[MS-ADTS]: Active Directory Technical Specification

This topic lists the Errata found in the MS-ADTS document since it was last published. Since this topic is updated frequently, we recommend that you subscribe to these RSS or Atom feeds to receive update notifications.

Errata are subject to the same terms as the Open Specifications documentation referenced.

RSS

Atom

To view a PDF file of the errata for the previous versions of this document, see the following ERRATA Archives:

October 16, 2015 - Download

June 30, 2015 - Download

July 18, 2016 - Download

March 20, 2017 - Download

September 15, 2017 - Download

December 1, 2017 - Download

March 16, 2018 - Download

September 12, 2018 - Download

March 13, 2019 - Download

Errata below are for Protocol Document Version V9.0 – 2019/03/13.

Errata Published*

Description

2019/10/16

In Section 6.1.6.7.9, trustAttributes, the 'TANC' attribute description has been updated.

Changed from:

Only supported on Windows Server 2012 and later.

Changed to:

Initially supported on Windows Server 2012 and later. After [MSKB-4490425] is installed, this bit is superseded by the TRUST_ATTRIBUTE_CROSS_ORGANIZATION_ENABLE_TGT_DELEGATION bit.

In the same section a new TAEC attribute and description have been added:

TAEC​

 (TRUST_ATTRIBUTE_CROSS_ORGANIZATION_ENABLE_TGT_DELEGATION)​

0x00000800​

If this bit is set, tickets granted under this trust MUST be trusted for delegation. The behavior controlled by this bit is as specified in [MS-KILE] section 3.3.5.7.5.​Only supported on Windows Server 2008 and later after [MSKB-4490425] updates are installed.

2019/09/16

In Section 2.2.20.5.2, KEY_USAGE_FIDO, changed from:

authData: A base64-encoded public key.

Changed to:

authData: A base64-encoded Authenticator Data structure, as described in section 6.1 of [W3C-WebAuthPKC1].

2019/04/29

In Section 3.1.1.2.5, Schema Modifications, information about the error 'unwillingToPerform / ERROR_DS_CANT_CREATE_UNDER_SCHEMA', which occurs when attempting to add any object other than a schema object in the schema NC, has been added.

Changed from:​

A Delete of an attributeSchema or classSchema object (5) fails, with error unwillingToPerform / ERROR_DS_CANT_DELETE.​

There is no constraint on the amount of time between when an object (5) in the schema NC is successfully added or modified and when the DC enforces the updated schema (1).

…​

Changed to:​

A Delete of an attributeSchema or classSchema object (5) fails, with error unwillingToPerform / ERROR_DS_CANT_DELETE.​

An attempt to add any object other than a schema object in the schema NC fails with the error unwillingToPerform / ERROR_DS_CANT_CREATE_UNDER_SCHEMA.​

There is no constraint on the amount of time between when an object (5) in the schema NC is successfully added or modified and when the DC enforces the updated schema (1).

*Date format: YYYY/MM/DD