Export (0) Print
Expand All
DMD
DSA
Top
Expand Minimize

User class

This class is used to store information about an employee or contractor who works for an organization. It is also possible to apply this class to long term visitors.

CNUser
Ldap-Display-Nameuser
Update PrivilegeDomain administrator or account owner.
Update FrequencyThis record will be updated each time a new person joins or leaves the company.
Schema-Id-Guidbf967aba-0de6-11d0-a285-00aa003049e2

Implementations

Windows 2000 Server

System-OnlyFalse
Object-Category1
Default-Object-Category Person
Governs-Id1.2.840.113556.1.5.9
Default-Hiding-Value0
Rdn-Att-Id Common-Name
Subclass of Organizational-Person
Possible Superiors Domain-DNSOrganizational-UnitBuiltin-Domain
Auxiliary Classes Mail-Recipient (System)Security-Principal (System)
NT-Security-DescriptorO:BAG:BAD:S:
Default Security DescriptorD:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;AO)(A;;RPLCLORC;;;PS)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;CR;ab721a54-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;CR;ab721a56-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;RPWP;77B5B886-944A-11d1-AEBD-0000F80367C1;;PS)(OA;;RPWP;E45795B2-9455-11d1-AEBD-0000F80367C1;;PS)(OA;;RPWP;E45795B3-9455-11d1-AEBD-0000F80367C1;;PS)(OA;;RP;037088f8-0ae1-11d2-b422-00a0c968f939;;RS)(OA;;RP;4c164200-20c0-11d0-a768-00aa006e0529;;RS)(OA;;RP;bc0ac240-79a9-11d0-9020-00c04fc2d4cf;;RS)(A;;RC;;;AU)(OA;;RP;59ba2f42-79a2-11d0-9020-00c04fc2d3cf;;AU)(OA;;RP;77B5B886-944A-11d1-AEBD-0000F80367C1;;AU)(OA;;RP;E45795B3-9455-11d1-AEBD-0000F80367C1;;AU)(OA;;RP;e48d0154-bcf8-11d1-8702-00c04fb96050;;AU)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;WD)(OA;;RP;5f202010-79a5-11d0-9020-00c04fc2d4cf;;RS)(OA;;RPWP;bf967a7f-0de6-11d0-a285-00aa003049e2;;CA)
System-Flags0x00000010

Windows 2000 Server Attributes

This class contains the following attributes for Windows 2000 Server:

AttributeMandatoryDerived from
Account-Expires FalseUser
Account-Name-History False Security-Principal
ACS-Policy-Name FalseUser
Address False Organizational-Person
Address-Home False Organizational-Person
Admin-Count FalseUser
Admin-Description False Top
Admin-Display-Name False Top
Allowed-Attributes False Top
Allowed-Attributes-Effective False Top
Allowed-Child-Classes False Top
Allowed-Child-Classes-Effective False Top
Alt-Security-Identities False Security-Principal
Assistant False Organizational-Person
Bad-Password-Time FalseUser
Bad-Pwd-Count FalseUser
Bridgehead-Server-List-BL False Top
Canonical-Name False Top
Code-Page FalseUser
Comment False Mail-Recipient
Common-Name True PersonMail-RecipientTop
Company False Organizational-Person
Control-Access-Rights FalseUser
Country-Code False Organizational-Person
Country-Name False Organizational-Person
Create-Time-Stamp False Top
DBCS-Pwd FalseUser
Default-Class-Store FalseUser
Department False Organizational-Person
Description False Top
Desktop-Profile FalseUser
Destination-Indicator False Organizational-Person
Display-Name False Top
Display-Name-Printable False Top
Division False Organizational-Person
DSA-Signature False Top
DS-Core-Propagation-Data False Top
Dynamic-LDAP-Server FalseUser
E-mail-Addresses False Organizational-Person
Employee-ID False Organizational-Person
Extension-Name False Top
Facsimile-Telephone-Number False Organizational-Person
Flags False Top
From-Entry False Top
Frs-Computer-Reference-BL False Top
FRS-Member-Reference-BL False Top
FSMO-Role-Owner False Top
Garbage-Coll-Period False Mail-Recipient
Generation-Qualifier False Organizational-Person
Given-Name False Organizational-Person
Group-Membership-SAM FalseUser
Group-Priority FalseUser
Groups-to-Ignore FalseUser
Home-Directory FalseUser
Home-Drive FalseUser
Initials False Organizational-Person
Instance-Type True Top
International-ISDN-Number False Organizational-Person
Is-Critical-System-Object False Top
Is-Deleted False Top
Is-Member-Of-DL False Top
Is-Privilege-Holder False Top
Last-Known-Parent False Top
Last-Logoff FalseUser
Last-Logon FalseUser
Legacy-Exchange-DN False Mail-Recipient
Lm-Pwd-History FalseUser
Locale-ID FalseUser
Locality-Name False Organizational-Person
Lockout-Time FalseUser
Logo False Organizational-Person
Logon-Count FalseUser
Logon-Hours FalseUser
Logon-Workstation FalseUser
Managed-Objects False Top
Manager False Organizational-Person
Mastered-By False Top
Max-Storage FalseUser
MHS-OR-Address False Organizational-Person
Modify-Time-Stamp False Top
MS-DS-Consistency-Child-Count False Top
MS-DS-Consistency-Guid False Top
MS-DS-Creator-SID FalseUser
MSMQ-Digests FalseUser
MSMQ-Digests-Mig FalseUser
MSMQ-Sign-Certificates FalseUser
MSMQ-Sign-Certificates-Mig FalseUser
msNPAllowDialin FalseUser
msNPCallingStationID FalseUser
msNPSavedCallingStationID FalseUser
msRADIUSCallbackNumber FalseUser
msRADIUSFramedIPAddress FalseUser
msRADIUSFramedRoute FalseUser
msRADIUSServiceType FalseUser
msRASSavedCallbackNumber FalseUser
msRASSavedFramedIPAddress FalseUser
msRASSavedFramedRoute FalseUser
netboot-SCP-BL False Top
Network-Address FalseUser
Non-Security-Member-BL False Top
Nt-Pwd-History FalseUser
NT-Security-Descriptor True TopSecurity-Principal
Obj-Dist-Name False Top
Object-Category True Top
Object-Class True Top
Object-Guid False Top
Object-Sid True Security-Principal
Object-Version False Top
Operator-Count FalseUser
Organizational-Unit-Name False Organizational-Person
Organization-Name False Organizational-Person
Other-Login-Workstations FalseUser
Other-Mailbox False Organizational-Person
Other-Name False Organizational-Person
Other-Well-Known-Objects False Top
Partial-Attribute-Deletion-List False Top
Partial-Attribute-Set False Top
Personal-Title False Organizational-Person
Phone-Fax-Other False Organizational-Person
Phone-Home-Other False Organizational-Person
Phone-Home-Primary False Organizational-Person
Phone-Ip-Other False Organizational-Person
Phone-Ip-Primary False Organizational-Person
Phone-ISDN-Primary False Organizational-Person
Phone-Mobile-Other False Organizational-Person
Phone-Mobile-Primary False Organizational-Person
Phone-Office-Other False Organizational-Person
Phone-Pager-Other False Organizational-Person
Phone-Pager-Primary False Organizational-Person
Physical-Delivery-Office-Name False Organizational-Person
Picture False Organizational-Person
Possible-Inferiors False Top
Postal-Address False Organizational-Person
Postal-Code False Organizational-Person
Post-Office-Box False Organizational-Person
Preferred-Delivery-Method False Organizational-Person
Preferred-OU FalseUser
Primary-Group-ID FalseUser
Profile-Path FalseUser
Proxied-Object-Name False Top
Proxy-Addresses False Top
Pwd-Last-Set FalseUser
Query-Policy-BL False Top
RDN False Top
Registered-Address False Organizational-Person
Repl-Property-Meta-Data False Top
Repl-UpToDate-Vector False Top
Reports False Top
Reps-From False Top
Reps-To False Top
Revision False Top
Rid False Security-Principal
SAM-Account-Name True Security-Principal
SAM-Account-Type False Security-Principal
Script-Path FalseUser
SD-Rights-Effective False Top
Security-Identifier False Security-Principal
See-Also False Person
Server-Reference-BL False Top
Service-Principal-Name FalseUser
Show-In-Address-Book False Mail-Recipient
Show-In-Advanced-View-Only False Top
SID-History False Security-Principal
Site-Object-BL False Top
State-Or-Province-Name False Organizational-Person
Street-Address False Organizational-Person
Sub-Refs False Top
SubSchemaSubEntry False Top
Supplemental-Credentials False Security-Principal
Surname False Person
System-Flags False Top
Telephone-Number False PersonMail-Recipient
Teletex-Terminal-Identifier False Organizational-Person
Telex-Number False Organizational-Person
Telex-Primary False Organizational-Person
Terminal-Server FalseUser
Text-Country False Organizational-Person
Text-Encoded-OR-Address False Mail-Recipient
Title False Organizational-Person
Token-Groups False Security-Principal
Token-Groups-Global-And-Universal False Security-Principal
Token-Groups-No-GC-Acceptable False Security-Principal
Unicode-Pwd FalseUser
User-Account-Control FalseUser
User-Cert False Mail-Recipient
User-Comment False Organizational-Person
User-Parameters FalseUser
User-Password False Person
User-Principal-Name FalseUser
User-Shared-Folder FalseUser
User-Shared-Folder-Other FalseUser
User-SMIME-Certificate False Mail-Recipient
User-Workstations FalseUser
USN-Changed False Top
USN-Created False Top
USN-DSA-Last-Obj-Removed False Top
USN-Intersite False Top
USN-Last-Obj-Rem False Top
USN-Source False Top
Wbem-Path False Top
Well-Known-Objects False Top
When-Changed False Top
When-Created False Top
WWW-Home-Page False Top
WWW-Page-Other False Top
X121-Address False Organizational-Person
X509-Cert FalseUserMail-Recipient

Windows 2000 Server Extended Rights

This class contains the following extended rights for Windows 2000 Server:

Common Name
User-Change-Password
User-Force-Change-Password
Send-As
Receive-As

Windows 2000 Server Property Sets

This class contains the following property sets for Windows 2000 Server:

Common Name
General-Information
User-Account-Restrictions
User-Logon
Membership
Personal-Information
Email-Information
Web-Information
Public-Information
RAS-Information

