Group class

Stores a list of user names. Used to apply security principals on resources.

CNGroup
Ldap-Display-Namegroup
Update PrivilegeThis value is set by the domain administrator.
Update Frequency-
Schema-Id-Guidbf967a9c-0de6-11d0-a285-00aa003049e2

Implementations

Windows 2000 Server

System-OnlyFalse
Object-Category1
Default-Object-Category-
Governs-Id1.2.840.113556.1.5.8
Default-Hiding-Value0
Rdn-Att-Id
Subclass of
Top
Possible Superiors Domain-DNS
 
Organizational-Unit
 
Builtin-Domain
 
Container
Auxiliary Classes Security-Principal (System)
 
Mail-Recipient (System)
NT-Security-DescriptorO:BAG:BAD:S:
Default Security DescriptorD:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;AO)(A;;RPLCLORC;;;PS)(OA;;CR;ab721a55-1e2f-11d0-9819-00aa0040529b;;AU)
System-Flags0x00000010

Windows 2000 Server Attributes

This class contains the following attributes for Windows 2000 Server:

AttributeMandatoryDerived from
Account-Name-History False
Admin-Count FalseGroup
Admin-Description False
Top
Admin-Display-Name False
Top
Allowed-Attributes False
Top
Allowed-Attributes-Effective False
Top
Allowed-Child-Classes False
Top
Allowed-Child-Classes-Effective False
Top
Alt-Security-Identities False
Bridgehead-Server-List-BL False
Top
Canonical-Name False
Top
Comment False
Common-Name True
Top
 
Control-Access-Rights FalseGroup
Create-Time-Stamp False
Top
Description False
Top
Desktop-Profile FalseGroup
Display-Name False
Top
Display-Name-Printable False
Top
DSA-Signature False
Top
DS-Core-Propagation-Data False
Top
E-mail-Addresses FalseGroup
Extension-Name False
Top
Flags False
Top
From-Entry False
Top
Frs-Computer-Reference-BL False
Top
FRS-Member-Reference-BL False
Top
FSMO-Role-Owner False
Top
Garbage-Coll-Period False
Group-Attributes FalseGroup
Group-Membership-SAM FalseGroup
Group-Type TrueGroup
Instance-Type True
Top
Is-Critical-System-Object False
Top
Is-Deleted False
Top
Is-Member-Of-DL False
Top
Is-Privilege-Holder False
Top
Last-Known-Parent False
Top
Legacy-Exchange-DN False
Managed-By FalseGroup
Managed-Objects False
Top
Mastered-By False
Top
Member FalseGroup
Modify-Time-Stamp False
Top
MS-DS-Consistency-Child-Count False
Top
MS-DS-Consistency-Guid False
Top
netboot-SCP-BL False
Top
Non-Security-Member FalseGroup
Non-Security-Member-BL False
Top
NT-Group-Members FalseGroup
NT-Security-Descriptor True
Top
 
Obj-Dist-Name False
Top
Object-Category True
Top
Object-Class True
Top
Object-Guid False
Top
Object-Sid True
Object-Version False
Top
Operator-Count FalseGroup
Other-Well-Known-Objects False
Top
Partial-Attribute-Deletion-List False
Top
Partial-Attribute-Set False
Top
Possible-Inferiors False
Top
Primary-Group-Token FalseGroup
Proxied-Object-Name False
Top
Proxy-Addresses False
Top
Query-Policy-BL False
Top
RDN False
Top
Repl-Property-Meta-Data False
Top
Repl-UpToDate-Vector False
Top
Reports False
Top
Reps-From False
Top
Reps-To False
Top
Revision False
Top
Rid False
SAM-Account-Name True
SAM-Account-Type False
SD-Rights-Effective False
Top
Security-Identifier False
Server-Reference-BL False
Top
Show-In-Address-Book False
Show-In-Advanced-View-Only False
Top
SID-History False
Site-Object-BL False
Top
Sub-Refs False
Top
SubSchemaSubEntry False
Top
Supplemental-Credentials False
System-Flags False
Top
Telephone-Number False
Text-Encoded-OR-Address False
Token-Groups False
Token-Groups-Global-And-Universal False
Token-Groups-No-GC-Acceptable False
User-Cert False
User-SMIME-Certificate False
USN-Changed False
Top
USN-Created False
Top
USN-DSA-Last-Obj-Removed False
Top
USN-Intersite False
Top
USN-Last-Obj-Rem False
Top
USN-Source False
Top
Wbem-Path False
Top
Well-Known-Objects False
Top
When-Changed False
Top
When-Created False
Top
WWW-Home-Page False
Top
WWW-Page-Other False
Top
X509-Cert False

