS-Write-Partition-Secrets,CN=Extended-Rights,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: controlAccessRight displayName: Write secret attributes of objects in a Partition rightsGuid: 94825A8D-B171-4116-8146-1E34D8F54401 appliesTo: 26f11b08-a29d-4869-99bb-ef0b99fd883e validAccesses: 256 dn: CN=Schema,CN=Configuration,DC=X changeType: ntdsSchemaModify replace: objectVersion objectVersion: 60 - dn: CN=ms-DS-Drs-Farm-ID,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema cn: ms-DS-Drs-Farm-ID adminDisplayName: ms-DS-Drs-Farm-ID adminDescription: This attribute stores the name of the federation service this DRS object is associated with. ldapDisplayName: msDS-DrsFarmID attributeId: 1.2.840.113556.1.4.2265 omSyntax: 64 attributeSyntax: 2.5.5.12 isSingleValued: TRUE instanceType: 4 searchFlags: 0 isMemberOfPartialAttributeSet: TRUE systemOnly: TRUE schemaIdGuid:: ZvdVYC4gzUmovuUrsVnt+w== systemFlags: 16 dn: changetype: modify add: schemaUpdateNow schemaUpdateNow: 1 - dn: CN=ms-DS-Device-Registration-Service,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify add: systemMustContain systemMustContain: 1.2.840.113556.1.4.2248 systemMustContain: 1.2.840.113556.1.4.2265 - dn: CN=Schema,CN=Configuration,DC=X changeType: ntdsSchemaModify replace: objectVersion objectVersion: 61 - dn: changetype: modify add: schemaUpdateNow schemaUpdateNow: 1 - dn: CN=ms-DS-Issuer-Public-Certificates,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema cn: ms-DS-Issuer-Public-Certificates adminDisplayName: ms-DS-Issuer-Public-Certificates adminDescription: The public keys of the keys used to sign certificates issued by the Registration Service. ldapDisplayName: msDS-IssuerPublicCertificates attributeId: 1.2.840.113556.1.4.2269 omSyntax: 4 attributeSyntax: 2.5.5.10 isSingleValued: FALSE instanceType: 4 rangeLower: 1 rangeUpper: 65536 searchFlags: 0 systemOnly: FALSE schemaIdGuid:: /u3xtdK0dkCrD2FINCsL9g== showInAdvancedViewOnly: TRUE systemFlags: 16 dn: changetype: modify add: schemaUpdateNow schemaUpdateNow: 1 - dn: CN=ms-DS-Device-Registration-Service,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify add: systemMayContain systemMayContain: 1.2.840.113556.1.4.2269 - dn: changetype: modify add: schemaUpdateNow schemaUpdateNow: 1 - dn: CN=Schema,CN=Configuration,DC=X changeType: ntdsSchemaModify replace: objectVersion objectVersion: 62 - dn: CN=ms-DS-Issuer-Certificates,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify replace: searchFlags searchFlags: 128 - dn: CN=ms-DS-Device-Registration-Service,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify replace: defaultSecurityDescriptor defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY) - dn: CN=ms-DS-Device-Registration-Service-Container,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify replace: defaultSecurityDescriptor defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY) - dn: changetype: modify add: schemaUpdateNow schemaUpdateNow: 1 - dn: CN=Schema,CN=Configuration,DC=X changeType: ntdsSchemaModify replace: objectVersion objectVersion: 63 - dn: CN=ms-DS-Device-Registration-Service,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify replace: defaultSecurityDescriptor defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;EA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY) - dn: CN=ms-DS-Device-Registration-Service-Container,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify replace: defaultSecurityDescriptor defaultSecurityDescriptor: D:(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;EA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY) - dn: CN=ms-DS-Device,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify delete: systemMayContain systemMayContain: 1.2.840.113556.1.4.2252 - dn: CN=ms-DS-Device,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify add: systemMustContain systemMustContain: 1.2.840.113556.1.4.2252 - dn: changetype: modify add: schemaUpdateNow schemaUpdateNow: 1 - dn: CN=Schema,CN=Configuration,DC=X changeType: ntdsSchemaModify replace: objectVersion objectVersion: 64 - dn: CN=ms-DS-Registration-Quota,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify add: showInAdvancedViewOnly showInAdvancedViewOnly: TRUE - dn: CN=ms-DS-Maximum-Registration-Inactivity-Period,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify add: showInAdvancedViewOnly showInAdvancedViewOnly: TRUE - dn: CN=ms-DS-Registered-Owner,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify add: showInAdvancedViewOnly showInAdvancedViewOnly: TRUE - dn: CN=ms-DS-Registered-Users,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify add: showInAdvancedViewOnly showInAdvancedViewOnly: TRUE - dn: CN=ms-DS-Approximate-Last-Logon-Time-Stamp,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify add: showInAdvancedViewOnly showInAdvancedViewOnly: TRUE - dn: CN=ms-DS-Is-Enabled,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify add: showInAdvancedViewOnly showInAdvancedViewOnly: TRUE - dn: CN=ms-DS-Device-OS-Type,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify add: showInAdvancedViewOnly showInAdvancedViewOnly: TRUE - dn: CN=ms-DS-Device-OS-Version,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify add: showInAdvancedViewOnly showInAdvancedViewOnly: TRUE - dn: CN=ms-DS-Device-Physical-IDs,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify add: showInAdvancedViewOnly showInAdvancedViewOnly: TRUE - dn: CN=ms-DS-Device-ID,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify add: showInAdvancedViewOnly showInAdvancedViewOnly: TRUE - dn: CN=ms-DS-Device-Object-Version,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify add: showInAdvancedViewOnly showInAdvancedViewOnly: TRUE - dn: CN=ms-DS-Drs-Farm-ID,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify add: showInAdvancedViewOnly showInAdvancedViewOnly: TRUE - dn: CN=ms-DS-IsManaged,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema cn: ms-DS-IsManaged adminDisplayName: ms-DS-IsManaged adminDescription: This attribute is used to indicate the device is managed by a on-premises MDM. ldapDisplayName: msDS-IsManaged attributeId: 1.2.840.113556.1.4.2270 omSyntax: 1 attributeSyntax: 2.5.5.8 isSingleValued: TRUE instanceType: 4 searchFlags: 1 systemOnly: FALSE schemaIdGuid:: zmpoYCds3kOk5fAML40zCQ== showInAdvancedViewOnly: TRUE systemFlags: 16 dn: CN=ms-DS-Cloud-IsManaged,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema cn: ms-DS-Cloud-IsManaged adminDisplayName: ms-DS-Cloud-IsManaged adminDescription: This attribute is used to indicate the device is managed by a cloud MDM. ldapDisplayName: msDS-CloudIsManaged attributeId: 1.2.840.113556.1.4.2271 omSyntax: 1 attributeSyntax: 2.5.5.8 isSingleValued: TRUE instanceType: 4 searchFlags: 1 systemOnly: FALSE