2.217 Attribute msDS-AllowedDNSSuffixes

For a given Active Directory domain, this attribute specifies the list of DNS suffixes (by their fully qualified domain name (FQDN) (1) ([MS-ADTS] section 1.1)) allowed to be used to identify computers that are members of that domain.

 cn: ms-DS-Allowed-DNS-Suffixes
 ldapDisplayName: msDS-AllowedDNSSuffixes
 attributeId: 1.2.840.113556.1.4.1710
 attributeSyntax: 2.5.5.12
 omSyntax: 64
 isSingleValued: FALSE
 schemaIdGuid: 8469441b-9ac4-4e45-8205-bd219dbf672d
 systemOnly: FALSE
 searchFlags: 0
 rangeLower: 0
 rangeUpper: 2048
 systemFlags: FLAG_SCHEMA_BASE_OBJECT
 schemaFlagsEx: FLAG_ATTR_IS_CRITICAL

Version-Specific Behavior: First implemented on Windows Server 2003 operating system.

The schemaFlagsEx attribute was added to this attribute definition in Windows Server 2008 operating system.