Windows 2000 Server Extended Rights

This class contains the following extended rights for Windows 2000 Server:

Common Name
Send-To

Windows 2000 Server Validated Writes

This class contains the following validated writes for Windows 2000 Server:

Common Name
Self-Membership

Windows 2000 Server Property Sets

This class contains the following property sets for Windows 2000 Server:

Common Name
Email-Information

Windows Server 2003

System-OnlyFalse
Object-Category1
Default-Object-Category-
Governs-Id1.2.840.113556.1.5.8
Default-Hiding-Value0
Rdn-Att-Id
Subclass of
Top
Possible Superiors Domain-DNS
 
Organizational-Unit
 
Builtin-Domain
 
Container
 
ms-DS-Az-Admin-Manager
 
ms-DS-Az-Application
 
ms-DS-Az-Scope
Auxiliary Classes Security-Principal (System)
 
Mail-Recipient (System)
NT-Security-DescriptorO:BAG:BAD:S:
Default Security DescriptorD:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;AO)(A;;RPLCLORC;;;PS)(OA;;CR;ab721a55-1e2f-11d0-9819-00aa0040529b;;AU)(OA;;RP;46a9b11d-60ae-405a-b7e8-ff8a58d456d2;;S-1-5-32-560)
System-Flags0x00000010

Windows Server 2003 Attributes

This class contains the following attributes for Windows Server 2003:

AttributeMandatoryDerived from
Account-Name-History False
Admin-Count FalseGroup
Admin-Description False
Top
Admin-Display-Name False
Top
Allowed-Attributes False
Top
Allowed-Attributes-Effective False
Top
Allowed-Child-Classes False
Top
Allowed-Child-Classes-Effective False
Top
Alt-Security-Identities False
Bridgehead-Server-List-BL False
Top
Canonical-Name False
Top
Comment False
Common-Name True
Top
 
Control-Access-Rights FalseGroup
Create-Time-Stamp False
Top
Description False
Top
Desktop-Profile FalseGroup
Display-Name False
Top
Display-Name-Printable False
Top
DSA-Signature False
Top
DS-Core-Propagation-Data False
Top
E-mail-Addresses FalseGroup
Extension-Name False
Top
Flags False
Top
From-Entry False
Top
Frs-Computer-Reference-BL False
Top
FRS-Member-Reference-BL False
Top
FSMO-Role-Owner False
Top
Garbage-Coll-Period False
Group-Attributes FalseGroup
Group-Membership-SAM FalseGroup
Group-Type TrueGroup
Instance-Type True
Top
Is-Critical-System-Object False
Top
Is-Deleted False
Top
Is-Member-Of-DL False
Top
Is-Privilege-Holder False
Top
labeledURI False
Last-Known-Parent False
Top
Legacy-Exchange-DN False
Managed-By FalseGroup
Managed-Objects False
Top
Mastered-By False
Top
Member FalseGroup
Modify-Time-Stamp False
Top
ms-COM-PartitionSetLink False
Top
ms-COM-UserLink False
Top
ms-DS-Approx-Immed-Subordinates False
Top
ms-DS-Az-LDAP-Query FalseGroup
MS-DS-Consistency-Child-Count False
Top
MS-DS-Consistency-Guid False
Top
ms-DS-KeyVersionNumber False
ms-DS-Mastered-By False
Top
ms-DS-Members-For-Az-Role-BL False
Top
ms-DS-NC-Repl-Cursors False
Top
ms-DS-NC-Repl-Inbound-Neighbors False
Top
ms-DS-NC-Repl-Outbound-Neighbors False
Top
ms-DS-Non-Members FalseGroup
ms-DS-Non-Members-BL False
Top
ms-DS-Object-Reference-BL False
Top
ms-DS-Operations-For-Az-Role-BL False
Top
ms-DS-Operations-For-Az-Task-BL False
Top
ms-DS-Repl-Attribute-Meta-Data False
Top
ms-DS-Repl-Value-Meta-Data False
Top
ms-DS-Tasks-For-Az-Role-BL False
Top
ms-DS-Tasks-For-Az-Task-BL False
Top
ms-Exch-Assistant-Name False
ms-Exch-LabeledURI False
ms-Exch-Owner-BL False
Top
netboot-SCP-BL False
Top
Non-Security-Member FalseGroup
Non-Security-Member-BL False
Top
NT-Group-Members FalseGroup
NT-Security-Descriptor True
Top
 
