Allowed-To-Authenticate extended right
The control access right controls who can authenticate to a particular computer or service. It basically lives on computer, user, and InetOrgPerson objects. It is also applicable on the domain object if access is allowed for the entire domain. It can be applied to OUs to permit users to be able to set inheritable ACEs on OUs that contain a set of user or computer objects.
| Entry | Value |
|---|---|
| CN | Allowed-To-Authenticate |
| Display-Name | Allowed to Authenticate |
| Rights-GUID | 68b1d179-0d15-4d4f-ab71-46152e79a7bc |
Implementations
- Windows Server 2003
- Windows Server 2003 R2
- Windows Server 2008
- Windows Server 2008 R2
- Windows Server 2012
Windows Server 2003
| Entry | Value |
|---|---|
| Applies-To | Computer User inetOrgPerson |
| Localization-Display-ID | 65 |
Windows Server 2003 R2
| Entry | Value |
|---|---|
| Applies-To | Computer User inetOrgPerson |
| Localization-Display-ID | 65 |
Windows Server 2008
| Entry | Value |
|---|---|
| Applies-To | Computer User inetOrgPerson |
| Localization-Display-ID | 65 |
Windows Server 2008 R2
| Entry | Value |
|---|---|
| Applies-To | Computer ms-DS-Managed-Service-Account User inetOrgPerson |
| Localization-Display-ID | 65 |
Windows Server 2012
| Entry | Value |
|---|---|
| Applies-To | Computer ms-DS-Managed-Service-Account User inetOrgPerson |
| Localization-Display-ID | 65 |