ms-DS-User-Account-Control-Computed Attribute (Windows)

MSDN Home

MSDN
MSDN Library
Win32 and COM Development
Administration and Management
Directory, Identity, and Acces ...
Directory Services
Directories
Active Directory Schema
Attributes
All Attributes

All Attributes

Account-Expires
Account-Name-History
ACS-Aggregate-Token-Rate-Per-U ...
ACS-Allocable-RSVP-Bandwidth
ACS-Cache-Timeout
ACS-Direction
ACS-DSBM-DeadTime
ACS-DSBM-Priority
ACS-DSBM-Refresh
ACS-Enable-ACS-Service
ACS-Enable-RSVP-Accounting
ACS-Enable-RSVP-Message-Loggin ...
ACS-Event-Log-Level
ACS-Identity-Name
ACS-Max-Aggregate-Peak-Rate-Pe ...
ACS-Max-Duration-Per-Flow
ACS-Maximum-SDU-Size
ACS-Max-No-Of-Account-Files
ACS-Max-No-Of-Log-Files
ACS-Max-Peak-Bandwidth
ACS-Max-Peak-Bandwidth-Per-Flo ...
ACS-Max-Size-Of-RSVP-Account-F ...
ACS-Max-Size-Of-RSVP-Log-File
ACS-Max-Token-Bucket-Per-Flow
ACS-Max-Token-Rate-Per-Flow
ACS-Minimum-Delay-Variation
ACS-Minimum-Latency
ACS-Minimum-Policed-Size
ACS-Non-Reserved-Max-SDU-Size
ACS-Non-Reserved-Min-Policed-S ...
ACS-Non-Reserved-Peak-Rate
ACS-Non-Reserved-Token-Size
ACS-Non-Reserved-Tx-Limit
ACS-Non-Reserved-Tx-Size
ACS-Permission-Bits
ACS-Policy-Name
ACS-Priority
ACS-RSVP-Account-Files-Locatio ...
ACS-RSVP-Log-Files-Location
ACS-Server-List
ACS-Service-Type
ACS-Time-Of-Day
ACS-Total-No-Of-Flows
Additional-Information
Additional-Trusted-Service-Nam ...
Address
Address-Book-Roots
Address-Entry-Display-Table
Address-Entry-Display-Table-MS ...
Address-Home
Address-Syntax
Address-Type
Admin-Context-Menu
Admin-Count
Admin-Description
Admin-Display-Name
Admin-Multiselect-Property-Pag ...
Admin-Property-Pages
Allowed-Attributes
Allowed-Attributes-Effective
Allowed-Child-Classes
Allowed-Child-Classes-Effectiv ...
Alt-Security-Identities
ANR
Application-Name
Applies-To
App-Schema-Version
Asset-Number
Assistant
associatedDomain
associatedName
Assoc-NT-Account
attributeCertificateAttribute
Attribute-Display-Names
Attribute-ID
Attribute-Security-GUID
Attribute-Syntax
Attribute-Types
audio
Auditing-Policy
Authentication-Options
Authority-Revocation-List
Auxiliary-Class
Bad-Password-Time
Bad-Pwd-Count
Birth-Location
bootFile
bootParameter
Bridgehead-Server-List-BL
Bridgehead-Transport-List
buildingName
Builtin-Creation-Time
Builtin-Modified-Count
Business-Category
Bytes-Per-Minute
CA-Certificate
CA-Certificate-DN
CA-Connect
Canonical-Name
Can-Upgrade-Script
carLicense
Catalogs
Categories
Category-Id
CA-Usages
CA-WEB-URL
Certificate-Authority-Object
Certificate-Revocation-List
Certificate-Templates
Class-Display-Name
Code-Page
COM-ClassID
COM-CLSID
COM-InterfaceID
Comment
Common-Name
COM-Other-Prog-Id
Company
COM-ProgID
COM-Treat-As-Class-Id
COM-Typelib-Id
COM-Unique-LIBID
Content-Indexing-Allowed
Context-Menu
Control-Access-Rights
Cost
Country-Code
Country-Name
Create-Dialog
Create-Time-Stamp
Create-Wizard-Ext
Creation-Time
Creation-Wizard
Creator
CRL-Object
CRL-Partitioned-Revocation-Lis ...
Cross-Certificate-Pair
Current-Location
Current-Parent-CA
Current-Value
Curr-Machine-Id
DBCS-Pwd
Default-Class-Store
Default-Group
Default-Hiding-Value
Default-Local-Policy-Object
Default-Object-Category
Default-Priority
Default-Security-Descriptor
Delta-Revocation-List
Department
departmentNumber
Description
Desktop-Profile
Destination-Indicator
dhcp-Classes
dhcp-Flags
dhcp-Identification
dhcp-Mask
dhcp-MaxKey
dhcp-Obj-Description
dhcp-Obj-Name
dhcp-Options
dhcp-Properties
dhcp-Ranges
dhcp-Reservations
dhcp-Servers
dhcp-Sites
dhcp-State