Obj-Dist-Name False
Top
Object-Category True
Top
Object-Class True
Top
Object-Guid False
Top
Object-Sid True
Object-Version False
Top
Operator-Count FalseGroup
Other-Well-Known-Objects False
Top
Partial-Attribute-Deletion-List False
Top
Partial-Attribute-Set False
Top
Possible-Inferiors False
Top
Primary-Group-Token FalseGroup
Proxied-Object-Name False
Top
Proxy-Addresses False
Top
Query-Policy-BL False
Top
RDN False
Top
Repl-Property-Meta-Data False
Top
Repl-UpToDate-Vector False
Top
Reports False
Top
Reps-From False
Top
Reps-To False
Top
Revision False
Top
Rid False
SAM-Account-Name True
SAM-Account-Type False
SD-Rights-Effective False
Top
secretary False
Security-Identifier False
Server-Reference-BL False
Top
Show-In-Address-Book False
Show-In-Advanced-View-Only False
Top
SID-History False
Site-Object-BL False
Top
Structural-Object-Class False
Top
Sub-Refs False
Top
SubSchemaSubEntry False
Top
Supplemental-Credentials False
System-Flags False
Top
Telephone-Number False
Text-Encoded-OR-Address False
Token-Groups False
Token-Groups-Global-And-Universal False
Token-Groups-No-GC-Acceptable False
User-Cert False
User-SMIME-Certificate False
USN-Changed False
Top
USN-Created False
Top
USN-DSA-Last-Obj-Removed False
Top
USN-Intersite False
Top
USN-Last-Obj-Rem False
Top
USN-Source False
Top
Wbem-Path False
Top
Well-Known-Objects False
Top
When-Changed False
Top
When-Created False
Top
WWW-Home-Page False
Top
WWW-Page-Other False
Top
X509-Cert False

Windows Server 2003 Extended Rights

This class contains the following extended rights for Windows Server 2003:

Common Name
Send-To

Windows Server 2003 Validated Writes

This class contains the following validated writes for Windows Server 2003:

Common Name
Self-Membership

Windows Server 2003 Property Sets

This class contains the following property sets for Windows Server 2003:

Common Name
Email-Information

ADAM

System-OnlyFalse
Object-Category1
Default-Object-Category-
Governs-Id1.2.840.113556.1.5.8
Default-Hiding-Value0
Rdn-Att-Id
Subclass of
Top
Possible Superiors Domain-DNS
 
Organizational-Unit
 
Container
Auxiliary Classes Security-Principal (System)
NT-Security-DescriptorO:BAG:BAD:S:
Default Security DescriptorD:S:
System-Flags0x00000010

ADAM Attributes

This class contains the following attributes for ADAM:

AttributeMandatoryDerived from
Admin-Description False
Top
Admin-Display-Name False
Top
Allowed-Attributes False
Top
Allowed-Attributes-Effective False
Top
Allowed-Child-Classes False
Top
Allowed-Child-Classes-Effective False
Top
Bridgehead-Server-List-BL False
Top
Canonical-Name False
Top
Common-Name False
Top
Create-Time-Stamp False
Top
Description False
Top
Desktop-Profile FalseGroup
Display-Name False
Top
DSA-Signature False
Top
DS-Core-Propagation-Data False
Top
From-Entry False
Top
FSMO-Role-Owner False
Top
Group-Type TrueGroup
Instance-Type True
Top
Is-Critical-System-Object False
Top
Is-Deleted False
Top
Is-Member-Of-DL False
Top
Last-Known-Parent False
Top
Managed-By FalseGroup
Managed-Objects False
Top
Mastered-By False
Top
Member FalseGroup
Modify-Time-Stamp False
Top
ms-DS-Approx-Immed-Subordinates False
Top
MS-DS-Consistency-Child-Count False
Top
MS-DS-Consistency-Guid False
Top
ms-DS-Disable-For-Instances-BL False
Top
ms-DS-Mastered-By False
Top
ms-DS-NC-Repl-Cursors False
Top
ms-DS-NC-Repl-Inbound-Neighbors False
Top
ms-DS-NC-Repl-Outbound-Neighbors False
Top
ms-DS-Repl-Attribute-Meta-Data False
Top
ms-DS-Repl-Value-Meta-Data False
Top
ms-DS-Service-Account-BL False
Top
NT-Security-Descriptor True
Top
 
