2.2.2.11.3 NTAuthCertificates Object
The NTAuthCertificate Object is as follows:
Object (1) of type certificationAuthority
Object with cn=NTAuthCertificates
Object under the following container.
CN=Public Key Services, CN=Services, CN=Configuration, DC=...
This object contains a CA Certificate attribute, which is a multivalue Octet String attribute where each one of its value is a DER-encoded CA signing certificate.
Specifications on the syntax of this attribute can be found in [MS-ADA1] section 2.95.