3.1.1.3.1.1.3 Attributes
Sections 5.1 through 5.4 of [RFC2252], as well as section 5 of [RFC2256] and section 2 of [RFC2798], define a set of attributes common to LDAP directories. Additionally, portions of the Active Directory schema are derived from [RFC1274] and [RFC2307]. The following tables show, for each of these RFCs, the attributes that are either included in the Active Directory default schemas of Windows Server 2003 operating system and later, or present as readable attributes of the rootDSE of Windows 2000 operating system and later DCs (both AD DS and AD LDS). Some of these attributes were added to the schema of Windows Server 2003 or Windows Server 2003 R2 operating system but were not present in the Windows 2000 schema; [MS-ADA1], [MS-ADA2], [MS-ADA3], and [MS-ADLS] specify the attributes included in each version of the schema. For more information about rootDSE attributes, which are not part of the schema, see section 3.1.1.3.2.
RFC 1274
-
Attribute
Included by AD DS?
Included by AD LDS?
Yes
Yes
Yes
No
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
No
Yes
No
Yes
Yes
Yes
Yes
Yes
No
Yes
Yes
Yes*
Yes*
Yes
Yes
Yes
No
Yes
No
Yes
No
Yes
No
Yes
No
Yes
Yes
Yes
Yes
Yes
No
Yes
No
Yes
Yes
Yes
No
Yes
No
Yes
No
Yes
No
Yes
No
Yes
Yes
Yes
No
Yes
No
Yes
No
Yes
Yes
Yes
Yes
Yes
No
Yes
No
Yes
Yes
Yes
No
aliasedObjectName
No
No
commonName
No
No
surname
No
No
countryName
No
No
localityName
No
No
stateOrProvinceName
No
No
organizationName
No
No
mhsDeliverableContentLength
No
No
mhsDeliverableContentTypes
No
No
mhsDeliverableEits
No
No
mhsDLMembers
No
No
mhsDLSubmitPermissions
No
No
mhsMessageStoreName
No
No
mhsORAddresses
No
No
mhsPreferredDeliveryMethods
No
No
mhsSupportedAutomaticActions
No
No
mhsSupportedContentTypes
No
No
mhsSupportedOptionalAttributes
No
No
userid
No
No
rfc822Mailbox
No
No
No
No
favouriteDrink
No
No
homeTelephoneNumber
No
No
lastModifiedTime
No
No
lastModifiedBy
No
No
domainComponent
No
No
aRecord
No
No
mXRecord
No
No
nSRecord
No
No
sOARecord
No
No
cNAMERecord
No
No
mobileTelephoneNumber
No
No
pagerTelephoneNumber
No
No
friendlyCountryName
No
No
No
No
janetMailbox
No
No
mailPreferenceOption
No
No
dSAQuality
No
No
singleLevelQuality
No
No
subtreeMinimumQuality
No
No
subtreeMaximumQuality
No
No
personalSignature
No
No
dITRedirect
No
No
* Active Directory uses the userPassword attribute to set or change passwords only in limited circumstances. See section 3.1.1.3.1.5.
RFC 2252
-
Attribute
Included by AD DS?
Included by AD LDS?
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
namingContexts
Yes
Yes
supportedExtension
Yes
Yes
supportedControl
Yes
Yes
supportedSASLMechanisms
Yes
Yes
supportedLDAPVersion
Yes
Yes
Yes
Yes
creatorsName
No
No
modifiersName
No
No
matchingRules
No
No
matchingRulesUse
No
No
altServer
No
No
ldapSyntaxes
No
No
dITStructureRules
No
No
nameForms
No
No
RFC 2256
-
Attribute
Included by AD DS?
Included by AD LDS?
objectClass
Yes
Yes
knowledgeInformation
Yes
No
Yes
Yes
Yes
Yes
serialNumber
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
title
Yes
Yes
description
Yes
Yes
searchGuide
Yes
Yes
businessCategory
Yes
Yes
postalAddress
Yes
Yes
postalCode
Yes
Yes
postOfficeBox
Yes
Yes
physicalDeliveryOfficeName
Yes
Yes
telephoneNumber
Yes
Yes
telexNumber
Yes
Yes
teletexTerminalIdentifier
Yes
Yes
facsimileTelephoneNumber
Yes
Yes
x121Address
Yes
Yes
internationalISDNNumber
Yes
Yes
registeredAddress
Yes
Yes
destinationIndicator
Yes
Yes
preferredDeliveryMethod
Yes
Yes
presentationAddress
Yes
No
supportedApplicationContext
Yes
No
member
Yes
Yes
owner
Yes
Yes
roleOccupant
Yes
No
seeAlso
Yes
Yes
userPassword
Yes*
Yes*
userCertificate
Yes
Yes
cACertificate
Yes
No
authorityRevocationList
Yes
No
certificateRevocationList
Yes
No
crossCertificatePair
Yes
No
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
No
Yes
No
Yes
Yes
aliasedObjectName
No
No
dnQualifier
No
No
protocolInformation
No
No
supportedAlgorithms
No
No
* Active Directory uses the userPassword attribute to set or change passwords only in limited circumstances. See section 3.1.1.3.1.5.
RFC 2798
-
Attribute
Included by AD DS?
Included by AD LDS?
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
RFC 2307
-
Attribute
Included by AD DS?
Included by AD LDS?
Yes
No
Yes
No
Yes
No
Yes
No
Yes
No
Yes
No
Yes
No
Yes
No
Yes
No
Yes
No
Yes
No
Yes
No
Yes
No
Yes
No
Yes
No
Yes
No
Yes
No
Yes
No
Yes
No
Yes
No
Yes
No
Yes
No
Yes
No
Yes
No
Yes
No
Yes
No
Yes
No