dhcp-Subnets
dhcp-Type
dhcp-Unique-Key
dhcp-Update-Time
Display-Name
Display-Name-Printable
DIT-Content-Rules
Division
DMD-Location
DMD-Name
DN-Reference-Update
Dns-Allow-Dynamic
Dns-Allow-XFR
DNS-Host-Name
Dns-Notify-Secondaries
DNS-Property
Dns-Record
Dns-Root
Dns-Secure-Secondaries
DNS-Tombstoned
documentAuthor
documentIdentifier
documentLocation
documentPublisher
documentTitle
documentVersion
Domain-Certificate-Authorities
Domain-Component
Domain-Cross-Ref
Domain-ID
Domain-Identifier
Domain-Policy-Object
Domain-Policy-Reference
Domain-Replica
Domain-Wide-Policy
drink
Driver-Name
Driver-Version
DSA-Signature
DS-Core-Propagation-Data
DS-Heuristics
DS-UI-Admin-Maximum
DS-UI-Admin-Notification
DS-UI-Shell-Maximum
Dynamic-LDAP-Server
EFSPolicy
E-mail-Addresses
Employee-ID
Employee-Number
Employee-Type
Enabled
Enabled-Connection
Enrollment-Providers
Entry-TTL
Extended-Attribute-Info
Extended-Chars-Allowed
Extended-Class-Info
Extension-Name
Extra-Columns
Facsimile-Telephone-Number
File-Ext-Priority
Flags
Flat-Name
Force-Logoff
Foreign-Identifier
Friendly-Names
From-Entry
From-Server
Frs-Computer-Reference
Frs-Computer-Reference-BL
FRS-Control-Data-Creation
FRS-Control-Inbound-Backlog
FRS-Control-Outbound-Backlog
FRS-Directory-Filter
FRS-DS-Poll
FRS-Extensions
FRS-Fault-Condition
FRS-File-Filter
FRS-Flags
FRS-Level-Limit
FRS-Member-Reference
FRS-Member-Reference-BL
FRS-Partner-Auth-Level
FRS-Primary-Member
FRS-Replica-Set-GUID
FRS-Replica-Set-Type
FRS-Root-Path
FRS-Root-Security
FRS-Service-Command
FRS-Service-Command-Status
FRS-Staging-Path
FRS-Time-Last-Command
FRS-Time-Last-Config-Change
FRS-Update-Timeout
FRS-Version
FRS-Version-GUID
FRS-Working-Path
FSMO-Role-Owner
Garbage-Coll-Period
gecos
Generated-Connection
Generation-Qualifier
gidNumber
Given-Name
Global-Address-List
Governs-ID
GPC-File-Sys-Path
GPC-Functionality-Version
GPC-Machine-Extension-Names
GPC-User-Extension-Names
GPC-WQL-Filter
GP-Link
GP-Options
Group-Attributes
Group-Membership-SAM
Group-Priority
Groups-to-Ignore
Group-Type
Has-Master-NCs
Has-Partial-Replica-NCs
Help-Data16
Help-Data32
Help-File-Name
Hide-From-AB
Home-Directory
Home-Drive
host
houseIdentifier
Icon-Path
Implemented-Categories
IndexedScopes
Initial-Auth-Incoming
Initial-Auth-Outgoing
Initials
Install-Ui-Level
Instance-Type
International-ISDN-Number
Inter-Site-Topology-Failover
Inter-Site-Topology-Generator
Inter-Site-Topology-Renew
Invocation-Id
ipHostNumber
ipNetmaskNumber
ipNetworkNumber
ipProtocolNumber
Ipsec-Data
Ipsec-Data-Type
Ipsec-Filter-Reference
Ipsec-ID
Ipsec-ISAKMP-Reference
Ipsec-Name
IPSEC-Negotiation-Policy-Actio ...
Ipsec-Negotiation-Policy-Refer ...
IPSEC-Negotiation-Policy-Type
Ipsec-NFA-Reference
Ipsec-Owners-Reference
Ipsec-Policy-Reference
ipServicePort
ipServiceProtocol
Is-Critical-System-Object
Is-Defunct
Is-Deleted
Is-Ephemeral
Is-Member-Of-DL
Is-Member-Of-Partial-Attribute ...
Is-Privilege-Holder
Is-Single-Valued
jpegPhoto
Keywords
Knowledge-Information
labeledURI
Last-Backup-Restoration-Time
Last-Content-Indexed
Last-Known-Parent
Last-Logoff
Last-Logon
Last-Logon-Timestamp
Last-Set-Time
Last-Update-Sequence
LDAP-Admin-Limits
LDAP-Display-Name
LDAP-IPDeny-List
Legacy-Exchange-DN
Link-ID
Link-Track-Secret
Lm-Pwd-History
Locale-ID
Locality-Name
Localization-Display-Id
Localized-Description
Local-Policy-Flags
Local-Policy-Reference
Location
Lockout-Duration
Lock-Out-Observation-Window
Lockout-Threshold
Lockout-Time
loginShell
Logo
Logon-Count
Logon-Hours
Logon-Workstation