Obj-Dist-Name False
Top
Object-Category True
Top
Object-Class True
Top
Object-Guid False
Top
Object-Sid True
Object-Version False
Top
Other-Well-Known-Objects False
Top
Partial-Attribute-Deletion-List False
Top
Partial-Attribute-Set False
Top
Possible-Inferiors False
Top
Primary-Group-Token FalseGroup
Proxied-Object-Name False
Top
Proxy-Addresses False
Top
Query-Policy-BL False
Top
RDN False
Top
Repl-Property-Meta-Data False
Top
Repl-UpToDate-Vector False
Top
Reps-From False
Top
Reps-To False
Top
Revision False
Top
SD-Rights-Effective False
Top
Server-Reference-BL False
Top
Show-In-Advanced-View-Only False
Top
Site-Object-BL False
Top
Structural-Object-Class False
Top
Sub-Refs False
Top
SubSchemaSubEntry False
Top
Supplemental-Credentials False
System-Flags False
Top
Token-Groups False
USN-Changed False
Top
USN-Created False
Top
USN-DSA-Last-Obj-Removed False
Top
USN-Intersite False
Top
USN-Last-Obj-Rem False
Top
USN-Source False
Top
Wbem-Path False
Top
Well-Known-Objects False
Top
When-Changed False
Top
When-Created False
Top
WWW-Home-Page False
Top
WWW-Page-Other False
Top

ADAM Validated Writes

This class contains the following validated writes for ADAM:

Common Name
Self-Membership

ADAM Property Sets

This class contains the following property sets for ADAM:

Common Name
Email-Information

Windows Server 2003 R2

System-OnlyFalse
Object-Category1
Default-Object-Category-
Governs-Id1.2.840.113556.1.5.8
Default-Hiding-Value0
Rdn-Att-Id
Subclass of
Top
Possible Superiors Domain-DNS
 
Organizational-Unit
 
Builtin-Domain
 
Container
 
ms-DS-Az-Admin-Manager
 
ms-DS-Az-Application
 
ms-DS-Az-Scope
Auxiliary Classes posixGroup
 
Security-Principal (System)
 
Mail-Recipient (System)
NT-Security-DescriptorO:BAG:BAD:S:
Default Security DescriptorD:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;AO)(A;;RPLCLORC;;;PS)(OA;;CR;ab721a55-1e2f-11d0-9819-00aa0040529b;;AU)(OA;;RP;46a9b11d-60ae-405a-b7e8-ff8a58d456d2;;S-1-5-32-560)
System-Flags0x00000010

Windows Server 2003 R2 Attributes

This class contains the following attributes for Windows Server 2003 R2:

AttributeMandatoryDerived from
Account-Name-History False
Admin-Count FalseGroup
Admin-Description False
Top
Admin-Display-Name False
Top
Allowed-Attributes False
Top
Allowed-Attributes-Effective False
Top
Allowed-Child-Classes False
Top
Allowed-Child-Classes-Effective False
Top
Alt-Security-Identities False
Bridgehead-Server-List-BL False
Top
Canonical-Name False
Top
Comment False
Common-Name True
Top
 
 
Control-Access-Rights FalseGroup
Create-Time-Stamp False
Top
Description False
Top
 
