2.211 Attribute msDS-AllowedToDelegateTo

For a given computer or user account, this attribute specifies the list of service principal names (SPN) corresponding to Windows services that can act on behalf of the computer or user account.

 cn: ms-DS-Allowed-To-Delegate-To
 ldapDisplayName: msDS-AllowedToDelegateTo
 attributeId: 1.2.840.113556.1.4.1787
 omSyntax: 64
 isSingleValued: FALSE
 schemaIdGuid: 800d94d7-b7a1-42a1-b14d-7cae1423d07f
 systemOnly: FALSE
 searchFlags: 0
 attributeSecurityGuid: e48d0154-bcf8-11d1-8702-00c04fb96050

Version-Specific Behavior: First implemented on Windows Server 2003 operating system.

The schemaFlagsEx attribute was added to this attribute definition in Windows Server 2008 operating system.