2.2.19 MSDS-MANAGEDPASSWORD_BLOB
The MSDS-MANAGEDPASSWORD_BLOB structure is a representation of a group-managed service account's password information. This structure is returned as the msDS-ManagedPassword (section 3.1.1.4.5.39) constructed attribute.
|
|
|
|
|
|
|
|
|
|
1 |
|
|
|
|
|
|
|
|
|
2 |
|
|
|
|
|
|
|
|
|
3 |
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Version |
Reserved |
||||||||||||||||||||||||||||||
|
Length |
|||||||||||||||||||||||||||||||
|
CurrentPasswordOffset |
PreviousPasswordOffset |
||||||||||||||||||||||||||||||
|
QueryPasswordIntervalOffset |
UnchangedPasswordIntervalOffset |
||||||||||||||||||||||||||||||
|
CurrentPassword (variable) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
PreviousPassword (optional) (variable) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
AlignmentPadding (variable) |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
QueryPasswordInterval |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
|
UnchangedPasswordInterval |
|||||||||||||||||||||||||||||||
|
... |
|||||||||||||||||||||||||||||||
Version (2 bytes): A 16-bit unsigned integer that defines the version of the msDS-ManagedPassword binary large object (BLOB). The Version field MUST be set to 0x0001.
Reserved (2 bytes): A 16-bit unsigned integer that MUST be set to 0x0000.
Length (4 bytes): A 32-bit unsigned integer that specifies the length, in bytes, of the msDS-ManagedPassword BLOB.
CurrentPasswordOffset (2 bytes): A 16-bit offset, in bytes, from the beginning of this structure to the CurrentPassword field. The CurrentPasswordOffset field MUST NOT be set to 0x0000.
PreviousPasswordOffset (2 bytes): A 16-bit offset, in bytes, from the beginning of this structure to the PreviousPassword field. If this field is set to 0x0000, then the account has no previous password.
QueryPasswordIntervalOffset (2 bytes): A 16-bit offset, in bytes, from the beginning of this structure to the QueryPasswordInterval field.
UnchangedPasswordIntervalOffset (2 bytes): A 16-bit offset, in bytes, from the beginning of this structure to the UnchangedPasswordInterval field.
CurrentPassword (variable): A null-terminated WCHAR string containing the cleartext current password for the account.
PreviousPassword (optional) (variable): A null-terminated WCHAR string containing the cleartext previous password for the account. If PreviousPasswordOffset is 0x0000, then this field MUST be absent.
AlignmentPadding (variable): A padding field used to align the QueryPasswordInterval field to a 64-bit boundary. This field is ignored by the receiver. This field SHOULD set to zero and MUST be ignored on receipt.
QueryPasswordInterval (8 bytes): A 64-bit unsigned integer containing the length of time, in units of 10^(-7) seconds, after which the receiver MUST re-query the password. The QueryPasswordInterval field MUST be placed on a 64-bit boundary.
UnchangedPasswordInterval (8 bytes): A 64-bit unsigned integer containing the length of time, in units of 10^(-7) seconds, before which password queries will always return this password value. The UnchangedPasswordInterval field MUST be placed on a 64-bit boundary.