3.1.1.5.3 Modify Operation

References

LDAP attributes: objectClass, nTSecurityDescriptor, instanceType, distinguishedName, objectGUID, objectSid, entryTTL, msDS-Entry-Time-To-Die, systemFlags, objectCategory, msDS-AllowedToDelegateTo, member, sAMAccountName, msDS-AdditionalSamAccountName, dNSHostName, msDS-AdditionalDnsHostName, servicePrincipalName, uSNCreated, subRefs, uSNLastObjRem, uSNDSALastObjRemoved, name, isDeleted, isRecycled, hasMasterNCs, msDS-hasMasterNCs, hasPartialReplicaNCs, msDS-hasFullReplicaNCs, whenCreated, managedBy, msDS-LockoutObservationWindow, msDS-LockoutDuration, msDS-MaximumPasswordAge, msDS-MinimumPasswordAge, msDS-MinimumPasswordLength, msDS-PasswordHistoryLength.

LDAP classes: dynamicObject, crossRef, server, computer, foreignSecurityPrincipal.

Well-known object GUIDs: GUID_USERS_CONTAINER_W, GUID_COMPUTERS_CONTAINER_W.

Constants

  • Win32/status error codes: ERROR_DS_REFERRAL, ERROR_DS_WKO_CONTAINER_CANNOT_BE_SPECIAL, ERROR_DS_CONFIDENTIALITY_REQUIRED, ERROR_DS_ILLEGAL_MOD_OPERATION, ERROR_DS_RANGE_CONSTRAINT, ERROR_DS_HIGH_DSA_VERSION, ERROR_DS_SPN_VALUE_NOT_UNIQUE_IN_FOREST, ERROR_DS_UPN_VALUE_NOT_UNIQUE_IN_FOREST.

  • Access mask bits, control access rights: RIGHT_DS_WRITE_PROPERTY, RIGHT_DS_WRITE_PROPERTY_EXTENDED, Change-Infrastructure-Master, Change-Schema-Master, Change-Rid-Master, Change-PDC, Change-Domain-Master, Reanimate-Tombstones.

  • Security privileges: SE_ENABLE_DELEGATION_PRIVILEGE

  • systemFlags bits: FLAG_DISALLOW_DELETE, FLAG_DOMAIN_DISALLOW_RENAME, FLAG_DOMAIN_DISALLOW_MOVE, FLAG_ATTR_IS_RDN.

  • LDAP: LDAP_SERVER_PERMISSIVE_MODIFY_OID

The modify operation results in modification of a single existing object in the directory tree. The requester supplies the following data:

  • The DN of the object.

  • The set of attributes defining the modifications that are to be performed.