LSA-Creation-Time
LSA-Modified-Count
macAddress
Machine-Architecture
Machine-Password-Change-Interv ...
Machine-Role
Machine-Wide-Policy
Managed-By
Managed-Objects
Manager
MAPI-ID
Marshalled-Interface
Mastered-By
Max-Pwd-Age
Max-Renew-Age
Max-Storage
Max-Ticket-Age
May-Contain
meetingAdvertiseScope
meetingApplication
meetingBandwidth
meetingBlob
meetingContactInfo
meetingDescription
meetingEndTime
meetingID
meetingIP
meetingIsEncrypted
meetingKeyword
meetingLanguage
meetingLocation
meetingMaxParticipants
meetingName
meetingOriginator
meetingOwner
meetingProtocol
meetingRating
meetingRecurrence
meetingScope
meetingStartTime
meetingType
meetingURL
Member
memberNisNetgroup
memberUid
MHS-OR-Address
Min-Pwd-Age
Min-Pwd-Length
Min-Ticket-Age
Modified-Count
Modified-Count-At-Last-Prom
Modify-Time-Stamp
Moniker
Moniker-Display-Name
Move-Tree-State
ms-COM-DefaultPartitionLink
ms-COM-ObjectId
ms-COM-PartitionLink
ms-COM-PartitionSetLink
ms-COM-UserLink
ms-COM-UserPartitionSetLink
Mscope-Id
ms-DFSR-CachePolicy
ms-DFSR-CommonStagingPath
ms-DFSR-CommonStagingSizeInMb
ms-DFSR-ComputerReference
ms-DFSR-ComputerReferenceBL
ms-DFSR-ConflictPath
ms-DFSR-ConflictSizeInMb
ms-DFSR-ContentSetGuid
ms-DFSR-DefaultCompressionExcl ...
ms-DFSR-DeletedPath
ms-DFSR-DeletedSizeInMb
ms-DFSR-DfsLinkTarget
ms-DFSR-DfsPath
ms-DFSR-DirectoryFilter
ms-DFSR-DisablePacketPrivacy
ms-DFSR-Enabled
ms-DFSR-Extension
ms-DFSR-FileFilter
ms-DFSR-Flags
ms-DFSR-Keywords
ms-DFSR-MaxAgeInCacheInMin
ms-DFSR-MemberReference
ms-DFSR-MemberReferenceBL
ms-DFSR-MinDurationCacheInMin
ms-DFSR-OnDemandExclusionDirec ...
ms-DFSR-OnDemandExclusionFileF ...
ms-DFSR-Options
ms-DFSR-Options2
ms-DFSR-Priority
ms-DFSR-RdcEnabled
ms-DFSR-RdcMinFileSizeInKb
ms-DFSR-ReadOnly
ms-DFSR-ReplicationGroupGuid
ms-DFSR-ReplicationGroupType
ms-DFSR-RootFence
ms-DFSR-RootPath
ms-DFSR-RootSizeInMb
ms-DFSR-Schedule
ms-DFSR-StagingCleanupTriggerI ...
ms-DFSR-StagingPath
ms-DFSR-StagingSizeInMb
ms-DFSR-TombstoneExpiryInMin
ms-DFSR-Version
MS-DRM-Identity-Certificate
ms-DS-Additional-Dns-Host-Name
ms-DS-Additional-Sam-Account-N ...
ms-DS-Allowed-DNS-Suffixes
ms-DS-Allowed-To-Delegate-To
MS-DS-All-Users-Trust-Quota
ms-DS-Approx-Immed-Subordinate ...
ms-DS-AuthenticatedAt-DC
ms-DS-AuthenticatedTo-Accountl ...
ms-DS-Auxiliary-Classes
ms-DS-Az-Application-Data
ms-DS-Az-Application-Name
ms-DS-Az-Application-Version
ms-DS-Az-Biz-Rule
ms-DS-Az-Biz-Rule-Language
ms-DS-Az-Class-ID
ms-DS-Az-Domain-Timeout
ms-DS-Az-Generate-Audits
ms-DS-Az-Generic-Data
ms-DS-Az-Last-Imported-Biz-Rul ...
ms-DS-Az-LDAP-Query
ms-DS-Az-Major-Version
ms-DS-Az-Minor-Version
ms-DS-Az-Object-Guid
ms-DS-Az-Operation-ID
ms-DS-Az-Scope-Name
ms-DS-Az-Script-Engine-Cache-M ...
ms-DS-Az-Script-Timeout
ms-DS-Az-Task-Is-Role-Definiti ...
ms-DS-Behavior-Version
ms-DS-Byte-Array
ms-DS-Cached-Membership
ms-DS-Cached-Membership-Time-S ...
MS-DS-Consistency-Child-Count
MS-DS-Consistency-Guid
MS-DS-Creator-SID
ms-DS-Date-Time
ms-DS-Default-Quota
ms-DS-Disable-For-Instances
ms-DS-Disable-For-Instances-BL
ms-DS-DnsRootAlias
ms-DS-Entry-Time-To-Die
ms-DS-ExecuteScriptPassword
ms-DS-External-Key
ms-DS-External-Store
ms-DS-Failed-Interactive-Logon ...
ms-DS-Failed-Interactive-Logon ...
ms-DS-Filter-Containers
ms-DS-Has-Domain-NCs
ms-DS-Has-Full-Replica-NCs
ms-DS-Has-Instantiated-NCs
ms-DS-Has-Master-NCs
ms-DS-Integer
ms-DS-IntId
ms-DS-Is-Domain-For
ms-DS-Is-Full-Replica-For
ms-DS-isGC
ms-DS-Is-Partial-Replica-For
ms-DS-isRODC
ms-DS-KeyVersionNumber
ms-DS-KrbTgt-Link