schemaIdGuid:: jroVU4+VUku9OBNJowTdYw== showInAdvancedViewOnly: TRUE systemFlags: 16 dn: CN=ms-DS-Cloud-Anchor,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema cn: ms-DS-Cloud-Anchor adminDisplayName: ms-DS-Cloud-Anchor adminDescription: This attribute is used by the DirSync engine to indicate the object SOA and to maintain the relationship between the on-premises and cloud object. ldapDisplayName: msDS-CloudAnchor attributeId: 1.2.840.113556.1.4.2273 omSyntax: 4 attributeSyntax: 2.5.5.10 isSingleValued: TRUE instanceType: 4 searchFlags: 0 systemOnly: FALSE schemaIdGuid:: gF5WeNQD40+vrIw7yi82Uw== showInAdvancedViewOnly: TRUE systemFlags: 16 dn: CN=ms-DS-Cloud-Issuer-Public-Certificates,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema cn: ms-DS-Cloud-Issuer-Public-Certificates adminDisplayName: ms-DS-Cloud-Issuer-Public-Certificates adminDescription: The public keys used by the cloud DRS to sign certificates issued by the Registration Service. ldapDisplayName: msDS-CloudIssuerPublicCertificates attributeId: 1.2.840.113556.1.4.2274 omSyntax: 4 attributeSyntax: 2.5.5.10 isSingleValued: FALSE instanceType: 4 rangeLower: 1 rangeUpper: 65536 searchFlags: 0 systemOnly: FALSE schemaIdGuid:: T7XoodZL0k+Y4rzukqVUlw== showInAdvancedViewOnly: TRUE systemFlags: 16 dn: CN=ms-DS-Cloud-IsEnabled,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema cn: ms-DS-Cloud-IsEnabled adminDisplayName: ms-DS-Cloud-IsEnabled adminDescription: This attribute is used to indicate whether cloud DRS is enabled. ldapDisplayName: msDS-CloudIsEnabled attributeId: 1.2.840.113556.1.4.2275 omSyntax: 1 attributeSyntax: 2.5.5.8 isSingleValued: TRUE instanceType: 4 searchFlags: 0 systemOnly: FALSE schemaIdGuid:: KIOEiU58b0+gEyjOOtKC3A== showInAdvancedViewOnly: TRUE systemFlags: 16 dn: changetype: modify add: schemaUpdateNow schemaUpdateNow: 1 - dn: CN=ms-DS-Device,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify add: systemMayContain systemMayContain: 1.2.840.113556.1.4.2270 systemMayContain: 1.2.840.113556.1.4.2271 systemMayContain: 1.2.840.113556.1.4.2273 - dn: CN=ms-DS-Device-Registration-Service,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify add: systemMayContain systemMayContain: 1.2.840.113556.1.4.2274 systemMayContain: 1.2.840.113556.1.4.2275 - dn: changetype: modify add: schemaUpdateNow schemaUpdateNow: 1 - dn: CN=Schema,CN=Configuration,DC=X changeType: ntdsSchemaModify replace: objectVersion objectVersion: 65 - dn: CN=ms-DS-SyncServerUrl,CN=Schema,CN=Configuration,DC=X changeType: ntdsSchemaAdd objectClass: attributeSchema cn: ms-DS-SyncServerUrl ldapDisplayName: msDS-SyncServerUrl adminDisplayName: ms-DS-SyncServerUrl adminDescription: Use this attribute to store the sync server (Url format) which hosts the user sync folder AttributeID: 1.2.840.113556.1.4.2276 attributeSyntax: 2.5.5.12 omSyntax: 64 isSingleValued: FALSE SystemOnly: FALSE searchFlags: 1 rangeLower: 1 rangeUpper: 512 schemaIdGuid:: 0sOst3QqpE+sJeY/6LYSGA== showInAdvancedViewOnly: FALSE systemFlags: 16 dn: changetype: modify add: schemaUpdateNow schemaUpdateNow: 1 - dn: CN=User,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify add: systemMayContain systemMayContain: 1.2.840.113556.1.4.2276 - dn: CN=Schema,CN=Configuration,DC=X changeType: ntdsSchemaModify replace: objectVersion objectVersion: 66 - dn: changetype: modify add: schemaUpdateNow schemaUpdateNow: 