Compartir a través de


2.2.1.5 LSA Trust Record Flags

This section provides a cross reference of Flag values with associated descriptions of the Forest record types that use such Flag values.<17>

Note  Some flag values are reused for different forest record types. See the Meaning column for more information.

Value

Meaning

LSA_TLN_DISABLED_NEW

0x00000001

The top-level name trust record is disabled during initial creation.

Note This flag MUST be used with forest trust records of type ForestTrustTopLevelName or ForestTrustTopLevelNameEx only (section 2.2.7.21).

LSA_TLN_DISABLED_ADMIN

0x00000002

The top-level name trust record is disabled by the Domain administrator.

Note This flag MUST be used with forest trust records of type ForestTrustTopLevelName or ForestTrustTopLevelNameEx only (section 2.2.7.21).

LSA_TLN_DISABLED_CONFLICT

0x00000004

The top-level name trust record is disabled due to a conflict.

Note This flag MUST be used with forest trust records of type ForestTrustTopLevelName or ForestTrustTopLevelNameEx only (section 2.2.7.21).

LSA_SID_DISABLED_ADMIN

0x00000001

The Domain information trust record is disabled by the domain administrator.

Note This flag MUST be used with a forest trust record of type ForestTrustDomainInfo only (section 2.2.7.24).

LSA_SID_DISABLED_CONFLICT

0x00000002

The domain information trust record is disabled due to a conflict.

Note This flag MUST be used with a forest trust record of type ForestTrustDomainInfo only (section 2.2.7.24).

LSA_NB_DISABLED_ADMIN

0x00000004

The domain information trust record is disabled by the domain administrator.

Note This flag MUST be used with a forest trust record of type ForestTrustDomainInfo only (section 2.2.7.24).

LSA_NB_DISABLED_CONFLICT

0x00000008

The domain information trust record is disabled due to a conflict.

Note This flag MUST be used with a forest trust record of type ForestTrustDomainInfo only (section 2.2.7.24).

LSA_FTRECORD_DISABLED_REASONS

0x0000FFFF

The domain information trust record is disabled.

Note This set of flags is reserved; for current and future reasons, the trust is disabled.

LSA_SCANNER_INFO_DISABLE_AUTH_TARGET_VALIDATION

(0x00000001)

Domain name validation during NTLM pass-through authentication is disabled.

This flag can be set and queried on ForestTrustScannerInfo records (sections 2.2.7.22 and 2.2.7.31), but otherwise MUST be ignored.