Windows Server 2003

System-OnlyFalse
Object-Category1
Default-Object-Category Person
Governs-Id1.2.840.113556.1.5.9
Default-Hiding-Value0
Rdn-Att-Id Common-Name
Subclass of Organizational-Person
Possible Superiors Domain-DNSOrganizational-UnitBuiltin-Domain
Auxiliary Classes Mail-Recipient (System)Security-Principal (System)
NT-Security-DescriptorO:BAG:BAD:S:
Default Security DescriptorD:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;AO)(A;;RPLCLORC;;;PS)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;CR;ab721a54-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;CR;ab721a56-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;RPWP;77B5B886-944A-11d1-AEBD-0000F80367C1;;PS)(OA;;RPWP;E45795B2-9455-11d1-AEBD-0000F80367C1;;PS)(OA;;RPWP;E45795B3-9455-11d1-AEBD-0000F80367C1;;PS)(OA;;RP;037088f8-0ae1-11d2-b422-00a0c968f939;;RS)(OA;;RP;4c164200-20c0-11d0-a768-00aa006e0529;;RS)(OA;;RP;bc0ac240-79a9-11d0-9020-00c04fc2d4cf;;RS)(A;;RC;;;AU)(OA;;RP;59ba2f42-79a2-11d0-9020-00c04fc2d3cf;;AU)(OA;;RP;77B5B886-944A-11d1-AEBD-0000F80367C1;;AU)(OA;;RP;E45795B3-9455-11d1-AEBD-0000F80367C1;;AU)(OA;;RP;e48d0154-bcf8-11d1-8702-00c04fb96050;;AU)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;WD)(OA;;RP;5f202010-79a5-11d0-9020-00c04fc2d4cf;;RS)(OA;;RPWP;bf967a7f-0de6-11d0-a285-00aa003049e2;;CA)(OA;;RP;46a9b11d-60ae-405a-b7e8-ff8a58d456d2;;S-1-5-32-560)(OA;;WPRP;6db69a1c-9422-11d1-aebd-0000f80367c1;;S-1-5-32-561)
System-Flags0x00000010

Windows Server 2003 Attributes

This class contains the following attributes for Windows Server 2003:

AttributeMandatoryDerived from
Account-Expires FalseUser
Account-Name-History False Security-Principal
ACS-Policy-Name FalseUser
Address False Organizational-Person
Address-Home FalseUserOrganizational-Person
Admin-Count FalseUser
Admin-Description False Top
Admin-Display-Name False Top
Allowed-Attributes False Top
Allowed-Attributes-Effective False Top
Allowed-Child-Classes False Top
Allowed-Child-Classes-Effective False Top
Alt-Security-Identities False Security-Principal
Assistant False Organizational-Person
attributeCertificateAttribute False Person
audio FalseUser
Bad-Password-Time FalseUser
Bad-Pwd-Count FalseUser
Bridgehead-Server-List-BL False Top
Business-Category FalseUser
Canonical-Name False Top
carLicense FalseUser
Code-Page FalseUser
Comment False Mail-Recipient
Common-Name True PersonMail-RecipientTop
Company False Organizational-Person
Control-Access-Rights FalseUser
Country-Code False Organizational-Person
Country-Name False Organizational-Person
Create-Time-Stamp False Top
DBCS-Pwd FalseUser
Default-Class-Store FalseUser
Department False Organizational-Person
departmentNumber FalseUser
Description False Top
Desktop-Profile FalseUser
Destination-Indicator False Organizational-Person
Display-Name FalseUserTop
Display-Name-Printable False Top
Division False Organizational-Person
DSA-Signature False Top
DS-Core-Propagation-Data False Top
Dynamic-LDAP-Server FalseUser
E-mail-Addresses FalseUserOrganizational-Person
Employee-ID False Organizational-Person
Employee-Number FalseUser
Employee-Type FalseUser
Extension-Name False Top
Facsimile-Telephone-Number False Organizational-Person
Flags False Top
From-Entry False Top
Frs-Computer-Reference-BL False Top
FRS-Member-Reference-BL False Top
FSMO-Role-Owner False Top
Garbage-Coll-Period False Mail-Recipient
Generation-Qualifier False Organizational-Person
Given-Name FalseUserOrganizational-Person
Group-Membership-SAM FalseUser
Group-Priority FalseUser
Groups-to-Ignore FalseUser
Home-Directory FalseUser
Home-Drive FalseUser
houseIdentifier False Organizational-Person
Initials FalseUserOrganizational-Person
Instance-Type True Top
International-ISDN-Number False Organizational-Person
Is-Critical-System-Object False Top
Is-Deleted False Top
Is-Member-Of-DL False Top
Is-Privilege-Holder False Top
jpegPhoto FalseUser
labeledURI FalseUserMail-Recipient
Last-Known-Parent False Top
Last-Logoff FalseUser
Last-Logon FalseUser
Last-Logon-Timestamp FalseUser
Legacy-Exchange-DN False Mail-Recipient
Lm-Pwd-History FalseUser
Locale-ID FalseUser
Locality-Name False Organizational-Person
Lockout-Time FalseUser
Logo False Organizational-Person
Logon-Count FalseUser
Logon-Hours FalseUser
Logon-Workstation FalseUser
Managed-Objects False Top
Manager FalseUserOrganizational-Person
Mastered-By False Top
Max-Storage FalseUser
MHS-OR-Address False Organizational-Person
Modify-Time-Stamp False Top
ms-COM-PartitionSetLink False Top
ms-COM-UserLink False Top
ms-COM-UserPartitionSetLink FalseUser
MS-DRM-Identity-Certificate FalseUser
ms-DS-Allowed-To-Delegate-To False Organizational-Person
ms-DS-Approx-Immed-Subordinates False Top
ms-DS-Cached-Membership FalseUser
ms-DS-Cached-Membership-Time-Stamp FalseUser
MS-DS-Consistency-Child-Count False Top
MS-DS-Consistency-Guid False Top
MS-DS-Creator-SID FalseUser
ms-DS-KeyVersionNumber False Security-Principal
ms-DS-Mastered-By False Top
ms-DS-Members-For-Az-Role-BL False Top
ms-DS-NC-Repl-Cursors False Top
ms-DS-NC-Repl-Inbound-Neighbors False Top
ms-DS-NC-Repl-Outbound-Neighbors False Top
ms-DS-Non-Members-BL False Top
ms-DS-Object-Reference-BL False Top
ms-DS-Operations-For-Az-Role-BL False Top
ms-DS-Operations-For-Az-Task-BL False Top
ms-DS-Repl-Attribute-Meta-Data False Top
ms-DS-Repl-Value-Meta-Data False Top
ms-DS-Site-Affinity FalseUser
ms-DS-Tasks-For-Az-Role-BL False Top
ms-DS-Tasks-For-Az-Task-BL False Top
ms-DS-User-Account-Control-Computed FalseUser
ms-Exch-Assistant-Name False Mail-Recipient
ms-Exch-House-Identifier False Organizational-Person
ms-Exch-LabeledURI False Mail-Recipient
ms-Exch-Owner-BL False Top
ms-IIS-FTP-Dir FalseUser
ms-IIS-FTP-Root FalseUser
MSMQ-Digests FalseUser
MSMQ-Digests-Mig FalseUser
MSMQ-Sign-Certificates FalseUser
MSMQ-Sign-Certificates-Mig FalseUser
msNPAllowDialin FalseUser
msNPCallingStationID FalseUser
msNPSavedCallingStationID FalseUser
msRADIUSCallbackNumber FalseUser
msRADIUSFramedIPAddress FalseUser
msRADIUSFramedRoute FalseUser
msRADIUSServiceType FalseUser
msRASSavedCallbackNumber FalseUser
msRASSavedFramedIPAddress FalseUser
msRASSavedFramedRoute FalseUser
netboot-SCP-BL False Top
Network-Address FalseUser
Non-Security-Member-BL False Top
Nt-Pwd-History FalseUser
NT-Security-Descriptor True TopSecurity-Principal
Obj-Dist-Name False Top
Object-Category True Top
Object-Class True Top
Object-Guid False Top
Object-Sid True Security-Principal
Object-Version False Top
Operator-Count FalseUser
Organizational-Unit-Name False Organizational-Person
Organization-Name FalseUserOrganizational-Person
Other-Login-Workstations FalseUser
Other-Mailbox False Organizational-Person
Other-Name False Organizational-Person
Other-Well-Known-Objects False Top
Partial-Attribute-Deletion-List False Top
Partial-Attribute-Set False Top
Personal-Title False Organizational-Person
Phone-Fax-Other False Organizational-Person
Phone-Home-Other False Organizational-Person
Phone-Home-Primary FalseUserOrganizational-Person
Phone-Ip-Other False Organizational-Person
Phone-Ip-Primary False Organizational-Person
Phone-ISDN-Primary False Organizational-Person
Phone-Mobile-Other False Organizational-Person
Phone-Mobile-Primary FalseUserOrganizational-Person
Phone-Office-Other False Organizational-Person
Phone-Pager-Other False Organizational-Person
Phone-Pager-Primary FalseUserOrganizational-Person
photo FalseUser
Physical-Delivery-Office-Name False Organizational-Person
Picture False Organizational-Person
Possible-Inferiors False Top
Postal-Address False Organizational-Person
Postal-Code False Organizational-Person
Post-Office-Box False Organizational-Person
Preferred-Delivery-Method False Organizational-Person
preferredLanguage FalseUser
Preferred-OU FalseUser
Primary-Group-ID FalseUser
Profile-Path FalseUser
Proxied-Object-Name False Top
Proxy-Addresses False Top
Pwd-Last-Set FalseUser
Query-Policy-BL False Top
RDN False Top
Registered-Address False Organizational-Person
Repl-Property-Meta-Data False Top
Repl-UpToDate-Vector False Top
Reports False Top
Reps-From False Top
Reps-To False Top
Revision False Top
Rid False Security-Principal
roomNumber FalseUser
SAM-Account-Name True Security-Principal
SAM-Account-Type False Security-Principal
Script-Path FalseUser
SD-Rights-Effective False Top
secretary FalseUserMail-Recipient
Security-Identifier False Security-Principal
See-Also False Person
Serial-Number False Person
Server-Reference-BL False Top
Service-Principal-Name FalseUser
Show-In-Address-Book False Mail-Recipient
Show-In-Advanced-View-Only False Top
SID-History False Security-Principal
Site-Object-BL False Top
State-Or-Province-Name False Organizational-Person
Street-Address False Organizational-Person
Structural-Object-Class False Top
Sub-Refs False Top
SubSchemaSubEntry False Top
Supplemental-Credentials False Security-Principal
Surname False Person
System-Flags False Top
Telephone-Number False PersonMail-Recipient
Teletex-Terminal-Identifier False Organizational-Person
Telex-Number False Organizational-Person
Telex-Primary False Organizational-Person
Terminal-Server FalseUser
Text-Country False Organizational-Person
Text-Encoded-OR-Address False Mail-Recipient
Title False Organizational-Person
Token-Groups False Security-Principal
Token-Groups-Global-And-Universal False Security-Principal
Token-Groups-No-GC-Acceptable False Security-Principal
uid FalseUser
Unicode-Pwd FalseUser
User-Account-Control FalseUser
User-Cert False Mail-Recipient
User-Comment False Organizational-Person
User-Parameters FalseUser
User-Password False Person
userPKCS12 FalseUser
User-Principal-Name FalseUser
User-Shared-Folder FalseUser
User-Shared-Folder-Other FalseUser
User-SMIME-Certificate FalseUserMail-Recipient
User-Workstations FalseUser
USN-Changed False Top
USN-Created False Top
USN-DSA-Last-Obj-Removed False Top
USN-Intersite False Top
USN-Last-Obj-Rem False Top
USN-Source False Top
Wbem-Path False Top
Well-Known-Objects False Top
When-Changed False Top
When-Created False Top
WWW-Home-Page False Top
WWW-Page-Other False Top
X121-Address False Organizational-Person
x500uniqueIdentifier FalseUser
X509-Cert FalseUserMail-Recipient