ms-DS-KrbTgt-Link-BL
ms-DS-Last-Failed-Interactive- ...
ms-DS-Last-Successful-Interact ...
ms-DS-Logon-Time-Sync-Interval
MS-DS-Machine-Account-Quota
ms-DS-Mastered-By
ms-DS-Max-Values
ms-DS-Members-For-Az-Role
ms-DS-Members-For-Az-Role-BL
ms-DS-NC-Repl-Cursors
ms-DS-NC-Replica-Locations
ms-DS-NC-Repl-Inbound-Neighbor ...
ms-DS-NC-Repl-Outbound-Neighbo ...
ms-DS-NC-RO-Replica-Locations
ms-DS-NC-RO-Replica-Locations- ...
ms-DS-Never-Reveal-Group
ms-DS-Non-Members
ms-DS-Non-Members-BL
ms-DS-Non-Security-Group-Extra ...
ms-DS-Object-Reference
ms-DS-Object-Reference-BL
ms-DS-Operations-For-Az-Role
ms-DS-Operations-For-Az-Role-B ...
ms-DS-Operations-For-Az-Task
ms-DS-Operations-For-Az-Task-B ...
ms-DS-Other-Settings
MS-DS-Per-User-Trust-Quota
MS-DS-Per-User-Trust-Tombstone ...
ms-DS-Phonetic-Company-Name
ms-DS-Phonetic-Department
ms-DS-Phonetic-Display-Name
ms-DS-Phonetic-First-Name
ms-DS-Phonetic-Last-Name
ms-DS-Port-LDAP
ms-DS-Port-SSL
ms-DS-Preferred-GC-Site
ms-DS-Principal-Name
ms-DS-Promotion-Settings
ms-DS-Quota-Amount
ms-DS-Quota-Effective
ms-DS-Quota-Trustee
ms-DS-Quota-Used
ms-DS-Repl-Attribute-Meta-Data
ms-DS-Repl-Authentication-Mode
MS-DS-Replicates-NC-Reason
ms-DS-ReplicationEpoch
ms-DS-Replication-Notify-First ...
ms-DS-Replication-Notify-Subse ...
ms-DS-Repl-Value-Meta-Data
ms-DS-Retired-Repl-NC-Signatur ...
ms-DS-Revealed-DSAs
ms-DS-Revealed-List
ms-DS-Revealed-List-BL
ms-DS-Revealed-Users
ms-DS-Reveal-OnDemand-Group
ms-ds-Schema-Extensions
ms-DS-SCP-Container
ms-DS-SD-Reference-Domain
ms-DS-Secondary-KrbTgt-Number
ms-DS-Security-Group-Extra-Cla ...
ms-DS-Seniority-Index
ms-DS-Service-Account
ms-DS-Service-Account-BL
ms-DS-Service-Account-DNS-Doma ...
ms-DS-Settings
ms-DS-Site-Affinity
ms-DS-SiteName
ms-DS-Source-Object-DN
ms-DS-SPN-Suffixes
ms-DS-Supported-Encryption-Typ ...
ms-DS-Tasks-For-Az-Role
ms-DS-Tasks-For-Az-Role-BL
ms-DS-Tasks-For-Az-Task
ms-DS-Tasks-For-Az-Task-BL
ms-DS-Tombstone-Quota-Factor
ms-DS-Top-Quota-Usage
ms-DS-Trust-Forest-Trust-Info
ms-DS-UpdateScript
ms-DS-User-Account-Auto-Locked
ms-DS-User-Account-Control-Com ...
ms-DS-User-Account-Disabled
ms-DS-User-Dont-Expire-Passwor ...
ms-DS-User-Encrypted-Text-Pass ...
ms-DS-User-Password-Expired
ms-DS-User-Password-Expiry-Tim ...
ms-DS-User-Password-Not-Requir ...
ms-Exch-Assistant-Name
ms-Exch-House-Identifier
ms-Exch-LabeledURI
ms-Exch-Owner-BL
ms-FRS-Hub-Member
ms-FRS-Topology-Pref
ms-FVE-RecoveryGuid
ms-FVE-RecoveryPassword
ms-ieee-80211-Data
ms-ieee-80211-Data-Type
ms-ieee-80211-ID
Msi-File-List
ms-IIS-FTP-Dir
ms-IIS-FTP-Root
Msi-Script
Msi-Script-Name
Msi-Script-Path
Msi-Script-Size
MSMQ-Authenticate
MSMQ-Base-Priority
MSMQ-Computer-Type
MSMQ-Computer-Type-Ex
MSMQ-Cost
MSMQ-CSP-Name
MSMQ-Dependent-Client-Service
MSMQ-Dependent-Client-Services
MSMQ-Digests
MSMQ-Digests-Mig
MSMQ-Ds-Service
MSMQ-Ds-Services
MSMQ-Encrypt-Key
MSMQ-Foreign
MSMQ-In-Routing-Servers
MSMQ-Interval1
MSMQ-Interval2
MSMQ-Journal
MSMQ-Journal-Quota
MSMQ-Label
MSMQ-Label-Ex
MSMQ-Long-Lived
MSMQ-Migrated
MSMQ-Multicast-Address
MSMQ-Name-Style
MSMQ-Nt4-Flags
MSMQ-Nt4-Stub
MSMQ-OS-Type
MSMQ-Out-Routing-Servers
MSMQ-Owner-ID
MSMQ-Prev-Site-Gates
MSMQ-Privacy-Level
MSMQ-QM-ID
MSMQ-Queue-Journal-Quota
MSMQ-Queue-Name-Ext
MSMQ-Queue-Quota
MSMQ-Queue-Type
MSMQ-Quota
MSMQ-Recipient-FormatName
MSMQ-Routing-Service
MSMQ-Routing-Services
MSMQ-Secured-Source
MSMQ-Services
MSMQ-Service-Type
MSMQ-Sign-Certificates
MSMQ-Sign-Certificates-Mig
MSMQ-Sign-Key
MSMQ-Site-1
MSMQ-Site-2
MSMQ-Site-Foreign