1 - dn: CN=ms-DS-Device-Registration-Service,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify delete: systemMustContain systemMustContain: 1.2.840.113556.1.4.2265 - dn: changetype: modify add: schemaUpdateNow schemaUpdateNow: 1 - dn: CN=ms-DS-Drs-Farm-ID,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify add: isDefunct isDefunct: TRUE - dn: CN=Schema,CN=Configuration,DC=X changeType: ntdsSchemaModify replace: objectVersion objectVersion: 67 - dn: changetype: modify add: schemaUpdateNow schemaUpdateNow: 1 - dn: CN=ms-DS-User-Allowed-To-Authenticate-To,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema ldapDisplayName: msDS-UserAllowedToAuthenticateTo adminDisplayName: ms-DS-User-Allowed-To-Authenticate-To adminDescription: This attribute is used to determine if a user has permission to authenticate to a service. attributeId: 1.2.840.113556.1.4.2277 attributeSyntax: 2.5.5.10 omSyntax: 4 isSingleValued: TRUE systemOnly: FALSE searchFlags: 0 schemaIdGuid:: f6oM3k5yhkKxeRkmce/GZA== systemFlags: 16 RangeLower: 0 RangeUpper: 132096 instanceType: 4 dn: CN=ms-DS-User-Allowed-To-Authenticate-From,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema ldapDisplayName: msDS-UserAllowedToAuthenticateFrom adminDisplayName: ms-DS-User-Allowed-To-Authenticate-From adminDescription: This attribute is used to determine if a user has permission to authenticate from a computer. attributeId: 1.2.840.113556.1.4.2278 attributeSyntax: 2.5.5.10 omSyntax: 4 isSingleValued: TRUE systemOnly: FALSE searchFlags: 0 schemaIdGuid:: AJZMLOGwfUSN2nSQIle9tQ== systemFlags: 16 RangeLower: 0 RangeUpper: 132096 instanceType: 4 dn: CN=ms-DS-User-TGT-Lifetime,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema ldapDisplayName: msDS-UserTGTLifetime adminDisplayName: User TGT Lifetime adminDescription: This attribute specifies the maximum age of a Kerberos TGT issued to a user in units of 10^(-7) seconds. attributeId: 1.2.840.113556.1.4.2279 attributeSyntax: 2.5.5.16 omSyntax: 65 isSingleValued: TRUE systemOnly: FALSE searchFlags: 0 schemaIdGuid:: g8khhZn1D0K5q7EiK9+VwQ== systemFlags: 16 instanceType: 4 dn: CN=ms-DS-Computer-Allowed-To-Authenticate-To,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema ldapDisplayName: msDS-ComputerAllowedToAuthenticateTo adminDisplayName: ms-DS-Computer-Allowed-To-Authenticate-To adminDescription: This attribute is used to determine if a computer has permission to authenticate to a service. attributeId: 1.2.840.113556.1.4.2280 attributeSyntax: 2.5.5.10 omSyntax: 4 isSingleValued: TRUE systemOnly: FALSE searchFlags: 0 schemaIdGuid:: 6atbEH4Hk0e5dO8EELYlcw== systemFlags: 16 RangeLower: 0 RangeUpper: 132096 instanceType: 4 dn: CN=ms-DS-Computer-TGT-Lifetime,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema ldapDisplayName: msDS-ComputerTGTLifetime adminDisplayName: Computer TGT Lifetime adminDescription: This attribute specifies the maximum age of a Kerberos TGT issued to a computer in units of 10^(-7) seconds. attributeId: 1.2.840.113556.1.4.2281 attributeSyntax: 2.5.5.16 omSyntax: 65 isSingleValued: TRUE systemOnly: FALSE searchFlags: 0 schemaIdGuid:: JHWTLrnfrEykNqW32mT9Zg== systemFlags: 16 instanceType: 4 dn: CN=ms-DS-Service-Allowed-To-Authenticate-To,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema ldapDisplayName: msDS-ServiceAllowedToAuthenticateTo adminDisplayName: ms-DS-Service-Allowed-To-Authenticate-To adminDescription: This attribute is used to determine if a service has permission to authenticate to a service. attributeId: 1.2.840.113556.1.4.2282 attributeSyntax: 2.5.5.10 omSyntax: 4 isSingleValued: TRUE systemOnly: FALSE searchFlags: 0 schemaIdGuid:: MTGX8k2bIEi03gR07zuEnw== systemFlags: 16 RangeLower: 0 RangeUpper: 132096 instanceType: 4 dn: CN=ms-DS-Service-Allowed-To-Authenticate-From,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema ldapDisplayName: msDS-ServiceAllowedToAuthenticateFrom adminDisplayName: ms-DS-Service-Allowed-To-Authenticate-From adminDescription: This attribute is used to determine if a service has permission to authenticate from a computer. attributeId: 1.2.840.113556.1.4.2283 attributeSyntax: 2.5.5.10 omSyntax: 4 isSingleValued: TRUE systemOnly: FALSE searchFlags: 0 schemaIdGuid:: mnDalxY3Zkmx0YOLpTw9iQ== systemFlags: 16 RangeLower: 0 RangeUpper: 132096 instanceType: 4 dn: CN=ms-DS-Service-TGT-Lifetime,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema ldapDisplayName: msDS-ServiceTGTLifetime adminDisplayName: Service TGT Lifetime adminDescription: This attribute specifies the maximum age of a Kerberos TGT issued to a service in units of 10^(-7) seconds. attributeId: 1.2.840.113556.1.4.2284 attributeSyntax: 2.5.5.16 omSyntax: 65 isSingleValued: TRUE systemOnly: FALSE searchFlags: 0 schemaIdGuid:: IDz+XSnKfUCbq4Qh5V63XA== systemFlags: 16 instanceType: 4 dn: CN=ms-DS-Assigned-AuthN-Policy-Silo,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema ldapDisplayName: msDS-AssignedAuthNPolicySilo adminDisplayName: Assigned Authentication Policy Silo adminDescription: This attribute specifies which AuthNPolicySilo a principal is assigned to. attributeId: 1.2.840.113556.1.4.2285 attributeSyntax: 2.5.5.1 omObjectClass:: KwwCh3McAIVK omSyntax: 127 isSingleValued: TRUE systemOnly: FALSE searchFlags: 0 schemaIdGuid:: QcE/svUN6kqzPWz0kwd7Pw== systemFlags: 16 instanceType: 4 linkID: 2202 dn: CN=ms-DS-Assigned-AuthN-Policy-Silo-BL,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema ldapDisplayName: msDS-AssignedAuthNPolicySiloBL adminDisplayName: Assigned Authentication Policy Silo Backlink adminDescription: This attribute is the backlink for msDS-AssignedAuthNPolicySilo. attributeId: 1.2.840.113556.1.4.2286 attributeSyntax: 2.5.5.1 omObjectClass:: KwwCh3McAIVK omSyntax: 127 isSingleValued: FALSE systemOnly: TRUE searchFlags: 0 schemaIdGuid:: FAUUM3r10keOxATEZmYAxw== systemFlags: 16 instanceType: 4 linkID: 2203 dn: CN=ms-DS-AuthN-Policy-Silo-Members,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema ldapDisplayName: msDS-AuthNPolicySiloMembers adminDisplayName: Authentication Policy Silo Members adminDescription: This attribute specifies which principals are assigned to the AuthNPolicySilo. attributeId: 1.2.840.113556.1.4.2287 attributeSyntax: 2.5.5.1 omObjectClass:: KwwCh3McAIVK omSyntax: 127 isSingleValued: FALSE systemOnly: FALSE searchFlags: 0 schemaIdGuid:: BR5NFqZIhkio6XeiAG48dw== systemFlags: 16 instanceType: 4 linkID: 2204 dn: CN=ms-DS-AuthN-Policy-Silo-Members-BL,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema ldapDisplayName: msDS-AuthNPolicySiloMembersBL adminDisplayName: Authentication Policy Silo Members Backlink adminDescription: This attribute is the backlink for msDS-AuthNPolicySiloMembers. attributeId: 1.2.840.113556.1.4.2288 