Windows Server 2003 Extended Rights

This class contains the following extended rights for Windows Server 2003:

Common Name
User-Change-Password
User-Force-Change-Password
Send-As
Receive-As
Allowed-To-Authenticate

Windows Server 2003 Property Sets

This class contains the following property sets for Windows Server 2003:

Common Name
General-Information
User-Account-Restrictions
User-Logon
Membership
Personal-Information
Email-Information
Web-Information
Public-Information
RAS-Information

Windows Server 2003 R2

System-OnlyFalse
Object-Category1
Default-Object-Category Person
Governs-Id1.2.840.113556.1.5.9
Default-Hiding-Value0
Rdn-Att-Id Common-Name
Subclass of Organizational-Person
Possible Superiors Domain-DNSOrganizational-UnitBuiltin-Domain
Auxiliary Classes posixAccountshadowAccountMail-Recipient (System)Security-Principal (System)
NT-Security-DescriptorO:BAG:BAD:S:
Default Security DescriptorD:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;AO)(A;;RPLCLORC;;;PS)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;CR;ab721a54-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;CR;ab721a56-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;RPWP;77B5B886-944A-11d1-AEBD-0000F80367C1;;PS)(OA;;RPWP;E45795B2-9455-11d1-AEBD-0000F80367C1;;PS)(OA;;RPWP;E45795B3-9455-11d1-AEBD-0000F80367C1;;PS)(OA;;RP;037088f8-0ae1-11d2-b422-00a0c968f939;;RS)(OA;;RP;4c164200-20c0-11d0-a768-00aa006e0529;;RS)(OA;;RP;bc0ac240-79a9-11d0-9020-00c04fc2d4cf;;RS)(A;;RC;;;AU)(OA;;RP;59ba2f42-79a2-11d0-9020-00c04fc2d3cf;;AU)(OA;;RP;77B5B886-944A-11d1-AEBD-0000F80367C1;;AU)(OA;;RP;E45795B3-9455-11d1-AEBD-0000F80367C1;;AU)(OA;;RP;e48d0154-bcf8-11d1-8702-00c04fb96050;;AU)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;WD)(OA;;RP;5f202010-79a5-11d0-9020-00c04fc2d4cf;;RS)(OA;;RPWP;bf967a7f-0de6-11d0-a285-00aa003049e2;;CA)(OA;;RP;46a9b11d-60ae-405a-b7e8-ff8a58d456d2;;S-1-5-32-560)(OA;;WPRP;6db69a1c-9422-11d1-aebd-0000f80367c1;;S-1-5-32-561)
System-Flags0x00000010

Windows Server 2003 R2 Attributes

This class contains the following attributes for Windows Server 2003 R2:

AttributeMandatoryDerived from
Account-Expires FalseUser
Account-Name-History False Security-Principal
ACS-Policy-Name FalseUser
Address False Organizational-Person
Address-Home FalseUserOrganizational-Person
Admin-Count FalseUser
Admin-Description False Top
Admin-Display-Name False Top
Allowed-Attributes False Top
Allowed-Attributes-Effective False Top
Allowed-Child-Classes False Top
Allowed-Child-Classes-Effective False Top
Alt-Security-Identities False Security-Principal
Assistant False Organizational-Person
attributeCertificateAttribute False Person
audio FalseUser
Bad-Password-Time FalseUser
Bad-Pwd-Count FalseUser
Bridgehead-Server-List-BL False Top
Business-Category FalseUser
Canonical-Name False Top
carLicense FalseUser
Code-Page FalseUser
Comment False Mail-Recipient
Common-Name True PersonMail-RecipientTopposixAccount
Company False Organizational-Person
Control-Access-Rights FalseUser
Country-Code False Organizational-Person
Country-Name False Organizational-Person
Create-Time-Stamp False Top
DBCS-Pwd FalseUser
Default-Class-Store FalseUser
Department False Organizational-Person
departmentNumber FalseUser
Description False TopposixAccountshadowAccount
Desktop-Profile FalseUser
Destination-Indicator False Organizational-Person
Display-Name FalseUserTop
Display-Name-Printable False Top
Division False Organizational-Person
DSA-Signature False Top
DS-Core-Propagation-Data False Top
Dynamic-LDAP-Server FalseUser
E-mail-Addresses FalseUserOrganizational-Person
Employee-ID False Organizational-Person
Employee-Number FalseUser
Employee-Type FalseUser
Extension-Name False Top
Facsimile-Telephone-Number False Organizational-Person
Flags False Top
From-Entry False Top
Frs-Computer-Reference-BL False Top
FRS-Member-Reference-BL False Top
FSMO-Role-Owner False Top
Garbage-Coll-Period False Mail-Recipient
gecos False posixAccount
Generation-Qualifier False Organizational-Person
gidNumber False posixAccount
Given-Name FalseUserOrganizational-Person
Group-Membership-SAM FalseUser
Group-Priority FalseUser
Groups-to-Ignore FalseUser
Home-Directory FalseUserposixAccount
Home-Drive FalseUser
houseIdentifier False Organizational-Person
Initials FalseUserOrganizational-Person
Instance-Type True Top
International-ISDN-Number False Organizational-Person
Is-Critical-System-Object False Top
Is-Deleted False Top
Is-Member-Of-DL False Top
Is-Privilege-Holder False Top
jpegPhoto FalseUser
labeledURI FalseUserMail-Recipient
Last-Known-Parent False Top
Last-Logoff FalseUser
Last-Logon FalseUser
Last-Logon-Timestamp FalseUser
Legacy-Exchange-DN False Mail-Recipient
Lm-Pwd-History FalseUser
Locale-ID FalseUser
Locality-Name False Organizational-Person
Lockout-Time FalseUser
loginShell False posixAccount
Logo False Organizational-Person
Logon-Count FalseUser
Logon-Hours FalseUser
Logon-Workstation FalseUser
Managed-Objects False Top
Manager FalseUserOrganizational-Person
Mastered-By False Top
Max-Storage FalseUser
MHS-OR-Address False Organizational-Person
Modify-Time-Stamp False Top
ms-COM-PartitionSetLink False Top
ms-COM-UserLink False Top
ms-COM-UserPartitionSetLink FalseUser
ms-DFSR-ComputerReferenceBL False Top
ms-DFSR-MemberReferenceBL False Top
MS-DRM-Identity-Certificate FalseUser
ms-DS-Allowed-To-Delegate-To False Organizational-Person
ms-DS-Approx-Immed-Subordinates False Top
ms-DS-Cached-Membership FalseUser
ms-DS-Cached-Membership-Time-Stamp FalseUser
MS-DS-Consistency-Child-Count False Top
MS-DS-Consistency-Guid False Top
MS-DS-Creator-SID FalseUser
ms-DS-KeyVersionNumber False Security-Principal
ms-DS-Mastered-By False Top
ms-DS-Members-For-Az-Role-BL False Top
ms-DS-NC-Repl-Cursors False Top
ms-DS-NC-Repl-Inbound-Neighbors False Top
ms-DS-NC-Repl-Outbound-Neighbors False Top
ms-DS-Non-Members-BL False Top
ms-DS-Object-Reference-BL False Top
ms-DS-Operations-For-Az-Role-BL False Top
ms-DS-Operations-For-Az-Task-BL False Top
ms-DS-Repl-Attribute-Meta-Data False Top
ms-DS-Repl-Value-Meta-Data False Top
ms-DS-Site-Affinity FalseUser
ms-DS-Source-Object-DN FalseUser
ms-DS-Tasks-For-Az-Role-BL False Top
ms-DS-Tasks-For-Az-Task-BL False Top
ms-DS-User-Account-Control-Computed FalseUser
ms-Exch-Assistant-Name False Mail-Recipient
ms-Exch-House-Identifier False Organizational-Person
ms-Exch-LabeledURI False Mail-Recipient
ms-Exch-Owner-BL False Top
ms-IIS-FTP-Dir FalseUser
ms-IIS-FTP-Root FalseUser
MSMQ-Digests FalseUser
MSMQ-Digests-Mig FalseUser
MSMQ-Sign-Certificates FalseUser
MSMQ-Sign-Certificates-Mig FalseUser
msNPAllowDialin FalseUser
msNPCallingStationID FalseUser
msNPSavedCallingStationID FalseUser
msRADIUSCallbackNumber FalseUser
msRADIUSFramedIPAddress FalseUser
msRADIUSFramedRoute FalseUser
msRADIUSServiceType FalseUser
msRASSavedCallbackNumber FalseUser
msRASSavedFramedIPAddress FalseUser
msRASSavedFramedRoute FalseUser
msSFU-30-Name FalseUser
msSFU-30-Nis-Domain FalseUser
msSFU-30-Posix-Member-Of False Top
netboot-SCP-BL False Top
Network-Address FalseUser
Non-Security-Member-BL False Top
Nt-Pwd-History FalseUser
NT-Security-Descriptor True TopSecurity-Principal
Obj-Dist-Name False Top
Object-Category True Top
Object-Class True Top
Object-Guid False Top
Object-Sid True Security-Principal
Object-Version False Top
Operator-Count FalseUser
Organizational-Unit-Name False Organizational-Person
Organization-Name FalseUserOrganizational-Person
Other-Login-Workstations FalseUser
Other-Mailbox False Organizational-Person
Other-Name False Organizational-Person
Other-Well-Known-Objects False Top
Partial-Attribute-Deletion-List False Top
Partial-Attribute-Set False Top
Personal-Title False Organizational-Person
Phone-Fax-Other False Organizational-Person
Phone-Home-Other False Organizational-Person
Phone-Home-Primary FalseUserOrganizational-Person
Phone-Ip-Other False Organizational-Person
Phone-Ip-Primary False Organizational-Person
Phone-ISDN-Primary False Organizational-Person
Phone-Mobile-Other False Organizational-Person
Phone-Mobile-Primary FalseUserOrganizational-Person
Phone-Office-Other False Organizational-Person
Phone-Pager-Other False Organizational-Person
Phone-Pager-Primary FalseUserOrganizational-Person
photo FalseUser
Physical-Delivery-Office-Name False Organizational-Person
Picture False Organizational-Person
Possible-Inferiors False Top
Postal-Address False Organizational-Person
Postal-Code False Organizational-Person
Post-Office-Box False Organizational-Person
Preferred-Delivery-Method False Organizational-Person
preferredLanguage FalseUser
Preferred-OU FalseUser
Primary-Group-ID FalseUser
Profile-Path FalseUser
Proxied-Object-Name False Top
Proxy-Addresses False Top
Pwd-Last-Set FalseUser
Query-Policy-BL False Top
RDN False Top
Registered-Address False Organizational-Person
Repl-Property-Meta-Data False Top
Repl-UpToDate-Vector False Top
Reports False Top
Reps-From False Top
Reps-To False Top
Revision False Top
Rid False Security-Principal
roomNumber FalseUser
SAM-Account-Name True Security-Principal
SAM-Account-Type False Security-Principal
Script-Path FalseUser
SD-Rights-Effective False Top
secretary FalseUserMail-Recipient
Security-Identifier False Security-Principal
See-Also False Person
Serial-Number False Person
Server-Reference-BL False Top
Service-Principal-Name FalseUser
shadowExpire False shadowAccount
shadowFlag False shadowAccount
shadowInactive False shadowAccount
shadowLastChange False shadowAccount
shadowMax False shadowAccount
shadowMin False shadowAccount
shadowWarning False shadowAccount
Show-In-Address-Book False Mail-Recipient
Show-In-Advanced-View-Only False Top
SID-History False Security-Principal
Site-Object-BL False Top
State-Or-Province-Name False Organizational-Person
Street-Address False Organizational-Person
Structural-Object-Class False Top
Sub-Refs False Top
SubSchemaSubEntry False Top
Supplemental-Credentials False Security-Principal
Surname False Person
System-Flags False Top
Telephone-Number False PersonMail-Recipient
Teletex-Terminal-Identifier False Organizational-Person
Telex-Number False Organizational-Person
Telex-Primary False Organizational-Person
Terminal-Server FalseUser
Text-Country False Organizational-Person
Text-Encoded-OR-Address False Mail-Recipient
Title False Organizational-Person
Token-Groups False Security-Principal
Token-Groups-Global-And-Universal False Security-Principal
Token-Groups-No-GC-Acceptable False Security-Principal
uid FalseUserposixAccountshadowAccount
uidNumber False posixAccount
Unicode-Pwd FalseUser
unixHomeDirectory False posixAccount
unixUserPassword False posixAccount
User-Account-Control FalseUser
User-Cert False Mail-Recipient
User-Comment False Organizational-Person
User-Parameters FalseUser
User-Password False PersonposixAccountshadowAccount
userPKCS12 FalseUser
User-Principal-Name FalseUser
User-Shared-Folder FalseUser
User-Shared-Folder-Other FalseUser
User-SMIME-Certificate FalseUserMail-Recipient
User-Workstations FalseUser
USN-Changed False Top
USN-Created False Top
USN-DSA-Last-Obj-Removed False Top
USN-Intersite False Top
USN-Last-Obj-Rem False Top
USN-Source False Top
Wbem-Path False Top
Well-Known-Objects False Top
When-Changed False Top
When-Created False Top
WWW-Home-Page False Top
WWW-Page-Other False Top
X121-Address False Organizational-Person
x500uniqueIdentifier FalseUser
X509-Cert FalseUserMail-Recipient