Desktop-Profile FalseGroup
Display-Name False
Top
Display-Name-Printable False
Top
DSA-Signature False
Top
DS-Core-Propagation-Data False
Top
E-mail-Addresses FalseGroup
Extension-Name False
Top
Flags False
Top
From-Entry False
Top
Frs-Computer-Reference-BL False
Top
FRS-Member-Reference-BL False
Top
FSMO-Role-Owner False
Top
Garbage-Coll-Period False
gidNumber False
Group-Attributes FalseGroup
Group-Membership-SAM FalseGroup
Group-Type TrueGroup
Instance-Type True
Top
Is-Critical-System-Object False
Top
Is-Deleted False
Top
Is-Member-Of-DL False
Top
Is-Privilege-Holder False
Top
labeledURI False
Last-Known-Parent False
Top
Legacy-Exchange-DN False
Managed-By FalseGroup
Managed-Objects False
Top
Mastered-By False
Top
Member FalseGroup
memberUid False
Modify-Time-Stamp False
Top
ms-COM-PartitionSetLink False
Top
ms-COM-UserLink False
Top
ms-DFSR-ComputerReferenceBL False
Top
ms-DFSR-MemberReferenceBL False
Top
ms-DS-Approx-Immed-Subordinates False
Top
ms-DS-Az-LDAP-Query FalseGroup
MS-DS-Consistency-Child-Count False
Top
MS-DS-Consistency-Guid False
Top
ms-DS-KeyVersionNumber False
ms-DS-Mastered-By False
Top
ms-DS-Members-For-Az-Role-BL False
Top
ms-DS-NC-Repl-Cursors False
Top
ms-DS-NC-Repl-Inbound-Neighbors False
Top
ms-DS-NC-Repl-Outbound-Neighbors False
Top
ms-DS-Non-Members FalseGroup
ms-DS-Non-Members-BL False
Top
ms-DS-Object-Reference-BL False
Top
ms-DS-Operations-For-Az-Role-BL False
Top
ms-DS-Operations-For-Az-Task-BL False
Top
ms-DS-Repl-Attribute-Meta-Data False
Top
ms-DS-Repl-Value-Meta-Data False
Top
ms-DS-Tasks-For-Az-Role-BL False
Top
ms-DS-Tasks-For-Az-Task-BL False
Top
ms-Exch-Assistant-Name False
ms-Exch-LabeledURI False
ms-Exch-Owner-BL False
Top
msSFU-30-Name FalseGroup
msSFU-30-Nis-Domain FalseGroup
msSFU-30-Posix-Member FalseGroup
msSFU-30-Posix-Member-Of False
Top
netboot-SCP-BL False
Top
Non-Security-Member FalseGroup
Non-Security-Member-BL False
Top
NT-Group-Members FalseGroup
NT-Security-Descriptor True
Top
 
Obj-Dist-Name False
Top
Object-Category True
Top
Object-Class True
Top
Object-Guid False
Top
Object-Sid True
Object-Version False
Top
Operator-Count FalseGroup
Other-Well-Known-Objects False
Top
Partial-Attribute-Deletion-List False
Top
Partial-Attribute-Set False
Top
Possible-Inferiors False
Top
Primary-Group-Token FalseGroup
Proxied-Object-Name False
Top
Proxy-Addresses False
Top
Query-Policy-BL False
Top
RDN False
Top
Repl-Property-Meta-Data False
Top
Repl-UpToDate-Vector False
Top
Reports False
Top
Reps-From False
Top
Reps-To False
Top
Revision False
Top
Rid False
SAM-Account-Name True
SAM-Account-Type False
SD-Rights-Effective False
Top
secretary False
Security-Identifier False
Server-Reference-BL False
Top
Show-In-Address-Book False
Show-In-Advanced-View-Only False
Top
SID-History False
Site-Object-BL False
Top
Structural-Object-Class False
Top
Sub-Refs False
Top
SubSchemaSubEntry False
Top
Supplemental-Credentials False
System-Flags False
Top
Telephone-Number False
Text-Encoded-OR-Address False
Token-Groups False
Token-Groups-Global-And-Universal False
Token-Groups-No-GC-Acceptable False
unixUserPassword False
User-Cert False
User-Password False
User-SMIME-Certificate False
USN-Changed False
Top
USN-Created False
Top
USN-DSA-Last-Obj-Removed False
Top
USN-Intersite False
Top
USN-Last-Obj-Rem False
Top
USN-Source False
Top
Wbem-Path False
Top
Well-Known-Objects False
Top
When-Changed False
Top
When-Created False
Top
WWW-Home-Page False
Top
WWW-Page-Other False
Top
X509-Cert False

