2.37 Attribute nTSecurityDescriptor

This attribute specifies the Windows NT operating system security descriptor for an object. For more information about how Active Directory uses this attribute, refer to [MS-ADTS] section 5.1.

 cn: NT-Security-Descriptor
 ldapDisplayName: nTSecurityDescriptor
 attributeId: 1.2.840.113556.1.2.281
 attributeSyntax: 2.5.5.15
 omSyntax: 66
 isSingleValued: TRUE
 schemaIdGuid: bf9679e3-0de6-11d0-a285-00aa003049e2
 systemOnly: FALSE
 searchFlags: fPRESERVEONDELETE
 rangeLower: 0
 rangeUpper: 132096
 mapiID: 32787
 isMemberOfPartialAttributeSet: TRUE
 systemFlags: FLAG_SCHEMA_BASE_OBJECT | FLAG_ATTR_IS_OPERATIONAL | 
  FLAG_ATTR_REQ_PARTIAL_SET_MEMBER
 schemaFlagsEx: FLAG_ATTR_IS_CRITICAL

Version-Specific Behavior: First implemented on Windows 2000 Server operating system.

In Windows 2000 Server, the following attributes are defined differently:

 systemFlags: FLAG_SCHEMA_BASE_OBJECT | 
  FLAG_ATTR_REQ_PARTIAL_SET_MEMBER

The schemaFlagsEx attribute was added to this attribute definition in Windows Server 2008 operating system.