attributeSyntax: 2.5.5.1 omObjectClass:: KwwCh3McAIVK omSyntax: 127 isSingleValued: FALSE systemOnly: TRUE searchFlags: 0 schemaIdGuid:: x8v8EeT7UUm0t63fb579RA== systemFlags: 16 instanceType: 4 linkID: 2205 dn: CN=ms-DS-User-AuthN-Policy,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema ldapDisplayName: msDS-UserAuthNPolicy adminDisplayName: User Authentication Policy adminDescription: This attribute specifies which AuthNPolicy should be applied to users assigned to this silo object. attributeId: 1.2.840.113556.1.4.2289 attributeSyntax: 2.5.5.1 omObjectClass:: KwwCh3McAIVK omSyntax: 127 isSingleValued: TRUE systemOnly: FALSE searchFlags: 0 schemaIdGuid:: 87kmzRXUKkSPeHxhUj7pWw== systemFlags: 16 instanceType: 4 linkID: 2206 dn: CN=ms-DS-User-AuthN-Policy-BL,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema ldapDisplayName: msDS-UserAuthNPolicyBL adminDisplayName: User Authentication Policy Backlink adminDescription: This attribute is the backlink for msDS-UserAuthNPolicy. attributeId: 1.2.840.113556.1.4.2290 attributeSyntax: 2.5.5.1 omObjectClass:: KwwCh3McAIVK omSyntax: 127 isSingleValued: FALSE systemOnly: TRUE searchFlags: 0 schemaIdGuid:: qfoXL0ddH0uXfqpS+r5lyA== systemFlags: 16 instanceType: 4 linkID: 2207 dn: CN=ms-DS-Computer-AuthN-Policy,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema ldapDisplayName: msDS-ComputerAuthNPolicy adminDisplayName: Computer Authentication Policy adminDescription: This attribute specifies which AuthNPolicy should be applied to computers assigned to this silo object. attributeId: 1.2.840.113556.1.4.2291 attributeSyntax: 2.5.5.1 omObjectClass:: KwwCh3McAIVK omSyntax: 127 isSingleValued: TRUE systemOnly: FALSE searchFlags: 0 schemaIdGuid:: yWO4r6O+D0Sp82FTzGaJKQ== systemFlags: 16 instanceType: 4 linkID: 2208 dn: CN=ms-DS-Computer-AuthN-Policy-BL,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema ldapDisplayName: msDS-ComputerAuthNPolicyBL adminDisplayName: Computer Authentication Policy Backlink adminDescription: This attribute is the backlink for msDS-ComputerAuthNPolicy. attributeId: 1.2.840.113556.1.4.2292 attributeSyntax: 2.5.5.1 omObjectClass:: KwwCh3McAIVK omSyntax: 127 isSingleValued: FALSE systemOnly: TRUE searchFlags: 0 schemaIdGuid:: MmLvK6EwfkWGBHr22/ExuA== systemFlags: 16 instanceType: 4 linkID: 2209 dn: CN=ms-DS-Service-AuthN-Policy,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema ldapDisplayName: msDS-ServiceAuthNPolicy adminDisplayName: Service Authentication Policy adminDescription: This attribute specifies which AuthNPolicy should be applied to services assigned to this silo object. attributeId: 1.2.840.113556.1.4.2293 attributeSyntax: 2.5.5.1 omObjectClass:: KwwCh3McAIVK omSyntax: 127 isSingleValued: TRUE systemOnly: FALSE searchFlags: 0 schemaIdGuid:: lW1qKs4o7km7JG0fwB4xEQ== systemFlags: 16 instanceType: 4 linkID: 2210 dn: CN=ms-DS-Service-AuthN-Policy-BL,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema ldapDisplayName: msDS-ServiceAuthNPolicyBL adminDisplayName: Service Authentication Policy Backlink adminDescription: This attribute is the backlink for msDS-ServiceAuthNPolicy. attributeId: 1.2.840.113556.1.4.2294 attributeSyntax: 2.5.5.1 omObjectClass:: KwwCh3McAIVK omSyntax: 127 isSingleValued: FALSE systemOnly: TRUE searchFlags: 0 schemaIdGuid:: 7CgRLKJao0KzLfCXnKn80g== systemFlags: 16 instanceType: 4 linkID: 2211 dn: CN=ms-DS-Assigned-AuthN-Policy,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema ldapDisplayName: msDS-AssignedAuthNPolicy adminDisplayName: Assigned Authentication Policy adminDescription: This attribute specifies which AuthNPolicy should be applied to this principal. attributeId: 1.2.840.113556.1.4.2295 attributeSyntax: 2.5.5.1 omObjectClass:: KwwCh3McAIVK omSyntax: 127 isSingleValued: TRUE systemOnly: FALSE searchFlags: 0 schemaIdGuid:: 2Ap6uPdUwUmEoOZNEoU1iA== systemFlags: 16 instanceType: 4 linkID: 2212 dn: CN=ms-DS-Assigned-AuthN-Policy-BL,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema ldapDisplayName: msDS-AssignedAuthNPolicyBL adminDisplayName: Assigned Authentication Policy Backlink adminDescription: This attribute is the backlink for msDS-AssignedAuthNPolicy. attributeId: 1.2.840.113556.1.4.2296 attributeSyntax: 2.5.5.1 omObjectClass:: KwwCh3McAIVK omSyntax: 127 isSingleValued: FALSE systemOnly: TRUE searchFlags: 0 schemaIdGuid:: PBsTLZ/T7kqBXo20vBznrA== systemFlags: 16 instanceType: 4 linkID: 2213 dn: CN=ms-DS-AuthN-Policy-Enforced,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema ldapDisplayName: msDS-AuthNPolicyEnforced adminDisplayName: Authentication Policy Enforced adminDescription: This attribute specifies whether the authentication policy is enforced. attributeId: 1.2.840.113556.1.4.2297 attributeSyntax: 2.5.5.8 omSyntax: 1 isSingleValued: TRUE systemOnly: FALSE searchFlags: 0 schemaIdGuid:: wgxWekXsukSy1yEjatWf1Q== instanceType: 4 systemFlags: 16 dn: CN=ms-DS-AuthN-Policy-Silo-Enforced,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: attributeSchema ldapDisplayName: msDS-AuthNPolicySiloEnforced adminDisplayName: Authentication Policy Silo Enforced adminDescription: This attribute specifies whether the authentication policy silo is enforced. attributeId: 1.2.840.113556.1.4.2298 attributeSyntax: 2.5.5.8 omSyntax: 1 isSingleValued: TRUE systemOnly: FALSE searchFlags: 0 schemaIdGuid:: AhH18uBrPUmHJhVGzbyHcQ== instanceType: 4 systemFlags: 16 dn: CN=ms-DS-AuthN-Policy-Silos,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: classSchema ldapDisplayName: msDS-AuthNPolicySilos adminDisplayName: Authentication Policy Silos adminDescription: A container of this class can contain authentication policy silo objects. governsId: 1.2.840.113556.1.5.291 objectClassCategory: 1 rdnAttId: cn schemaIdGuid:: Ckex0oSPHkmnUrQB7gD+XA== defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLOLORCWOWDSDDTDTSW;;;EA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) showInAdvancedViewOnly: TRUE defaultHidingValue: TRUE systemOnly: FALSE defaultObjectCategory: CN=ms-DS-AuthN-Policy-Silos,CN=Schema,CN=Configuration,DC=X instanceType: 4 systemFlags: 16 subClassOf: top systemPossSuperiors: 1.2.840.113556.1.3.23 dn: CN=ms-DS-AuthN-Policies,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: classSchema ldapDisplayName: msDS-AuthNPolicies adminDisplayName: Authentication Policies adminDescription: A container of this class can contain authentication policy objects. governsId: 1.2.840.113556.1.5.293 objectClassCategory: 1 rdnAttId: cn schemaIdGuid:: Xd+aOpd7fk+rtOW1XBwGtA== defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLOLORCWOWDSDDTDTSW;;;EA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) showInAdvancedViewOnly: TRUE defaultHidingValue: TRUE systemOnly: FALSE defaultObjectCategory: CN=ms-DS-AuthN-Policies,CN=Schema,CN=Configuration,DC=X instanceType: 4 systemFlags: 16 subClassOf: top systemPossSuperiors: 1.2.840.113556.1.3.23 dn: changetype: modify add: schemaUpdateNow schemaUpdateNow: 1 - dn: CN=ms-DS-AuthN-Policy-Silo,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: classSchema ldapDisplayName: msDS-AuthNPolicySilo adminDisplayName: Authentication Policy Silo adminDescription: An instance of this class defines authentication policies and related behaviors for assigned users, computers, and services. governsId: 1.2.840.113556.1.5.292 objectClassCategory: 1 rdnAttId: cn schemaIdGuid:: Hkbw+X1piUaSmTfmHWF7DQ== defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLOLORCWOWDSDDTDTSW;;;EA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) systemOnly: FALSE defaultObjectCategory: CN=ms-DS-AuthN-Policy-Silo,CN=Schema,CN=Configuration,DC=X systemFlags: 16 instanceType: 4 systemmaycontain: msDS-AuthNPolicySiloMembers systemmaycontain: msDS-UserAuthNPolicy systemmaycontain: msDS-ComputerAuthNPolicy systemmaycontain: msDS-ServiceAuthNPolicy systemmaycontain: msDS-AssignedAuthNPolicySiloBL systemmaycontain: msDS-AuthNPolicySiloEnforced subClassOf: top systemPossSuperiors: msDS-AuthNPolicySilos dn: CN=ms-DS-AuthN-Policy,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaAdd objectClass: classSchema ldapDisplayName: msDS-AuthNPolicy adminDisplayName: Authentication Policy adminDescription: An instance of this class defines authentication policy behaviors for assigned principals. governsId: 1.2.840.113556.1.5.294 objectClassCategory: 1 rdnAttId: cn schemaIdGuid:: VhFqq8dN9UCRgI5M5C/lzQ== defaultSecurityDescriptor: D:(A;;RPWPCRCCDCLCLOLORCWOWDSDDTDTSW;;;EA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU) systemOnly: FALSE defaultObjectCategory: CN=ms-DS-AuthN-Policy,CN=Schema,CN=Configuration,DC=X systemFlags: 16 instanceType: 4 systemmaycontain: msDS-UserAllowedToAuthenticateTo systemmaycontain: msDS-UserAllowedToAuthenticateFrom systemmaycontain: msDS-UserTGTLifetime systemmaycontain: msDS-ComputerAllowedToAuthenticateTo systemmaycontain: msDS-ComputerTGTLifetime systemmaycontain: msDS-ServiceAllowedToAuthenticateTo systemmaycontain: msDS-ServiceAllowedToAuthenticateFrom systemmaycontain: msDS-ServiceTGTLifetime systemmaycontain: msDS-UserAuthNPolicyBL systemmaycontain: msDS-ComputerAuthNPolicyBL systemmaycontain: msDS-ServiceAuthNPolicyBL systemmaycontain: msDS-AssignedAuthNPolicyBL systemmaycontain: msDS-AuthNPolicyEnforced subClassOf: top systemPossSuperiors: msDS-AuthNPolicies dn: CN=user,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify add: systemmaycontain systemmaycontain: msDS-AssignedAuthNPolicy systemmaycontain: msDS-AssignedAuthNPolicySilo systemmaycontain: msDS-AuthNPolicySiloMembersBL - dn: CN=Schema,CN=Configuration,DC=X changeType: ntdsSchemaModify replace: objectVersion objectVersion: 68 - dn: changetype: modify add: schemaUpdateNow schemaUpdateNow: 1 - dn: CN=ms-DS-AuthN-Policy-Silo,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify add: defaultHidingValue defaultHidingValue: FALSE - dn: CN=ms-DS-AuthN-Policy,CN=Schema,CN=Configuration,DC=X changetype: ntdsSchemaModify add: defaultHidingValue defaultHidingValue: FALSE - dn: CN=Schema,CN=Configuration,DC=X changeType: ntdsSchemaModify replace: objectVersion objectVersion: 69 - dn: changetype: modify add: schemaUpdateNow schemaUpdateNow: 1 -