Windows Server 2003 R2 Extended Rights

This class contains the following extended rights for Windows Server 2003 R2:

Common Name
Send-To

Windows Server 2003 R2 Validated Writes

This class contains the following validated writes for Windows Server 2003 R2:

Common Name
Self-Membership

Windows Server 2003 R2 Property Sets

This class contains the following property sets for Windows Server 2003 R2:

Common Name
Email-Information

Windows Server 2008

System-OnlyFalse
Object-Category1
Default-Object-Category-
Governs-Id1.2.840.113556.1.5.8
Default-Hiding-Value0
Rdn-Att-Id
Subclass of
Top
Possible Superiors Domain-DNS
 
Organizational-Unit
 
Builtin-Domain
 
Container
 
ms-DS-Az-Admin-Manager
 
ms-DS-Az-Application
 
ms-DS-Az-Scope
Auxiliary Classes posixGroup
 
Security-Principal (System)
 
Mail-Recipient (System)
NT-Security-DescriptorO:BAG:BAD:S:
Default Security DescriptorD:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;AO)(A;;RPLCLORC;;;PS)(OA;;CR;ab721a55-1e2f-11d0-9819-00aa0040529b;;AU)(OA;;RP;46a9b11d-60ae-405a-b7e8-ff8a58d456d2;;S-1-5-32-560)
System-Flags0x00000010

Windows Server 2008 Attributes

This class contains the following attributes for Windows Server 2008:

AttributeMandatoryDerived from
Account-Name-History False
Admin-Count FalseGroup
Admin-Description False
Top
Admin-Display-Name False
Top
Allowed-Attributes False
Top
Allowed-Attributes-Effective False
Top
Allowed-Child-Classes False
Top
Allowed-Child-Classes-Effective False
Top
Alt-Security-Identities False
Bridgehead-Server-List-BL False
Top
Canonical-Name False
Top
Comment False
Common-Name True
Top
 
 
Control-Access-Rights FalseGroup
Create-Time-Stamp False
Top
Description False
Top
 
Desktop-Profile FalseGroup
Display-Name False
Top
Display-Name-Printable False
Top
DSA-Signature False
Top
DS-Core-Propagation-Data False
Top
E-mail-Addresses FalseGroup
Extension-Name False
Top
Flags False
Top
From-Entry False
Top
Frs-Computer-Reference-BL False
Top
FRS-Member-Reference-BL False
Top
FSMO-Role-Owner False
Top
Garbage-Coll-Period False
gidNumber False
Group-Attributes FalseGroup
Group-Membership-SAM FalseGroup
Group-Type TrueGroup
Instance-Type True
Top
Is-Critical-System-Object False
Top
Is-Deleted False
Top
Is-Member-Of-DL False
Top
Is-Privilege-Holder False
Top
labeledURI False
Last-Known-Parent False
Top
Legacy-Exchange-DN False
Managed-By FalseGroup
Managed-Objects False
Top
Mastered-By False
Top
Member FalseGroup
memberUid False
Modify-Time-Stamp False
Top
ms-COM-PartitionSetLink False
Top
ms-COM-UserLink False
Top
ms-DFSR-ComputerReferenceBL False
Top
ms-DFSR-MemberReferenceBL False
Top
ms-DS-Approx-Immed-Subordinates False
Top
ms-DS-AuthenticatedTo-Accountlist False
Top
ms-DS-Az-Application-Data FalseGroup
ms-DS-Az-Biz-Rule FalseGroup
ms-DS-Az-Biz-Rule-Language FalseGroup
ms-DS-Az-Generic-Data FalseGroup
ms-DS-Az-Last-Imported-Biz-Rule-Path FalseGroup
ms-DS-Az-LDAP-Query FalseGroup
ms-DS-Az-Object-Guid FalseGroup
MS-DS-Consistency-Child-Count False
Top
MS-DS-Consistency-Guid False
Top
ms-DS-Is-Domain-For False
Top
ms-DS-Is-Full-Replica-For False
Top
ms-DS-Is-Partial-Replica-For False
Top
ms-DS-KeyVersionNumber False
ms-DS-KrbTgt-Link-BL False
Top
ms-DS-Mastered-By False
Top
ms-DS-Members-For-Az-Role-BL False
Top
ms-DS-NC-Repl-Cursors False
Top
ms-DS-NC-Repl-Inbound-Neighbors False
Top
ms-DS-NC-Repl-Outbound-Neighbors False
Top
ms-DS-NC-RO-Replica-Locations-BL False
Top
ms-DS-NC-Type False
Top
ms-DS-Non-Members FalseGroup
ms-DS-Non-Members-BL False
Top
ms-DS-Object-Reference-BL False
Top
ms-DS-Operations-For-Az-Role-BL False
Top
ms-DS-Operations-For-Az-Task-BL False
Top
ms-DS-Phonetic-Display-Name False
ms-DS-Principal-Name False
Top
ms-DS-PSO-Applied False
Top
ms-DS-Repl-Attribute-Meta-Data False
Top
ms-DS-Repl-Value-Meta-Data False
Top
ms-DS-Revealed-DSAs False
Top
ms-DS-Revealed-List-BL False
Top
ms-DS-Tasks-For-Az-Role-BL False
Top
ms-DS-Tasks-For-Az-Task-BL False
Top
ms-Exch-Assistant-Name False
ms-Exch-LabeledURI False
ms-Exch-Owner-BL False
Top
msSFU-30-Name FalseGroup
msSFU-30-Nis-Domain FalseGroup
msSFU-30-Posix-Member FalseGroup
msSFU-30-Posix-Member-Of False
Top
netboot-SCP-BL False
Top
Non-Security-Member FalseGroup
Non-Security-Member-BL False
Top
NT-Group-Members FalseGroup
NT-Security-Descriptor True
Top
 