Windows Server 2003 R2 Extended Rights

This class contains the following extended rights for Windows Server 2003 R2:

Common Name
User-Change-Password
User-Force-Change-Password
Send-As
Receive-As
Allowed-To-Authenticate

Windows Server 2003 R2 Property Sets

This class contains the following property sets for Windows Server 2003 R2:

Common Name
General-Information
User-Account-Restrictions
User-Logon
Membership
Personal-Information
Email-Information
Web-Information
Public-Information
RAS-Information

Windows Server 2008

System-OnlyFalse
Object-Category1
Default-Object-Category Person
Governs-Id1.2.840.113556.1.5.9
Default-Hiding-Value0
Rdn-Att-Id Common-Name
Subclass of Organizational-Person
Possible Superiors Domain-DNSOrganizational-UnitBuiltin-Domain
Auxiliary Classes posixAccountshadowAccountMail-Recipient (System)Security-Principal (System)
NT-Security-DescriptorO:BAG:BAD:S:
Default Security DescriptorD:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;AO)(A;;RPLCLORC;;;PS)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;CR;ab721a54-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;CR;ab721a56-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;RPWP;77B5B886-944A-11d1-AEBD-0000F80367C1;;PS)(OA;;RPWP;E45795B2-9455-11d1-AEBD-0000F80367C1;;PS)(OA;;RPWP;E45795B3-9455-11d1-AEBD-0000F80367C1;;PS)(OA;;RP;037088f8-0ae1-11d2-b422-00a0c968f939;;RS)(OA;;RP;4c164200-20c0-11d0-a768-00aa006e0529;;RS)(OA;;RP;bc0ac240-79a9-11d0-9020-00c04fc2d4cf;;RS)(A;;RC;;;AU)(OA;;RP;59ba2f42-79a2-11d0-9020-00c04fc2d3cf;;AU)(OA;;RP;77B5B886-944A-11d1-AEBD-0000F80367C1;;AU)(OA;;RP;E45795B3-9455-11d1-AEBD-0000F80367C1;;AU)(OA;;RP;e48d0154-bcf8-11d1-8702-00c04fb96050;;AU)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;WD)(OA;;RP;5f202010-79a5-11d0-9020-00c04fc2d4cf;;RS)(OA;;RPWP;bf967a7f-0de6-11d0-a285-00aa003049e2;;CA)(OA;;RP;46a9b11d-60ae-405a-b7e8-ff8a58d456d2;;S-1-5-32-560)(OA;;WPRP;6db69a1c-9422-11d1-aebd-0000f80367c1;;S-1-5-32-561)(OA;;WPRP;5805bc62-bdc9-4428-a5e2-856a0f4c185e;;S-1-5-32-561)
System-Flags0x00000010

Windows Server 2008 Attributes

This class contains the following attributes for Windows Server 2008:

AttributeMandatoryDerived from
Account-Expires FalseUser
Account-Name-History False Security-Principal
ACS-Policy-Name FalseUser
Address False Organizational-Person
Address-Home FalseUserOrganizational-Person
Admin-Count FalseUser
Admin-Description False Top
Admin-Display-Name False Top
Allowed-Attributes False Top
Allowed-Attributes-Effective False Top
Allowed-Child-Classes False Top
Allowed-Child-Classes-Effective False Top
Alt-Security-Identities False Security-Principal
Assistant False Organizational-Person
attributeCertificateAttribute False Person
audio FalseUser
Bad-Password-Time FalseUser
Bad-Pwd-Count FalseUser
Bridgehead-Server-List-BL False Top
Business-Category FalseUser
Canonical-Name False Top
carLicense FalseUser
Code-Page FalseUser
Comment False Mail-Recipient
Common-Name True PersonMail-RecipientTopposixAccount
Company False Organizational-Person
Control-Access-Rights FalseUser
Country-Code False Organizational-Person
Country-Name False Organizational-Person
Create-Time-Stamp False Top
DBCS-Pwd FalseUser
Default-Class-Store FalseUser
Department False Organizational-Person
departmentNumber FalseUser
Description False TopposixAccountshadowAccount
Desktop-Profile FalseUser
Destination-Indicator False Organizational-Person
Display-Name FalseUserTop
Display-Name-Printable False Top
Division False Organizational-Person
DSA-Signature False Top
DS-Core-Propagation-Data False Top
Dynamic-LDAP-Server FalseUser
E-mail-Addresses FalseUserOrganizational-Person
Employee-ID False Organizational-Person
Employee-Number FalseUser
Employee-Type FalseUser
Extension-Name False Top
Facsimile-Telephone-Number False Organizational-Person
Flags False Top
From-Entry False Top
Frs-Computer-Reference-BL False Top
FRS-Member-Reference-BL False Top
FSMO-Role-Owner False Top
Garbage-Coll-Period False Mail-Recipient
gecos False posixAccount
Generation-Qualifier False Organizational-Person
gidNumber False posixAccount
Given-Name FalseUserOrganizational-Person
Group-Membership-SAM FalseUser
Group-Priority FalseUser
Groups-to-Ignore FalseUser
Home-Directory FalseUserposixAccount
Home-Drive FalseUser
houseIdentifier False Organizational-Person
Initials FalseUserOrganizational-Person
Instance-Type True Top
International-ISDN-Number False Organizational-Person
Is-Critical-System-Object False Top
Is-Deleted False Top
Is-Member-Of-DL False Top
Is-Privilege-Holder False Top
jpegPhoto FalseUser
labeledURI FalseUserMail-Recipient
Last-Known-Parent False Top
Last-Logoff FalseUser
Last-Logon FalseUser
Last-Logon-Timestamp FalseUser
Legacy-Exchange-DN False Mail-Recipient
Lm-Pwd-History FalseUser
Locale-ID FalseUser
Locality-Name False Organizational-Person
Lockout-Time FalseUser
loginShell False posixAccount
Logo False Organizational-Person
Logon-Count FalseUser
Logon-Hours FalseUser
Logon-Workstation FalseUser
Managed-Objects False Top
Manager FalseUserOrganizational-Person
Mastered-By False Top
Max-Storage FalseUser
MHS-OR-Address False Organizational-Person
Modify-Time-Stamp False Top
ms-COM-PartitionSetLink False Top
ms-COM-UserLink False Top
ms-COM-UserPartitionSetLink FalseUser
ms-DFSR-ComputerReferenceBL False Top
ms-DFSR-MemberReferenceBL False Top
MS-DRM-Identity-Certificate FalseUser
ms-DS-Allowed-To-Delegate-To False Organizational-Person
ms-DS-Approx-Immed-Subordinates False Top
ms-DS-AuthenticatedAt-DC FalseUser
ms-DS-AuthenticatedTo-Accountlist False Top
ms-DS-Cached-Membership FalseUser
ms-DS-Cached-Membership-Time-Stamp FalseUser
MS-DS-Consistency-Child-Count False Top
MS-DS-Consistency-Guid False Top
MS-DS-Creator-SID FalseUser
ms-DS-Failed-Interactive-Logon-Count FalseUser
ms-DS-Failed-Interactive-Logon-Count-At-Last-Successful-Logon FalseUser
ms-DS-HAB-Seniority-Index False Organizational-Person
ms-DS-Is-Domain-For False Top
ms-DS-Is-Full-Replica-For False Top
ms-DS-Is-Partial-Replica-For False Top
ms-DS-KeyVersionNumber False Security-Principal
ms-DS-KrbTgt-Link-BL False Top
ms-DS-Last-Failed-Interactive-Logon-Time FalseUser
ms-DS-Last-Successful-Interactive-Logon-Time FalseUser
ms-DS-Mastered-By False Top
ms-DS-Members-For-Az-Role-BL False Top
ms-DS-NC-Repl-Cursors False Top
ms-DS-NC-Repl-Inbound-Neighbors False Top
ms-DS-NC-Repl-Outbound-Neighbors False Top
ms-DS-NC-RO-Replica-Locations-BL False Top
ms-DS-NC-Type False Top
ms-DS-Non-Members-BL False Top
ms-DS-Object-Reference-BL False Top
ms-DS-Operations-For-Az-Role-BL False Top
ms-DS-Operations-For-Az-Task-BL False Top
ms-DS-Phonetic-Company-Name False Organizational-Person
ms-DS-Phonetic-Department False Organizational-Person
ms-DS-Phonetic-Display-Name False Organizational-PersonMail-Recipient
ms-DS-Phonetic-First-Name False Organizational-Person
ms-DS-Phonetic-Last-Name False Organizational-Person
ms-DS-Principal-Name False Top
ms-DS-PSO-Applied False Top
ms-DS-Repl-Attribute-Meta-Data False Top
ms-DS-Repl-Value-Meta-Data False Top
ms-DS-Resultant-PSO FalseUser
ms-DS-Revealed-DSAs False Top
ms-DS-Revealed-List-BL False Top
ms-DS-Secondary-KrbTgt-Number FalseUser
ms-DS-Site-Affinity FalseUser
ms-DS-Source-Object-DN FalseUser
ms-DS-Supported-Encryption-Types FalseUser
ms-DS-Tasks-For-Az-Role-BL False Top
ms-DS-Tasks-For-Az-Task-BL False Top
ms-DS-User-Account-Control-Computed FalseUser
ms-DS-User-Password-Expiry-Time-Computed FalseUser
ms-Exch-Assistant-Name False Mail-Recipient
ms-Exch-House-Identifier False Organizational-Person
ms-Exch-LabeledURI False Mail-Recipient
ms-Exch-Owner-BL False Top
ms-IIS-FTP-Dir FalseUser
ms-IIS-FTP-Root FalseUser
MSMQ-Digests FalseUser
MSMQ-Digests-Mig FalseUser
MSMQ-Sign-Certificates FalseUser
MSMQ-Sign-Certificates-Mig FalseUser
msNPAllowDialin FalseUser
msNPCallingStationID FalseUser
msNPSavedCallingStationID FalseUser
ms-PKI-AccountCredentials FalseUser
ms-PKI-DPAPIMasterKeys FalseUser
ms-PKI-RoamingTimeStamp FalseUser
msRADIUSCallbackNumber FalseUser
ms-RADIUS-FramedInterfaceId FalseUser
msRADIUSFramedIPAddress FalseUser
ms-RADIUS-FramedIpv6Prefix FalseUser
ms-RADIUS-FramedIpv6Route FalseUser
msRADIUSFramedRoute FalseUser
ms-RADIUS-SavedFramedInterfaceId FalseUser
ms-RADIUS-SavedFramedIpv6Prefix FalseUser
ms-RADIUS-SavedFramedIpv6Route FalseUser
msRADIUSServiceType FalseUser
msRASSavedCallbackNumber FalseUser
msRASSavedFramedIPAddress FalseUser
msRASSavedFramedRoute FalseUser
msSFU-30-Name FalseUser
msSFU-30-Nis-Domain FalseUser
msSFU-30-Posix-Member-Of False Top
ms-TS-Allow-Logon FalseUser
ms-TS-Broken-Connection-Action FalseUser
ms-TS-Connect-Client-Drives FalseUser
ms-TS-Connect-Printer-Drives FalseUser
ms-TS-Default-To-Main-Printer FalseUser
MS-TS-ExpireDate FalseUser
MS-TS-ExpireDate2 FalseUser
MS-TS-ExpireDate3 FalseUser
MS-TS-ExpireDate4 FalseUser
ms-TS-Home-Directory FalseUser
ms-TS-Home-Drive FalseUser
ms-TS-Initial-Program FalseUser
MS-TS-LicenseVersion FalseUser
MS-TS-LicenseVersion2 FalseUser
MS-TS-LicenseVersion3 FalseUser
MS-TS-LicenseVersion4 FalseUser
MS-TSLS-Property01 FalseUser
MS-TSLS-Property02 FalseUser
MS-TS-ManagingLS FalseUser
MS-TS-ManagingLS2 FalseUser
MS-TS-ManagingLS3 FalseUser
MS-TS-ManagingLS4 FalseUser
ms-TS-Max-Connection-Time FalseUser
ms-TS-Max-Disconnection-Time FalseUser
ms-TS-Max-Idle-Time FalseUser
ms-TS-Profile-Path FalseUser
MS-TS-Property01 FalseUser
MS-TS-Property02 FalseUser
ms-TS-Reconnection-Action FalseUser
ms-TS-Remote-Control FalseUser
ms-TS-Work-Directory FalseUser
netboot-SCP-BL False Top
Network-Address FalseUser
Non-Security-Member-BL False Top
Nt-Pwd-History FalseUser
NT-Security-Descriptor True TopSecurity-Principal
Obj-Dist-Name False Top
Object-Category True Top
Object-Class True Top
Object-Guid False Top
Object-Sid True Security-Principal
Object-Version False Top
Operator-Count FalseUser
Organizational-Unit-Name False Organizational-Person
Organization-Name FalseUserOrganizational-Person
Other-Login-Workstations FalseUser
Other-Mailbox False Organizational-Person
Other-Name False Organizational-Person
Other-Well-Known-Objects False Top
Partial-Attribute-Deletion-List False Top
Partial-Attribute-Set False Top
Personal-Title False Organizational-Person
Phone-Fax-Other False Organizational-Person
Phone-Home-Other False Organizational-Person
Phone-Home-Primary FalseUserOrganizational-Person
Phone-Ip-Other False Organizational-Person
Phone-Ip-Primary False Organizational-Person
Phone-ISDN-Primary False Organizational-Person
Phone-Mobile-Other False Organizational-Person
Phone-Mobile-Primary FalseUserOrganizational-Person
Phone-Office-Other False Organizational-Person
Phone-Pager-Other False Organizational-Person
Phone-Pager-Primary FalseUserOrganizational-Person
photo FalseUser
Physical-Delivery-Office-Name False Organizational-Person
Picture False Organizational-Person
Possible-Inferiors False Top
Postal-Address False Organizational-Person
Postal-Code False Organizational-Person
Post-Office-Box False Organizational-Person
Preferred-Delivery-Method False Organizational-Person
preferredLanguage FalseUser
Preferred-OU FalseUser
Primary-Group-ID FalseUser
Profile-Path FalseUser
Proxied-Object-Name False Top
Proxy-Addresses False Top
Pwd-Last-Set FalseUser
Query-Policy-BL False Top
RDN False Top
Registered-Address False Organizational-Person
Repl-Property-Meta-Data False Top
Repl-UpToDate-Vector False Top
Reports False Top
Reps-From False Top
Reps-To False Top
Revision False Top
Rid False Security-Principal
roomNumber FalseUser
SAM-Account-Name True Security-Principal
SAM-Account-Type False Security-Principal
Script-Path FalseUser
SD-Rights-Effective False Top
secretary FalseUserMail-Recipient
Security-Identifier False Security-Principal
See-Also False Person
Serial-Number False Person
Server-Reference-BL False Top
Service-Principal-Name FalseUser
shadowExpire False shadowAccount
shadowFlag False shadowAccount
shadowInactive False shadowAccount
shadowLastChange False shadowAccount
shadowMax False shadowAccount
shadowMin False shadowAccount
shadowWarning False shadowAccount
Show-In-Address-Book False Mail-Recipient
Show-In-Advanced-View-Only False Top
SID-History False Security-Principal
Site-Object-BL False Top
State-Or-Province-Name False Organizational-Person
Street-Address False Organizational-Person
Structural-Object-Class False Top
Sub-Refs False Top
SubSchemaSubEntry False Top
Supplemental-Credentials False Security-Principal
Surname False Person
System-Flags False Top
Telephone-Number False PersonMail-Recipient
Teletex-Terminal-Identifier False Organizational-Person
Telex-Number False Organizational-Person
Telex-Primary False Organizational-Person
Terminal-Server FalseUser
Text-Country False Organizational-Person
Text-Encoded-OR-Address False Mail-Recipient
Title False Organizational-Person
Token-Groups False Security-Principal
Token-Groups-Global-And-Universal False Security-Principal
Token-Groups-No-GC-Acceptable False Security-Principal
uid FalseUserposixAccountshadowAccount
uidNumber False posixAccount
Unicode-Pwd FalseUser
unixHomeDirectory False posixAccount
unixUserPassword False posixAccount
User-Account-Control FalseUser
User-Cert False Mail-Recipient
User-Comment False Organizational-Person
User-Parameters FalseUser
User-Password False PersonposixAccountshadowAccount
userPKCS12 FalseUser
User-Principal-Name FalseUser
User-Shared-Folder FalseUser
User-Shared-Folder-Other FalseUser
User-SMIME-Certificate FalseUserMail-Recipient
User-Workstations FalseUser
USN-Changed False Top
USN-Created False Top
USN-DSA-Last-Obj-Removed False Top
USN-Intersite False Top
USN-Last-Obj-Rem False Top
USN-Source False Top
Wbem-Path False Top
Well-Known-Objects False Top
When-Changed False Top
When-Created False Top
WWW-Home-Page False Top
WWW-Page-Other False Top
X121-Address False Organizational-Person
x500uniqueIdentifier FalseUser
X509-Cert FalseUserMail-Recipient

Windows Server 2008 Extended Rights

This class contains the following extended rights for Windows Server 2008:

Common Name
User-Change-Password
User-Force-Change-Password
Send-As
Receive-As
Allowed-To-Authenticate

Windows Server 2008 Property Sets

This class contains the following property sets for Windows Server 2008:

Common Name
General-Information
User-Account-Restrictions
User-Logon
Membership
Personal-Information
Email-Information
Web-Information
Public-Information
RAS-Information
Private-Information
Terminal-Server-License-Server

Windows Server 2008 R2

System-OnlyFalse
Object-Category1
Default-Object-Category Person
Governs-Id1.2.840.113556.1.5.9
Default-Hiding-Value0
Rdn-Att-Id Common-Name
Subclass of Organizational-Person
Possible Superiors Domain-DNSOrganizational-UnitBuiltin-Domain
Auxiliary Classes posixAccountshadowAccountMail-Recipient (System)Security-Principal (System)
NT-Security-DescriptorO:BAG:BAD:S:
Default Security DescriptorD:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;AO)(A;;RPLCLORC;;;PS)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;CR;ab721a54-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;CR;ab721a56-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;RPWP;77B5B886-944A-11d1-AEBD-0000F80367C1;;PS)(OA;;RPWP;E45795B2-9455-11d1-AEBD-0000F80367C1;;PS)(OA;;RPWP;E45795B3-9455-11d1-AEBD-0000F80367C1;;PS)(OA;;RP;037088f8-0ae1-11d2-b422-00a0c968f939;;RS)(OA;;RP;4c164200-20c0-11d0-a768-00aa006e0529;;RS)(OA;;RP;bc0ac240-79a9-11d0-9020-00c04fc2d4cf;;RS)(A;;RC;;;AU)(OA;;RP;59ba2f42-79a2-11d0-9020-00c04fc2d3cf;;AU)(OA;;RP;77B5B886-944A-11d1-AEBD-0000F80367C1;;AU)(OA;;RP;E45795B3-9455-11d1-AEBD-0000F80367C1;;AU)(OA;;RP;e48d0154-bcf8-11d1-8702-00c04fb96050;;AU)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;WD)(OA;;RP;5f202010-79a5-11d0-9020-00c04fc2d4cf;;RS)(OA;;RPWP;bf967a7f-0de6-11d0-a285-00aa003049e2;;CA)(OA;;RP;46a9b11d-60ae-405a-b7e8-ff8a58d456d2;;S-1-5-32-560)(OA;;WPRP;6db69a1c-9422-11d1-aebd-0000f80367c1;;S-1-5-32-561)(OA;;WPRP;5805bc62-bdc9-4428-a5e2-856a0f4c185e;;S-1-5-32-561)
System-Flags0x00000010

Windows Server 2008 R2 Attributes

This class contains the following attributes for Windows Server 2008 R2:

AttributeMandatoryDerived from
Account-Expires FalseUser
Account-Name-History False Security-Principal
ACS-Policy-Name FalseUser
Address False Organizational-Person
Address-Home FalseUserOrganizational-Person
Admin-Count FalseUser
Admin-Description False Top
Admin-Display-Name False Top
Allowed-Attributes False Top
Allowed-Attributes-Effective False Top
Allowed-Child-Classes False Top
Allowed-Child-Classes-Effective False Top
Alt-Security-Identities False Security-Principal
Assistant False Organizational-Person
attributeCertificateAttribute False Person
audio FalseUser
Bad-Password-Time FalseUser
Bad-Pwd-Count FalseUser
Bridgehead-Server-List-BL False Top
Business-Category FalseUser
Canonical-Name False Top
carLicense FalseUser
Code-Page FalseUser
Comment False Mail-Recipient
Common-Name True PersonMail-RecipientTopposixAccount
Company False Organizational-Person
Control-Access-Rights FalseUser
Country-Code False Organizational-Person
Country-Name False Organizational-Person
Create-Time-Stamp False Top
DBCS-Pwd FalseUser
Default-Class-Store FalseUser
Department False Organizational-Person
departmentNumber FalseUser
Description False TopposixAccountshadowAccount
Desktop-Profile FalseUser
Destination-Indicator False Organizational-Person
Display-Name FalseUserTop
Display-Name-Printable False Top
Division False Organizational-Person
DSA-Signature False Top
DS-Core-Propagation-Data False Top
Dynamic-LDAP-Server FalseUser
E-mail-Addresses FalseUserOrganizational-Person
Employee-ID False Organizational-Person
Employee-Number FalseUser
Employee-Type FalseUser
Extension-Name False Top
Facsimile-Telephone-Number False Organizational-Person
Flags False Top
From-Entry False Top
Frs-Computer-Reference-BL False Top
FRS-Member-Reference-BL False Top
FSMO-Role-Owner False Top
Garbage-Coll-Period False Mail-Recipient
gecos False posixAccount
Generation-Qualifier False Organizational-Person
gidNumber False posixAccount
Given-Name FalseUserOrganizational-Person
Group-Membership-SAM FalseUser
Group-Priority FalseUser
Groups-to-Ignore FalseUser
Home-Directory FalseUserposixAccount
Home-Drive FalseUser
houseIdentifier False Organizational-Person
Initials FalseUserOrganizational-Person
Instance-Type True Top
International-ISDN-Number False Organizational-Person
Is-Critical-System-Object False Top
Is-Deleted False Top
Is-Member-Of-DL False Top
Is-Privilege-Holder False Top
Is-Recycled False Top
jpegPhoto FalseUser
labeledURI FalseUserMail-Recipient
Last-Known-Parent False Top
Last-Logoff FalseUser
Last-Logon FalseUser
Last-Logon-Timestamp FalseUser
Legacy-Exchange-DN False Mail-Recipient
Lm-Pwd-History FalseUser
Locale-ID FalseUser
Locality-Name False Organizational-Person
Lockout-Time FalseUser
loginShell False posixAccount
Logo False Organizational-Person
Logon-Count FalseUser
Logon-Hours FalseUser
Logon-Workstation FalseUser
Managed-Objects False Top
Manager FalseUserOrganizational-Person
Mastered-By False Top
Max-Storage FalseUser
MHS-OR-Address False Organizational-Person
Modify-Time-Stamp False Top
ms-COM-PartitionSetLink False Top
ms-COM-UserLink False Top
ms-COM-UserPartitionSetLink FalseUser
ms-DFSR-ComputerReferenceBL False Top
ms-DFSR-MemberReferenceBL False Top
MS-DRM-Identity-Certificate FalseUser
ms-DS-Allowed-To-Delegate-To False Organizational-Person
ms-DS-Approx-Immed-Subordinates False Top
ms-DS-AuthenticatedAt-DC FalseUser
ms-DS-AuthenticatedTo-Accountlist False Top
ms-DS-Cached-Membership FalseUser
ms-DS-Cached-Membership-Time-Stamp FalseUser
MS-DS-Consistency-Child-Count False Top
MS-DS-Consistency-Guid False Top
MS-DS-Creator-SID FalseUser
ms-DS-Enabled-Feature-BL False Top
ms-DS-Failed-Interactive-Logon-Count FalseUser
ms-DS-Failed-Interactive-Logon-Count-At-Last-Successful-Logon FalseUser
ms-DS-HAB-Seniority-Index False Organizational-Person
ms-DS-Host-Service-Account-BL False Top
ms-DS-Is-Domain-For False Top
ms-DS-Is-Full-Replica-For False Top
ms-DS-Is-Partial-Replica-For False Top
ms-DS-KeyVersionNumber False Security-Principal
ms-DS-KrbTgt-Link-BL False Top
ms-DS-Last-Failed-Interactive-Logon-Time FalseUser
ms-DS-Last-Known-RDN False Top
ms-DS-Last-Successful-Interactive-Logon-Time FalseUser
ms-DS-local-Effective-Deletion-Time False Top
ms-DS-local-Effective-Recycle-Time False Top
ms-DS-Mastered-By False Top
ms-DS-Members-For-Az-Role-BL False Top
ms-DS-NC-Repl-Cursors False Top
ms-DS-NC-Repl-Inbound-Neighbors False Top
ms-DS-NC-Repl-Outbound-Neighbors False Top
ms-DS-NC-RO-Replica-Locations-BL False Top
ms-DS-NC-Type False Top
ms-DS-Non-Members-BL False Top
ms-DS-Object-Reference-BL False Top
ms-DS-OIDToGroup-Link-BL False Top
ms-DS-Operations-For-Az-Role-BL False Top
ms-DS-Operations-For-Az-Task-BL False Top
ms-DS-Phonetic-Company-Name False Organizational-Person
ms-DS-Phonetic-Department False Organizational-Person
ms-DS-Phonetic-Display-Name False Organizational-PersonMail-Recipient
ms-DS-Phonetic-First-Name False Organizational-Person
ms-DS-Phonetic-Last-Name False Organizational-Person
ms-DS-Principal-Name False Top
ms-DS-PSO-Applied False Top
ms-DS-Repl-Attribute-Meta-Data False Top
ms-DS-Repl-Value-Meta-Data False Top
ms-DS-Resultant-PSO FalseUser
ms-DS-Revealed-DSAs False Top
ms-DS-Revealed-List-BL False Top
ms-DS-Secondary-KrbTgt-Number FalseUser
ms-DS-Site-Affinity FalseUser
ms-DS-Source-Object-DN FalseUser
ms-DS-Supported-Encryption-Types FalseUser
ms-DS-Tasks-For-Az-Role-BL False Top
ms-DS-Tasks-For-Az-Task-BL False Top
ms-DS-User-Account-Control-Computed FalseUser
ms-DS-User-Password-Expiry-Time-Computed FalseUser
ms-Exch-Assistant-Name False Mail-Recipient
ms-Exch-House-Identifier False Organizational-Person
ms-Exch-LabeledURI False Mail-Recipient
ms-Exch-Owner-BL False Top
ms-IIS-FTP-Dir FalseUser
ms-IIS-FTP-Root FalseUser
MSMQ-Digests FalseUser
MSMQ-Digests-Mig FalseUser
MSMQ-Sign-Certificates FalseUser
MSMQ-Sign-Certificates-Mig FalseUser
msNPAllowDialin FalseUser
msNPCallingStationID FalseUser
msNPSavedCallingStationID FalseUser
ms-PKI-AccountCredentials FalseUser
ms-PKI-Credential-Roaming-Tokens FalseUser
ms-PKI-DPAPIMasterKeys FalseUser
ms-PKI-RoamingTimeStamp FalseUser
msRADIUSCallbackNumber FalseUser
ms-RADIUS-FramedInterfaceId FalseUser
msRADIUSFramedIPAddress FalseUser
ms-RADIUS-FramedIpv6Prefix FalseUser
ms-RADIUS-FramedIpv6Route FalseUser
msRADIUSFramedRoute FalseUser
ms-RADIUS-SavedFramedInterfaceId FalseUser
ms-RADIUS-SavedFramedIpv6Prefix FalseUser
ms-RADIUS-SavedFramedIpv6Route FalseUser
msRADIUSServiceType FalseUser
msRASSavedCallbackNumber FalseUser
msRASSavedFramedIPAddress FalseUser
msRASSavedFramedRoute FalseUser
msSFU-30-Name FalseUser
msSFU-30-Nis-Domain FalseUser
msSFU-30-Posix-Member-Of False Top
ms-TS-Allow-Logon FalseUser
ms-TS-Broken-Connection-Action FalseUser
ms-TS-Connect-Client-Drives FalseUser
ms-TS-Connect-Printer-Drives FalseUser
ms-TS-Default-To-Main-Printer FalseUser
MS-TS-ExpireDate FalseUser
MS-TS-ExpireDate2 FalseUser
MS-TS-ExpireDate3 FalseUser
MS-TS-ExpireDate4 FalseUser
ms-TS-Home-Directory FalseUser
ms-TS-Home-Drive FalseUser
ms-TS-Initial-Program FalseUser
MS-TS-LicenseVersion FalseUser
MS-TS-LicenseVersion2 FalseUser
MS-TS-LicenseVersion3 FalseUser
MS-TS-LicenseVersion4 FalseUser
MS-TSLS-Property01 FalseUser
MS-TSLS-Property02 FalseUser
MS-TS-ManagingLS FalseUser
MS-TS-ManagingLS2 FalseUser
MS-TS-ManagingLS3 FalseUser
MS-TS-ManagingLS4 FalseUser
ms-TS-Max-Connection-Time FalseUser
ms-TS-Max-Disconnection-Time FalseUser
ms-TS-Max-Idle-Time FalseUser
ms-TS-Primary-Desktop FalseUser
ms-TS-Profile-Path FalseUser
MS-TS-Property01 FalseUser
MS-TS-Property02 FalseUser
ms-TS-Reconnection-Action FalseUser
ms-TS-Remote-Control FalseUser
ms-TS-Secondary-Desktops FalseUser
ms-TS-Work-Directory FalseUser
netboot-SCP-BL False Top
Network-Address FalseUser
Non-Security-Member-BL False Top
Nt-Pwd-History FalseUser
NT-Security-Descriptor True TopSecurity-Principal
Obj-Dist-Name False Top
Object-Category True Top
Object-Class True Top
Object-Guid False Top
Object-Sid True Security-Principal
Object-Version False Top
Operator-Count FalseUser
Organizational-Unit-Name False Organizational-Person
Organization-Name FalseUserOrganizational-Person
Other-Login-Workstations FalseUser
Other-Mailbox False Organizational-Person
Other-Name False Organizational-Person
Other-Well-Known-Objects False Top
Partial-Attribute-Deletion-List False Top
Partial-Attribute-Set False Top
Personal-Title False Organizational-Person
Phone-Fax-Other False Organizational-Person
Phone-Home-Other False Organizational-Person
Phone-Home-Primary FalseUserOrganizational-Person
Phone-Ip-Other False Organizational-Person
Phone-Ip-Primary False Organizational-Person
Phone-ISDN-Primary False Organizational-Person
Phone-Mobile-Other False Organizational-Person
Phone-Mobile-Primary FalseUserOrganizational-Person
Phone-Office-Other False Organizational-Person
Phone-Pager-Other False Organizational-Person
Phone-Pager-Primary FalseUserOrganizational-Person
photo FalseUser
Physical-Delivery-Office-Name False Organizational-Person
Picture False Organizational-Person
Possible-Inferiors False Top
Postal-Address False Organizational-Person
Postal-Code False Organizational-Person
Post-Office-Box False Organizational-Person
Preferred-Delivery-Method False Organizational-Person
preferredLanguage FalseUser
Preferred-OU FalseUser
Primary-Group-ID FalseUser
Profile-Path FalseUser
Proxied-Object-Name False Top
Proxy-Addresses False Top
Pwd-Last-Set FalseUser
Query-Policy-BL False Top
RDN False Top
Registered-Address False Organizational-Person
Repl-Property-Meta-Data False Top
Repl-UpToDate-Vector False Top
Reports False Top
Reps-From False Top
Reps-To False Top
Revision False Top
Rid False Security-Principal
roomNumber FalseUser
SAM-Account-Name True Security-Principal
SAM-Account-Type False Security-Principal
Script-Path FalseUser
SD-Rights-Effective False Top
secretary FalseUserMail-Recipient
Security-Identifier False Security-Principal
See-Also False Person
Serial-Number False Person
Server-Reference-BL False Top
Service-Principal-Name FalseUser
shadowExpire False shadowAccount
shadowFlag False shadowAccount
shadowInactive False shadowAccount
shadowLastChange False shadowAccount
shadowMax False shadowAccount
shadowMin False shadowAccount
shadowWarning False shadowAccount
Show-In-Address-Book False Mail-Recipient
Show-In-Advanced-View-Only False Top
SID-History False Security-Principal
Site-Object-BL False Top
State-Or-Province-Name False Organizational-Person
Street-Address False Organizational-Person
Structural-Object-Class False Top
Sub-Refs False Top
SubSchemaSubEntry False Top
Supplemental-Credentials False Security-Principal
Surname False Person
System-Flags False Top
Telephone-Number False PersonMail-Recipient
Teletex-Terminal-Identifier False Organizational-Person
Telex-Number False Organizational-Person
Telex-Primary False Organizational-Person
Terminal-Server FalseUser
Text-Country False Organizational-Person
Text-Encoded-OR-Address False Mail-Recipient
Title False Organizational-Person
Token-Groups False Security-Principal
Token-Groups-Global-And-Universal False Security-Principal
Token-Groups-No-GC-Acceptable False Security-Principal
uid FalseUserposixAccountshadowAccount
uidNumber False posixAccount
Unicode-Pwd FalseUser
unixHomeDirectory False posixAccount
unixUserPassword False posixAccount
User-Account-Control FalseUser
User-Cert False Mail-Recipient
User-Comment False Organizational-Person
User-Parameters FalseUser
User-Password False PersonposixAccountshadowAccount
userPKCS12 FalseUser
User-Principal-Name FalseUser
User-Shared-Folder FalseUser
User-Shared-Folder-Other FalseUser
User-SMIME-Certificate FalseUserMail-Recipient
User-Workstations FalseUser
USN-Changed False Top
USN-Created False Top
USN-DSA-Last-Obj-Removed False Top
USN-Intersite False Top
USN-Last-Obj-Rem False Top
USN-Source False Top
Wbem-Path False Top
Well-Known-Objects False Top
When-Changed False Top
When-Created False Top
WWW-Home-Page False Top
WWW-Page-Other False Top
X121-Address False Organizational-Person
x500uniqueIdentifier FalseUser
X509-Cert FalseUserMail-Recipient