MSMQ-Site-Gates
MSMQ-Site-Gates-Mig
MSMQ-Site-ID
MSMQ-Site-Name
MSMQ-Site-Name-Ex
MSMQ-Sites
MSMQ-Transactional
MSMQ-User-Sid
MSMQ-Version
ms-net-ieee-80211-GP-PolicyDat ...
ms-net-ieee-80211-GP-PolicyGUI ...
ms-net-ieee-80211-GP-PolicyRes ...
ms-net-ieee-8023-GP-PolicyData
ms-net-ieee-8023-GP-PolicyGUID
ms-net-ieee-8023-GP-PolicyRese ...
msNPAllowDialin
msNPCalledStationID
msNPCallingStationID
msNPSavedCallingStationID
ms-PKI-AccountCredentials
ms-PKI-Certificate-Application ...
ms-PKI-Certificate-Name-Flag
ms-PKI-Certificate-Policy
ms-PKI-Cert-Template-OID
ms-PKI-DPAPIMasterKeys
ms-PKI-Enrollment-Flag
ms-PKI-Minimal-Key-Size
ms-PKI-OID-Attribute
ms-PKI-OID-CPS
ms-PKI-OID-LocalizedName
ms-PKI-OID-User-Notice
ms-PKI-Private-Key-Flag
ms-PKI-RA-Application-Policies
ms-PKI-RA-Policies
ms-PKI-RA-Signature
ms-PKI-RoamingTimeStamp
ms-PKI-Supersede-Templates
ms-PKI-Template-Minor-Revision
ms-PKI-Template-Schema-Version
msRADIUSCallbackNumber
ms-RADIUS-FramedInterfaceId
msRADIUSFramedIPAddress
ms-RADIUS-FramedIpv6Prefix
ms-RADIUS-FramedIpv6Route
msRADIUSFramedRoute
ms-RADIUS-SavedFramedInterface ...
ms-RADIUS-SavedFramedIpv6Prefi ...
ms-RADIUS-SavedFramedIpv6Route
msRADIUSServiceType
msRASSavedCallbackNumber
msRASSavedFramedIPAddress
msRASSavedFramedRoute
ms-RRAS-Attribute
ms-RRAS-Vendor-Attribute-Entry
msSFU-30-Aliases
msSFU-30-Crypt-Method
msSFU-30-Domains
msSFU-30-Field-Separator
msSFU-30-Intra-Field-Separator
msSFU-30-Is-Valid-Container
msSFU-30-Key-Attributes
msSFU-30-Key-Values
msSFU-30-Map-Filter
msSFU-30-Master-Server-Name
msSFU-30-Max-Gid-Number
msSFU-30-Max-Uid-Number
msSFU-30-Name
msSFU-30-Netgroup-Host-At-Doma ...
msSFU-30-Netgroup-User-At-Doma ...
msSFU-30-Nis-Domain
msSFU-30-NSMAP-Field-Position
msSFU-30-Order-Number
msSFU-30-Posix-Member
msSFU-30-Posix-Member-Of
msSFU-30-Result-Attributes
msSFU-30-Search-Attributes
msSFU-30-Search-Container
msSFU-30-Yp-Servers
MS-SQL-Alias
MS-SQL-AllowAnonymousSubscript ...
MS-SQL-AllowImmediateUpdatingS ...
MS-SQL-AllowKnownPullSubscript ...
MS-SQL-AllowQueuedUpdatingSubs ...
MS-SQL-AllowSnapshotFilesFTPDo ...
MS-SQL-AppleTalk
MS-SQL-Applications
MS-SQL-Build
MS-SQL-CharacterSet
MS-SQL-Clustered
MS-SQL-ConnectionURL
MS-SQL-Contact
MS-SQL-CreationDate
MS-SQL-Database
MS-SQL-Description
MS-SQL-GPSHeight
MS-SQL-GPSLatitude
MS-SQL-GPSLongitude
MS-SQL-InformationDirectory
MS-SQL-InformationURL
MS-SQL-Keywords
MS-SQL-Language
MS-SQL-LastBackupDate
MS-SQL-LastDiagnosticDate
MS-SQL-LastUpdatedDate
MS-SQL-Location
MS-SQL-Memory
MS-SQL-MultiProtocol
MS-SQL-Name
MS-SQL-NamedPipe
MS-SQL-PublicationURL
MS-SQL-Publisher
MS-SQL-RegisteredOwner
MS-SQL-ServiceAccount
MS-SQL-Size
MS-SQL-SortOrder
MS-SQL-SPX
MS-SQL-Status
MS-SQL-TCPIP
MS-SQL-ThirdParty
MS-SQL-Type
MS-SQL-UnicodeSortOrder
MS-SQL-Version
MS-SQL-Vines
ms-TAPI-Conference-Blob
ms-TAPI-Ip-Address
ms-TAPI-Protocol-Id
ms-TAPI-Unique-Identifier
ms-TPM-OwnerInformation
ms-TS-Allow-Logon
ms-TS-Broken-Connection-Action
ms-TS-Connect-Client-Drives
ms-TS-Connect-Printer-Drives
ms-TS-Default-To-Main-Printer
MS-TS-ExpireDate
ms-TS-Home-Directory
ms-TS-Home-Drive
ms-TS-Initial-Program
MS-TS-LicenseVersion
MS-TS-ManagingLS
ms-TS-Max-Connection-Time
ms-TS-Max-Disconnection-Time
ms-TS-Max-Idle-Time
ms-TS-Profile-Path
MS-TS-Property01
MS-TS-Property02
ms-TS-Reconnection-Action
ms-TS-Remote-Control
ms-TS-Work-Directory
ms-WMI-Author
ms-WMI-ChangeDate
ms-WMI-Class
ms-WMI-ClassDefinition
ms-WMI-CreationDate
ms-WMI-Genus
ms-WMI-ID
ms-WMI-int8Default
ms-WMI-int8Max