Obj-Dist-Name False
Top
Object-Category True
Top
Object-Class True
Top
Object-Guid False
Top
Object-Sid True
Object-Version False
Top
Operator-Count FalseGroup
Other-Well-Known-Objects False
Top
Partial-Attribute-Deletion-List False
Top
Partial-Attribute-Set False
Top
Possible-Inferiors False
Top
Primary-Group-Token FalseGroup
Proxied-Object-Name False
Top
Proxy-Addresses False
Top
Query-Policy-BL False
Top
RDN False
Top
Repl-Property-Meta-Data False
Top
Repl-UpToDate-Vector False
Top
Reports False
Top
Reps-From False
Top
Reps-To False
Top
Revision False
Top
Rid False
SAM-Account-Name True
SAM-Account-Type False
SD-Rights-Effective False
Top
secretary False
Security-Identifier False
Server-Reference-BL False
Top
Show-In-Address-Book False
Show-In-Advanced-View-Only False
Top
SID-History False
Site-Object-BL False
Top
Structural-Object-Class False
Top
Sub-Refs False
Top
SubSchemaSubEntry False
Top
Supplemental-Credentials False
System-Flags False
Top
Telephone-Number False
Text-Encoded-OR-Address False
Token-Groups False
Token-Groups-Global-And-Universal False
Token-Groups-No-GC-Acceptable False
unixUserPassword False
User-Cert False
User-Password False
User-SMIME-Certificate False
USN-Changed False
Top
USN-Created False
Top
USN-DSA-Last-Obj-Removed False
Top
USN-Intersite False
Top
USN-Last-Obj-Rem False
Top
USN-Source False
Top
Wbem-Path False
Top
Well-Known-Objects False
Top
When-Changed False
Top
When-Created False
Top
WWW-Home-Page False
Top
WWW-Page-Other False
Top
X509-Cert False

Windows Server 2008 Extended Rights

This class contains the following extended rights for Windows Server 2008:

Common Name
Send-To

Windows Server 2008 Validated Writes

This class contains the following validated writes for Windows Server 2008:

Common Name
Self-Membership

Windows Server 2008 Property Sets

This class contains the following property sets for Windows Server 2008:

Common Name
Email-Information

Windows Server 2008 R2

System-OnlyFalse
Object-Category1
Default-Object-Category-
Governs-Id1.2.840.113556.1.5.8
Default-Hiding-Value0
Rdn-Att-Id
Subclass of
Top
Possible Superiors Domain-DNS
 
