Just found yet more useful property; msds-memberOfTransitive
Contains DNs of all groups (security and distrib)
No, there is no implementation in bcrypt. The code provided is still current.
Is there any solution doing the same with bcypt.dll?
According to Microsoft te WinCrypr-API is deprecated.
you wrote "When empty entry appears in excluded subtree, the meaning is different. It explicitly disallows any namespaces of that type..."
Can you please remind us where exactly is that specified in RFC5280 (or any other RFC) ? I cannot find the relevant wording...
* tokenGroups property returns only security group's SIDs, distrib lists are not included
© 2008 - 2021 - Sysadmins LV. All rights reserved