Error Code S-1-5-21domain-527

Definition of Well-known Security Identifiers (SIDs) codes.

S-1-5-21domain-527 Enterprise Key Admins A security group. The intention for this group is to have delegated write access on the msdsKeyCredentialLink attribute only. The group is intended for use in scenarios where trusted external authorities (for example, Active Directory Federated Services) are responsible for modifying this attribute. Only trusted administrators should be made a member of this group.

This code may be used in the following events / insertation strings:

Insertion Strings


Security Events