[MS-ADTS] 6.1.6.7.9 trustAttributes

Vincent Le Toux 0 Reputation points
2024-02-01T16:28:52.96+00:00

Hi, Cross checking my previous question on msDS-TrustForestTrustInfo with https://learn.microsoft.com/en-us/troubleshoot/windows-server/windows-security/windows-updates-add-new-ntlm-pass-through-authentication-protections#issue-mitigations

An attribute TRUST_ATTRIBUTE_DISABLE_AUTH_TARGET_VALIDATION is described in the above document.

My understanding is that it will apply to the "trustattribute" AD attribute about trust. This attribute is described in [MS-ADTS] 6.1.6.7.9 trustAttributes However the value is marked as reserved. I'd like to make sure that the attribute "trustattribute" of a trust is the place where this value is set. Thanks in advance

Windows Open Specifications
Windows Open Specifications
Windows: A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.Open Specifications: Technical documents for protocols, computer languages, standards support, and data portability. The goal with Open Specifications is to help developers open new opportunities to interoperate with Windows, SQL, Office, and SharePoint.
42 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Obaid Farooqi MSFT 591 Reputation points Microsoft Employee
    2024-02-19T21:13:24.1466667+00:00

    Hi @Vincent Le Toux You are right. this flag is set on trustattribute, defined in MS-ADTS section "6.1.6.7.9 trustAttributes".

    I have filed a bug against Ms-ADTS to add this flag.

    Please let me know if this does not answer your question.

    Regards,

    Obaid Farooqi - MSFT

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.