ms-WMI-int8Min
ms-WMI-int8ValidValues
ms-WMI-intDefault
ms-WMI-intFlags1
ms-WMI-intFlags2
ms-WMI-intFlags3
ms-WMI-intFlags4
ms-WMI-intMax
ms-WMI-intMin
ms-WMI-intValidValues
ms-WMI-Mof
ms-WMI-Name
ms-WMI-NormalizedClass
ms-WMI-Parm1
ms-WMI-Parm2
ms-WMI-Parm3
ms-WMI-Parm4
ms-WMI-PropertyName
ms-WMI-Query
ms-WMI-QueryLanguage
ms-WMI-ScopeGuid
ms-WMI-SourceOrganization
ms-WMI-stringDefault
ms-WMI-stringValidValues
ms-WMI-TargetClass
ms-WMI-TargetNameSpace
ms-WMI-TargetObject
ms-WMI-TargetPath
ms-WMI-TargetType
Must-Contain
Name-Service-Flags
NC-Name
NETBIOS-Name
netboot-Allow-New-Clients
netboot-Answer-Only-Valid-Clie ...
netboot-Answer-Requests
netboot-Current-Client-Count
Netboot-GUID
Netboot-Initialization
netboot-IntelliMirror-OSes
netboot-Limit-Clients
netboot-Locally-Installed-OSes
Netboot-Machine-File-Path
netboot-Max-Clients
Netboot-Mirror-Data-File
netboot-New-Machine-Naming-Pol ...
netboot-New-Machine-OU
netboot-SCP-BL
netboot-Server
Netboot-SIF-File
netboot-Tools
Network-Address
Next-Level-Store
Next-Rid
nisMapEntry
nisMapName
nisNetgroupTriple
Non-Security-Member
Non-Security-Member-BL
Notification-List
NT-Group-Members
NT-Mixed-Domain
Nt-Pwd-History
NT-Security-Descriptor
Obj-Dist-Name
Object-Category
Object-Class
Object-Class-Category
Object-Classes
Object-Count
Object-Guid
Object-Sid
Object-Version
OEM-Information
OM-Object-Class
OM-Syntax
OMT-Guid
OMT-Indx-Guid
oncRpcNumber
Operating-System
Operating-System-Hotfix
Operating-System-Service-Pack
Operating-System-Version
Operator-Count
Option-Description
Options
Options-Location
organizationalStatus
Organizational-Unit-Name
Organization-Name
Original-Display-Table
Original-Display-Table-MSDOS
Other-Login-Workstations
Other-Mailbox
Other-Name
Other-Well-Known-Objects
Owner
Package-Flags
Package-Name
Package-Type
Parent-CA
Parent-CA-Certificate-Chain
Parent-GUID
Partial-Attribute-Deletion-Lis ...
Partial-Attribute-Set
Pek-Key-Change-Interval
Pek-List
Pending-CA-Certificates
Pending-Parent-CA
Per-Msg-Dialog-Display-Table
Per-Recip-Dialog-Display-Table
Personal-Title
Phone-Fax-Other
Phone-Home-Other
Phone-Home-Primary
Phone-Ip-Other
Phone-Ip-Primary
Phone-ISDN-Primary
Phone-Mobile-Other
Phone-Mobile-Primary
Phone-Office-Other
Phone-Pager-Other
Phone-Pager-Primary
photo
Physical-Delivery-Office-Name
Physical-Location-Object
Picture
PKI-Critical-Extensions
PKI-Default-CSPs
PKI-Default-Key-Spec
PKI-Enrollment-Access
PKI-Expiration-Period
PKI-Extended-Key-Usage
PKI-Key-Usage
PKI-Max-Issuing-Depth
PKI-Overlap-Period
PKT
PKT-Guid
Policy-Replication-Flags
Port-Name
Possible-Inferiors
Poss-Superiors
Postal-Address
Postal-Code
Post-Office-Box
Preferred-Delivery-Method
preferredLanguage
Preferred-OU
Prefix-Map
Presentation-Address
Previous-CA-Certificates
Previous-Parent-CA
Primary-Group-ID
Primary-Group-Token
Print-Attributes
Print-Bin-Names
Print-Collate
Print-Color
Print-Duplex-Supported
Print-End-Time
Printer-Name
Print-Form-Name
Print-Keep-Printed-Jobs
Print-Language
Print-MAC-Address
Print-Max-Copies
Print-Max-Resolution-Supported
Print-Max-X-Extent
Print-Max-Y-Extent
Print-Media-Ready
Print-Media-Supported
Print-Memory
Print-Min-X-Extent
Print-Min-Y-Extent
Print-Network-Address
Print-Notify
Print-Number-Up
Print-Orientations-Supported
Print-Owner
Print-Pages-Per-Minute
Print-Rate
Print-Rate-Unit
Print-Separator-File
Print-Share-Name
Print-Spooling
Print-Stapling-Supported
Print-Start-Time
Print-Status
Priority
Prior-Set-Time
Prior-Value
Private-Key
Privilege-Attributes