Windows Server 2008 R2 Extended Rights

This class contains the following extended rights for Windows Server 2008 R2:

Common Name
User-Change-Password
User-Force-Change-Password
Send-As
Receive-As
Allowed-To-Authenticate

Windows Server 2008 R2 Property Sets

This class contains the following property sets for Windows Server 2008 R2:

Common Name
General-Information
User-Account-Restrictions
User-Logon
Membership
Personal-Information
Email-Information
Web-Information
Public-Information
RAS-Information
Private-Information
Terminal-Server-License-Server

Windows Server 2012

System-OnlyFalse
Object-Category1
Default-Object-Category Person
Governs-Id1.2.840.113556.1.5.9
Default-Hiding-Value0
Rdn-Att-Id Common-Name
Subclass of Organizational-Person
Possible Superiors Domain-DNSOrganizational-UnitBuiltin-Domain
Auxiliary Classes posixAccountshadowAccountMail-Recipient (System)Security-Principal (System)
NT-Security-DescriptorO:BAG:BAD:S:
Default Security DescriptorD:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;AO)(A;;RPLCLORC;;;PS)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;CR;ab721a54-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;CR;ab721a56-1e2f-11d0-9819-00aa0040529b;;PS)(OA;;RPWP;77B5B886-944A-11d1-AEBD-0000F80367C1;;PS)(OA;;RPWP;E45795B2-9455-11d1-AEBD-0000F80367C1;;PS)(OA;;RPWP;E45795B3-9455-11d1-AEBD-0000F80367C1;;PS)(OA;;RP;037088f8-0ae1-11d2-b422-00a0c968f939;;RS)(OA;;RP;4c164200-20c0-11d0-a768-00aa006e0529;;RS)(OA;;RP;bc0ac240-79a9-11d0-9020-00c04fc2d4cf;;RS)(A;;RC;;;AU)(OA;;RP;59ba2f42-79a2-11d0-9020-00c04fc2d3cf;;AU)(OA;;RP;77B5B886-944A-11d1-AEBD-0000F80367C1;;AU)(OA;;RP;E45795B3-9455-11d1-AEBD-0000F80367C1;;AU)(OA;;RP;e48d0154-bcf8-11d1-8702-00c04fb96050;;AU)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;WD)(OA;;RP;5f202010-79a5-11d0-9020-00c04fc2d4cf;;RS)(OA;;RPWP;bf967a7f-0de6-11d0-a285-00aa003049e2;;CA)(OA;;RP;46a9b11d-60ae-405a-b7e8-ff8a58d456d2;;S-1-5-32-560)(OA;;WPRP;6db69a1c-9422-11d1-aebd-0000f80367c1;;S-1-5-32-561)(OA;;WPRP;5805bc62-bdc9-4428-a5e2-856a0f4c185e;;S-1-5-32-561)
System-Flags0x00000010

Windows Server 2012 Attributes

This class contains the following attributes for Windows Server 2012:

