Share via

[MS-ADTS] 6.1.6.7.9 trustAttributes

Vincent Le Toux 0 Reputation points
2024-02-01T16:28:52.96+00:00

Hi, Cross checking my previous question on msDS-TrustForestTrustInfo with https://learn.microsoft.com/en-us/troubleshoot/windows-server/windows-security/windows-updates-add-new-ntlm-pass-through-authentication-protections#issue-mitigations

An attribute TRUST_ATTRIBUTE_DISABLE_AUTH_TARGET_VALIDATION is described in the above document.

My understanding is that it will apply to the "trustattribute" AD attribute about trust. This attribute is described in [MS-ADTS] 6.1.6.7.9 trustAttributes However the value is marked as reserved. I'd like to make sure that the attribute "trustattribute" of a trust is the place where this value is set. Thanks in advance

Windows development | Windows Open Specifications

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Obaid Farooqi MSFT 751 Reputation points Microsoft Employee Moderator
    2024-02-19T21:13:24.1466667+00:00

    Hi @Vincent Le Toux You are right. this flag is set on trustattribute, defined in MS-ADTS section "6.1.6.7.9 trustAttributes".

    I have filed a bug against Ms-ADTS to add this flag.

    Please let me know if this does not answer your question.

    Regards,

    Obaid Farooqi - MSFT

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.