Privilege-Display-Name
Privilege-Holder
Privilege-Value
Product-Code
Profile-Path
Proxied-Object-Name
Proxy-Addresses
Proxy-Generation-Enabled
Proxy-Lifetime
Public-Key-Policy
Purported-Search
Pwd-History-Length
Pwd-Last-Set
Pwd-Properties
Quality-Of-Service
Query-Filter
QueryPoint
Query-Policy-BL
Query-Policy-Object
Range-Lower
Range-Upper
RDN
RDN-Att-ID
Registered-Address
Remote-Server-Name
Remote-Source
Remote-Source-Type
Remote-Storage-GUID
Replica-Source
Repl-Interval
Repl-Property-Meta-Data
Repl-Topology-Stay-Of-Executio ...
Repl-UpToDate-Vector
Reports
Reps-From
Reps-To
Required-Categories
Retired-Repl-DSA-Signatures
Revision
Rid
RID-Allocation-Pool
RID-Available-Pool
RID-Manager-Reference
RID-Next-RID
RID-Previous-Allocation-Pool
RID-Set-References
RID-Used-Pool
Rights-Guid
Role-Occupant
roomNumber
Root-Trust
rpc-Ns-Annotation
rpc-Ns-Bindings
rpc-Ns-Codeset
rpc-Ns-Entry-Flags
rpc-Ns-Group
rpc-Ns-Interface-ID
rpc-Ns-Object-ID
rpc-Ns-Priority
rpc-Ns-Profile-Entry
rpc-Ns-Transfer-Syntax
SAM-Account-Name
SAM-Account-Type
SAM-Domain-Updates
Schedule
Schema-Flags-Ex
Schema-ID-GUID
Schema-Info
Schema-Update
Schema-Version
Scope-Flags
Script-Path
SD-Rights-Effective
Search-Flags
Search-Guide
secretary
Security-Identifier
See-Also
Seq-Notification
Serial-Number
Server-Name
Server-Reference
Server-Reference-BL
Server-Role
Server-State
Service-Binding-Information
Service-Class-ID
Service-Class-Info
Service-Class-Name
Service-DNS-Name
Service-DNS-Name-Type
Service-Instance-Version
Service-Principal-Name
Setup-Command
shadowExpire
shadowFlag
shadowInactive
shadowLastChange
shadowMax
shadowMin
shadowWarning
Shell-Context-Menu
Shell-Property-Pages
Short-Server-Name
Show-In-Address-Book
Show-In-Advanced-View-Only
SID-History
Signature-Algorithms
Site-GUID
Site-Link-List
Site-List
Site-Object
Site-Object-BL
Site-Server
SMTP-Mail-Address
SPN-Mappings
State-Or-Province-Name
Street-Address
Structural-Object-Class
Sub-Class-Of
Sub-Refs
SubSchemaSubEntry
Superior-DNS-Root
Super-Scope-Description
Super-Scopes
Supplemental-Credentials
Supported-Application-Context
Surname
Sync-Attributes
Sync-Membership
Sync-With-Object
Sync-With-SID
System-Auxiliary-Class
System-Flags
System-May-Contain
System-Must-Contain
System-Only
System-Poss-Superiors
Telephone-Number
Teletex-Terminal-Identifier
Telex-Number
Telex-Primary
Template-Roots
Terminal-Server
Text-Country
Text-Encoded-OR-Address
Time-Refresh
Time-Vol-Change
Title
Token-Groups
Token-Groups-Global-And-Univer ...
Token-Groups-No-GC-Acceptable
Tombstone-Lifetime
Transport-Address-Attribute
Transport-DLL-Name
Transport-Type
Treat-As-Leaf
Tree-Name
Trust-Attributes
Trust-Auth-Incoming
Trust-Auth-Outgoing
Trust-Direction
Trust-Parent
Trust-Partner
Trust-Posix-Offset
Trust-Type
UAS-Compat
uid
uidNumber
UNC-Name
Unicode-Pwd
uniqueIdentifier
uniqueMember
unixHomeDirectory
unixUserPassword
unstructuredAddress
unstructuredName
Upgrade-Product-Code
UPN-Suffixes
User-Account-Control
User-Cert
userClass
User-Comment
User-Parameters
User-Password
userPKCS12
User-Principal-Name
User-Shared-Folder
User-Shared-Folder-Other
User-SMIME-Certificate
User-Workstations
USN-Changed
USN-Created
USN-DSA-Last-Obj-Removed
USN-Intersite
USN-Last-Obj-Rem
USN-Source
Valid-Accesses
Vendor
Version-Number
Version-Number-Hi
Version-Number-Lo
Vol-Table-GUID
Vol-Table-Idx-GUID
Volume-Count
Wbem-Path
Well-Known-Objects
When-Changed
When-Created
Winsock-Addresses
WWW-Home-Page
WWW-Page-Other
X121-Address
x500uniqueIdentifier
X509-Cert