AttributeMandatoryDerived from
Account-Expires FalseUser
Account-Name-History False Security-Principal
ACS-Policy-Name FalseUser
Address False Organizational-Person
Address-Home FalseUserOrganizational-Person
Admin-Count FalseUser
Admin-Description False Top
Admin-Display-Name False Top
Allowed-Attributes False Top
Allowed-Attributes-Effective False Top
Allowed-Child-Classes False Top
Allowed-Child-Classes-Effective False Top
Alt-Security-Identities False Security-Principal
Assistant False Organizational-Person
attributeCertificateAttribute False Person
audio FalseUser
Bad-Password-Time FalseUser
Bad-Pwd-Count FalseUser
Bridgehead-Server-List-BL False Top
Business-Category FalseUser
Canonical-Name False Top
carLicense FalseUser
Code-Page FalseUser
Comment False Mail-Recipient
Common-Name True PersonMail-RecipientTopposixAccount
Company False Organizational-Person
Control-Access-Rights FalseUser
Country-Code False Organizational-Person
Country-Name False Organizational-Person
Create-Time-Stamp False Top
DBCS-Pwd FalseUser
Default-Class-Store FalseUser
Department False Organizational-Person
departmentNumber FalseUser
Description False TopposixAccountshadowAccount
Desktop-Profile FalseUser
Destination-Indicator False Organizational-Person
Display-Name FalseUserTop
Display-Name-Printable False Top
Division False Organizational-Person
DSA-Signature False Top
DS-Core-Propagation-Data False Top
Dynamic-LDAP-Server FalseUser
E-mail-Addresses FalseUserOrganizational-Person
Employee-ID False Organizational-Person
Employee-Number FalseUser
Employee-Type FalseUser
Extension-Name False Top
Facsimile-Telephone-Number False Organizational-Person
Flags False Top
From-Entry False Top
Frs-Computer-Reference-BL False Top
FRS-Member-Reference-BL False Top
FSMO-Role-Owner False Top
Garbage-Coll-Period False Mail-Recipient
gecos False posixAccount
Generation-Qualifier False Organizational-Person
gidNumber False posixAccount
Given-Name FalseUserOrganizational-Person
Group-Membership-SAM FalseUser
Group-Priority FalseUser
Groups-to-Ignore FalseUser
Home-Directory FalseUserposixAccount
Home-Drive FalseUser
houseIdentifier False Organizational-Person
Initials FalseUserOrganizational-Person
Instance-Type True Top
International-ISDN-Number False Organizational-Person
Is-Critical-System-Object False Top
Is-Deleted False Top
Is-Member-Of-DL False Top
Is-Privilege-Holder False Top
Is-Recycled False Top
jpegPhoto FalseUser
labeledURI FalseUserMail-Recipient
Last-Known-Parent False Top
Last-Logoff FalseUser
Last-Logon FalseUser
Last-Logon-Timestamp FalseUser
Legacy-Exchange-DN False Mail-Recipient
Lm-Pwd-History FalseUser
Locale-ID FalseUser
Locality-Name False Organizational-Person
Lockout-Time FalseUser
loginShell False posixAccount
Logo False Organizational-Person
Logon-Count FalseUser
Logon-Hours FalseUser
Logon-Workstation FalseUser
Managed-Objects False Top
Manager FalseUserOrganizational-Person
Mastered-By False Top
Max-Storage FalseUser
MHS-OR-Address False Organizational-Person
Modify-Time-Stamp False Top
ms-COM-PartitionSetLink False Top
ms-COM-UserLink False Top
ms-COM-UserPartitionSetLink FalseUser
ms-DFSR-ComputerReferenceBL False Top
ms-DFSR-MemberReferenceBL False Top
MS-DRM-Identity-Certificate FalseUser
ms-DS-Allowed-To-Act-On-Behalf-Of-Other-Identity False Organizational-Person
ms-DS-Allowed-To-Delegate-To False Organizational-Person
ms-DS-Approx-Immed-Subordinates False Top
ms-DS-AuthenticatedAt-DC FalseUser
ms-DS-AuthenticatedTo-Accountlist False Top
ms-DS-Cached-Membership FalseUser
ms-DS-Cached-Membership-Time-Stamp FalseUser
ms-DS-Claim-Shares-Possible-Values-With-BL False Top
MS-DS-Consistency-Child-Count False Top
MS-DS-Consistency-Guid False Top
MS-DS-Creator-SID FalseUser
ms-DS-Enabled-Feature-BL False Top
ms-DS-Failed-Interactive-Logon-Count FalseUser
ms-DS-Failed-Interactive-Logon-Count-At-Last-Successful-Logon FalseUser
ms-DS-GeoCoordinates-Altitude False Mail-Recipient
ms-DS-GeoCoordinates-Latitude False Mail-Recipient
ms-DS-GeoCoordinates-Longitude False Mail-Recipient
ms-DS-HAB-Seniority-Index False Organizational-Person
ms-DS-Host-Service-Account-BL False Top
ms-DS-Is-Domain-For False Top
ms-DS-Is-Full-Replica-For False Top
ms-DS-Is-Partial-Replica-For False Top
ms-DS-Is-Primary-Computer-For False Top
ms-DS-KeyVersionNumber False Security-Principal
ms-DS-KrbTgt-Link-BL False Top
ms-DS-Last-Failed-Interactive-Logon-Time FalseUser
ms-DS-Last-Known-RDN False Top
ms-DS-Last-Successful-Interactive-Logon-Time FalseUser
ms-DS-local-Effective-Deletion-Time False Top
ms-DS-local-Effective-Recycle-Time False Top
ms-DS-Mastered-By False Top
ms-DS-Members-For-Az-Role-BL False Top
ms-DS-Members-Of-Resource-Property-List-BL False Top
ms-DS-NC-Repl-Cursors False Top
ms-DS-NC-Repl-Inbound-Neighbors False Top
ms-DS-NC-Repl-Outbound-Neighbors False Top
ms-DS-NC-RO-Replica-Locations-BL False Top
ms-DS-NC-Type False Top
ms-DS-Non-Members-BL False Top
ms-DS-Object-Reference-BL False Top
ms-DS-OIDToGroup-Link-BL False Top
ms-DS-Operations-For-Az-Role-BL False Top
ms-DS-Operations-For-Az-Task-BL False Top
ms-DS-Phonetic-Company-Name False Organizational-Person
ms-DS-Phonetic-Department False Organizational-Person
ms-DS-Phonetic-Display-Name False Organizational-PersonMail-Recipient
ms-DS-Phonetic-First-Name False Organizational-Person
ms-DS-Phonetic-Last-Name False Organizational-Person
ms-DS-Primary-Computer FalseUser
ms-DS-Principal-Name False Top
ms-DS-PSO-Applied False Top
ms-DS-Repl-Attribute-Meta-Data False Top
ms-DS-Repl-Value-Meta-Data False Top
ms-DS-Resultant-PSO FalseUser
ms-DS-Revealed-DSAs False Top
ms-DS-Revealed-List-BL False Top
ms-DS-Secondary-KrbTgt-Number FalseUser
ms-DS-Site-Affinity FalseUser
ms-DS-Source-Object-DN FalseUser
ms-DS-Supported-Encryption-Types FalseUser
ms-DS-Tasks-For-Az-Role-BL False Top
ms-DS-Tasks-For-Az-Task-BL False Top
ms-DS-TDO-Egress-BL False Top
ms-DS-TDO-Ingress-BL False Top
ms-DS-User-Account-Control-Computed FalseUser
ms-DS-User-Password-Expiry-Time-Computed FalseUser
ms-DS-Value-Type-Reference-BL False Top
ms-Exch-Assistant-Name False Mail-Recipient
ms-Exch-House-Identifier False Organizational-Person
ms-Exch-LabeledURI False Mail-Recipient
ms-Exch-Owner-BL False Top
ms-IIS-FTP-Dir FalseUser
ms-IIS-FTP-Root FalseUser
MSMQ-Digests FalseUser
MSMQ-Digests-Mig FalseUser
MSMQ-Sign-Certificates FalseUser
MSMQ-Sign-Certificates-Mig FalseUser
msNPAllowDialin FalseUser
msNPCallingStationID FalseUser
msNPSavedCallingStationID FalseUser
ms-PKI-AccountCredentials FalseUser
ms-PKI-Credential-Roaming-Tokens FalseUser
ms-PKI-DPAPIMasterKeys FalseUser
ms-PKI-RoamingTimeStamp FalseUser
msRADIUSCallbackNumber FalseUser
ms-RADIUS-FramedInterfaceId FalseUser
msRADIUSFramedIPAddress FalseUser
ms-RADIUS-FramedIpv6Prefix FalseUser
ms-RADIUS-FramedIpv6Route FalseUser
msRADIUSFramedRoute FalseUser
ms-RADIUS-SavedFramedInterfaceId FalseUser
ms-RADIUS-SavedFramedIpv6Prefix FalseUser
ms-RADIUS-SavedFramedIpv6Route FalseUser
msRADIUSServiceType FalseUser
msRASSavedCallbackNumber FalseUser
msRASSavedFramedIPAddress FalseUser
msRASSavedFramedRoute FalseUser
msSFU-30-Name FalseUser
msSFU-30-Nis-Domain FalseUser
msSFU-30-Posix-Member-Of False Top
ms-TS-Allow-Logon FalseUser
ms-TS-Broken-Connection-Action FalseUser
ms-TS-Connect-Client-Drives FalseUser
ms-TS-Connect-Printer-Drives FalseUser
ms-TS-Default-To-Main-Printer FalseUser
MS-TS-ExpireDate FalseUser
MS-TS-ExpireDate2 FalseUser
MS-TS-ExpireDate3 FalseUser
MS-TS-ExpireDate4 FalseUser
ms-TS-Home-Directory FalseUser
ms-TS-Home-Drive FalseUser
ms-TS-Initial-Program FalseUser
MS-TS-LicenseVersion FalseUser
MS-TS-LicenseVersion2 FalseUser
MS-TS-LicenseVersion3 FalseUser
MS-TS-LicenseVersion4 FalseUser
MS-TSLS-Property01 FalseUser
MS-TSLS-Property02 FalseUser
MS-TS-ManagingLS FalseUser
MS-TS-ManagingLS2 FalseUser
MS-TS-ManagingLS3 FalseUser
MS-TS-ManagingLS4 FalseUser
ms-TS-Max-Connection-Time FalseUser
ms-TS-Max-Disconnection-Time FalseUser
ms-TS-Max-Idle-Time FalseUser
ms-TS-Primary-Desktop FalseUser
ms-TS-Profile-Path FalseUser
MS-TS-Property01 FalseUser
MS-TS-Property02 FalseUser
ms-TS-Reconnection-Action FalseUser
ms-TS-Remote-Control FalseUser
ms-TS-Secondary-Desktops FalseUser
ms-TS-Work-Directory FalseUser
netboot-SCP-BL False Top
Network-Address FalseUser
Non-Security-Member-BL False Top
Nt-Pwd-History FalseUser
NT-Security-Descriptor True TopSecurity-Principal
Obj-Dist-Name False Top
Object-Category True Top
Object-Class True Top
Object-Guid False Top
Object-Sid True Security-Principal
Object-Version False Top
Operator-Count FalseUser
Organizational-Unit-Name False Organizational-Person
Organization-Name FalseUserOrganizational-Person
Other-Login-Workstations FalseUser
Other-Mailbox False Organizational-Person
Other-Name False Organizational-Person
Other-Well-Known-Objects False Top
Partial-Attribute-Deletion-List False Top
Partial-Attribute-Set False Top
Personal-Title False Organizational-Person
Phone-Fax-Other False Organizational-Person
Phone-Home-Other False Organizational-Person
Phone-Home-Primary FalseUserOrganizational-Person
Phone-Ip-Other False Organizational-Person
Phone-Ip-Primary False Organizational-Person
Phone-ISDN-Primary False Organizational-Person
Phone-Mobile-Other False Organizational-Person
Phone-Mobile-Primary FalseUserOrganizational-Person
Phone-Office-Other False Organizational-Person
Phone-Pager-Other False Organizational-Person
Phone-Pager-Primary FalseUserOrganizational-Person
photo FalseUser
Physical-Delivery-Office-Name False Organizational-Person
Picture False Organizational-Person
Possible-Inferiors False Top
Postal-Address False Organizational-Person
Postal-Code False Organizational-Person
Post-Office-Box False Organizational-Person
Preferred-Delivery-Method False Organizational-Person
preferredLanguage FalseUser
Preferred-OU FalseUser
Primary-Group-ID FalseUser
Profile-Path FalseUser
Proxied-Object-Name False Top
Proxy-Addresses False Top
Pwd-Last-Set FalseUser
Query-Policy-BL False Top
RDN False Top
Registered-Address False Organizational-Person
Repl-Property-Meta-Data False Top
Repl-UpToDate-Vector False Top
Reports False Top
Reps-From False Top
Reps-To False Top
Revision False Top
Rid False Security-Principal
roomNumber FalseUser
SAM-Account-Name True Security-Principal
SAM-Account-Type False Security-Principal
Script-Path FalseUser
SD-Rights-Effective False Top
secretary FalseUserMail-Recipient
Security-Identifier False Security-Principal
See-Also False Person
Serial-Number False Person
Server-Reference-BL False Top
Service-Principal-Name FalseUser
shadowExpire False shadowAccount
shadowFlag False shadowAccount
shadowInactive False shadowAccount
shadowLastChange False shadowAccount
shadowMax False shadowAccount
shadowMin False shadowAccount
shadowWarning False shadowAccount
Show-In-Address-Book False Mail-Recipient
Show-In-Advanced-View-Only False Top
SID-History False Security-Principal
Site-Object-BL False Top
State-Or-Province-Name False Organizational-Person
Street-Address False Organizational-Person
Structural-Object-Class False Top
Sub-Refs False Top
SubSchemaSubEntry False Top
Supplemental-Credentials False Security-Principal
Surname False Person
System-Flags False Top
Telephone-Number False PersonMail-Recipient
Teletex-Terminal-Identifier False Organizational-Person
Telex-Number False Organizational-Person
Telex-Primary False Organizational-Person
Terminal-Server FalseUser
Text-Country False Organizational-Person
Text-Encoded-OR-Address False Mail-Recipient
Title False Organizational-Person
Token-Groups False Security-Principal
Token-Groups-Global-And-Universal False Security-Principal
Token-Groups-No-GC-Acceptable False Security-Principal
uid FalseUserposixAccountshadowAccount
uidNumber False posixAccount
Unicode-Pwd FalseUser
unixHomeDirectory False posixAccount
unixUserPassword False posixAccount
User-Account-Control FalseUser
User-Cert False Mail-Recipient
User-Comment False Organizational-Person
User-Parameters FalseUser
User-Password False PersonposixAccountshadowAccount
userPKCS12 FalseUser
User-Principal-Name FalseUser
User-Shared-Folder FalseUser
User-Shared-Folder-Other FalseUser
User-SMIME-Certificate FalseUserMail-Recipient
User-Workstations FalseUser
USN-Changed False Top
USN-Created False Top
USN-DSA-Last-Obj-Removed False Top
USN-Intersite False Top
USN-Last-Obj-Rem False Top
USN-Source False Top
Wbem-Path False Top
Well-Known-Objects False Top
When-Changed False Top
When-Created False Top
WWW-Home-Page False Top
WWW-Page-Other False Top
X121-Address False Organizational-Person
x500uniqueIdentifier FalseUser
X509-Cert FalseUserMail-Recipient

Windows Server 2012 Extended Rights

This class contains the following extended rights for Windows Server 2012:

Common Name
User-Change-Password
User-Force-Change-Password
Send-As
Receive-As
Allowed-To-Authenticate

Windows Server 2012 Property Sets

This class contains the following property sets for Windows Server 2012:

Common Name
General-Information
User-Account-Restrictions
User-Logon
Membership
Personal-Information
Email-Information
Web-Information
Public-Information
RAS-Information
Private-Information
Terminal-Server-License-Server

 

 

Show:
© 2014 Microsoft