Error when you check domain object properties by using RSAT in Windows 10: msDS-ExpirePasswordsOnSmartCardOnlyAccounts not exist
This article provides a solution to an error that occurs when you check domain object properties by using RSAT in Windows 10.
Applies to: Windows 10, version 1809
Original KB number: 3214525
Symptoms
You have a Windows 10, version 1809-based client that joins a domain with a Windows Server 2012 R2 controller. Additionally, the Remote Server Administration Tools (RSAT) for Windows 10 is installed on the client. When you right-click the properties of a domain object in Active Directory Administrative Center (ADAC) in this situation, you receive the following error message:
Failed to retrieve the object 'DC=CONTOSO,DC=COM' due to the following error:
The specified directory service attribute or value does not exist Parameter name: msDS-ExpirePasswordsOnSmartCardOnlyAccounts
Cause
This issue occurs when the schema version of the domain has not yet been updated.
Workaround
To work around this issue, use one of the following tools to obtain the properties of a domain object:
- DSA.msc
- Ldifde.exe
- Ldp.exe
- ADSI Edit (adsiedit.msc)
- Get-ADObject cmdlets
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for