Switch View :

Lightweight Beta

ms-DS-User-Account-Control-Computed Attribute

msDS-User-Account-Control-Computed is much like userAccountControl, but the attribute's value can contain additional bits that are not persisted. The computed bits include:

Value	Name (defined in iads.h)	Description
0x0010	UF_LOCKOUT
0x800000	UF_PASSWORD_EXPIRED
0x4000000	UF_PARTIAL_SECRETS_ACCOUNT
0x8000000	UF_USE_AES_KEYS

The full list of bits that User-Account-Control and therefore msDS-User-Account-Control-Computed can also contain can be found in the User-Account-Control reference page (mapped through the ADSI flagset) or on the network management reference pages for the user_info_1008 structure.

CN	ms-DS-User-Account-Control-Computed
Ldap-Display-Name	msDS-User-Account-Control-Computed
Size	-
Update Privilege	-
Update Frequency	-
Attribute-Id	1.2.840.113556.1.4.1460
System-Id-Guid	2cc4b836-b63f-4940-8d23-ea7acf06af56
Syntax	Enumeration

Implementations

Windows Server 2003
ADAM
Windows Server 2003 R2
Windows Server 2008

Windows Server 2003

Link-Id	-
MAPI-Id	-
System-Only	False
Is-Single-Valued	True
Is Indexed	False
In Global Catalog	False
NT-Security-Descriptor	O:BAG:BAD:S:
Range-Lower	-
Range-Upper	-
Search-Flags	0x00000000
System-Flags	0x00000014
Classes used in	User

ADAM

Link-Id	-
MAPI-Id	-
System-Only	False
Is-Single-Valued	True
Is Indexed	False
In Global Catalog	False
NT-Security-Descriptor	O:BAG:BAD:S:
Range-Lower	-
Range-Upper	-
Search-Flags	0x00000000
System-Flags	0x00000014
Classes used in	ms-DS-Bindable-Object

Windows Server 2003 R2

Link-Id	-
MAPI-Id	-
System-Only	False
Is-Single-Valued	True
Is Indexed	False
In Global Catalog	False
NT-Security-Descriptor	O:BAG:BAD:S:
Range-Lower	-
Range-Upper	-
Search-Flags	0x00000000
System-Flags	0x00000014
Classes used in	User

Windows Server 2008

Link-Id	-
MAPI-Id	-
System-Only	False
Is-Single-Valued	True
Is Indexed	False
In Global Catalog	False
NT-Security-Descriptor	O:BAG:BAD:S:
Range-Lower	-
Range-Upper	-
Search-Flags	0x00000000
System-Flags	0x00000014
Classes used in	User

Send comments about this topic to Microsoft

Build date: 7/7/2009

Tags :

Community Content

Redgum

Usage of msds-user-account-control-computed in LDAP code -- C#

using System.DirectoryServices; // <-- Add a .NET reference to this namespace

string ExtLDAPQuery = "LDAP://my.ADInstance.Com/OU=OrgUnit,DC=My,DC=ADInstanc,DC=com";
string ExtLDAPUser = "MyUserID@my.ADInstance.Com";
string ExtLDAPPW = "MySuperSecurePassword";
string attrib = "msds-user-account-control-computed";
string temp = string.Empty;
// 0X0010 = 16 decimal
constint UF_LOCKOUT = 0x0010;

DirectoryEntry DE = new DirectoryEntry(ExtLDAPQuery, ExtLDAPUser, ExtLDAPPW, AuthenticationTypes.Secure);
DirectorySearcher DS = new DirectorySearcher(DE);
DE.Filter = "(&(objectcategory=person)(samaccountname=UsertoFind))";
SearchResult SR = DS.FindOne();

if (SR != null)
{
DirectoryEntry myDE = SR.GetDirectoryEntry();
//
// Iterate through the usual properties
//
foreach(string attrName in myDE.Properties.PropertyNames)
{
temp = myDE.Properties[attrName].Value.ToString();
//
// Do useful things with each attribute
//
}
//
// Now we can get the msds-user-account-control-computed attribute
// Note: If we attempt to do this prior to iterating through the usual
// list of properties, you'll get null for each property name
//

myDE.RefreshCache(newstring[]{attrib});
int flags = (int)user.Properties[attrib].Value;
if(((flags & UF_LOCKOUT) == UF_LOCKOUT))
{
// The user's account is locked out...
}

}

Tags : c# example ldap account lockout msds-user-account-control-computed uf_lockout