Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The ms-DS-Repl-Authentication-Mode attribute is used to specify which authentication method is used to authenticate replication partners. This attribute applies to the configuration partition of an ADAM instance.
The following values are the possible values for this attribute.
| Value | Authentication method | Description |
|---|---|---|
| 0 |
Negotiated pass-through |
All ADAM instances in the configuration set use an identical account name and password as the ADAM service account. |
| 1 |
Negotiated |
Kerberos authentication (using SPNs) is attempted first. If Kerberos fails, NTLM authentication is attempted. If NTLM fails, the ADAM instances will not replicate. |
| 2 |
Mutual authentication with Kerberos |
Kerberos authentication, using service principal names (SPNs), is required. If Kerberos authentication fails, the ADAM instances will not replicate. |
The following table contains the programmatic identifiers for the values of this attribute.
| Value | Identifier (from Ntdsapi.h) |
|---|---|
| 0 |
ADAM_REPL_AUTHENTICATION_MODE_NEGOTIATE_PASS_THROUGH |
| 1 |
ADAM_REPL_AUTHENTICATION_MODE_NEGOTIATE |
| 2 |
ADAM_REPL_AUTHENTICATION_MODE_MUTUAL_AUTH_REQUIRED |
| Entry | Value |
|---|---|
| CN | ms-DS-Repl-Authentication-Mode |
| Ldap-Display-Name | msDS-ReplAuthenticationMode |
| Size | - |
| Update Privilege | - |
| Update Frequency | - |
| Attribute-Id | 1.2.840.113556.1.4.1861 |
| System-Id-Guid | 6e124d4f-1a3f-4cc6-8e09-4a54c81b1d50 |
| Syntax | Enumeration |
Implementations
ADAM
| Entry | Value |
|---|---|
| Link-Id | - |
| MAPI-Id | - |
| System-Only | False |
| Is-Single-Valued | True |
| Is Indexed | False |
| In Global Catalog | False |
| NT-Security-Descriptor | O:BAG:BAD:S: |
| Range-Lower | - |
| Range-Upper | - |
| Search-Flags | 0x00000000 |
| System-Flags | 0x00000010 |
| Classes used in | Configuration |