Organizational-Unit
 
Builtin-Domain
 
Container
 
ms-DS-Az-Admin-Manager
 
ms-DS-Az-Application
 
ms-DS-Az-Scope
Auxiliary Classes posixGroup
 
Security-Principal (System)
 
Mail-Recipient (System)
NT-Security-DescriptorO:BAG:BAD:S:
Default Security DescriptorD:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;AO)(A;;RPLCLORC;;;PS)(OA;;CR;ab721a55-1e2f-11d0-9819-00aa0040529b;;AU)(OA;;RP;46a9b11d-60ae-405a-b7e8-ff8a58d456d2;;S-1-5-32-560)
System-Flags0x00000010

Windows Server 2008 R2 Attributes

This class contains the following attributes for Windows Server 2008 R2:

AttributeMandatoryDerived from
Account-Name-History False
Admin-Count FalseGroup
Admin-Description False
Top
Admin-Display-Name False
Top
Allowed-Attributes False
Top
Allowed-Attributes-Effective False
Top
Allowed-Child-Classes False
Top
Allowed-Child-Classes-Effective False
Top
Alt-Security-Identities False
Bridgehead-Server-List-BL False
Top
Canonical-Name False
Top
Comment False
Common-Name True
Top
 
 
Control-Access-Rights FalseGroup
Create-Time-Stamp False
Top
Description False
Top
 
Desktop-Profile FalseGroup
Display-Name False
Top
Display-Name-Printable False
Top
DSA-Signature False
Top
DS-Core-Propagation-Data False
Top
E-mail-Addresses FalseGroup
Extension-Name False
Top
Flags False
Top
From-Entry False
Top
Frs-Computer-Reference-BL False
Top
FRS-Member-Reference-BL False
Top
FSMO-Role-Owner False
Top
Garbage-Coll-Period False
gidNumber False
Group-Attributes FalseGroup
Group-Membership-SAM FalseGroup
Group-Type TrueGroup
Instance-Type True
Top
Is-Critical-System-Object False
Top
Is-Deleted False
Top
Is-Member-Of-DL False
Top
Is-Privilege-Holder False
Top
Is-Recycled False
Top
labeledURI False
Last-Known-Parent False
Top
Legacy-Exchange-DN False
Managed-By FalseGroup
Managed-Objects False
Top
Mastered-By False
Top
Member FalseGroup
memberUid False
Modify-Time-Stamp False
Top
ms-COM-PartitionSetLink False
Top
ms-COM-UserLink False
Top
ms-DFSR-ComputerReferenceBL False
Top
ms-DFSR-MemberReferenceBL False
Top
ms-DS-Approx-Immed-Subordinates False
Top
ms-DS-AuthenticatedTo-Accountlist False
Top
ms-DS-Az-Application-Data FalseGroup
ms-DS-Az-Biz-Rule FalseGroup
ms-DS-Az-Biz-Rule-Language FalseGroup
ms-DS-Az-Generic-Data FalseGroup
ms-DS-Az-Last-Imported-Biz-Rule-Path FalseGroup
ms-DS-Az-LDAP-Query FalseGroup
ms-DS-Az-Object-Guid FalseGroup
MS-DS-Consistency-Child-Count False
Top
MS-DS-Consistency-Guid False
Top
ms-DS-Enabled-Feature-BL False
Top
ms-DS-Host-Service-Account-BL False
Top
ms-DS-Is-Domain-For False
Top
ms-DS-Is-Full-Replica-For False
Top
ms-DS-Is-Partial-Replica-For False
Top
ms-DS-KeyVersionNumber False
ms-DS-KrbTgt-Link-BL False
Top
ms-DS-Last-Known-RDN False
Top
ms-DS-local-Effective-Deletion-Time False
Top
ms-DS-local-Effective-Recycle-Time False
Top
ms-DS-Mastered-By False
Top
ms-DS-Members-For-Az-Role-BL False
Top
ms-DS-NC-Repl-Cursors False
Top
ms-DS-NC-Repl-Inbound-Neighbors False
Top
ms-DS-NC-Repl-Outbound-Neighbors False
Top
ms-DS-NC-RO-Replica-Locations-BL False
Top
ms-DS-NC-Type False
Top
ms-DS-Non-Members FalseGroup
ms-DS-Non-Members-BL False
Top
ms-DS-Object-Reference-BL False
Top
ms-DS-OIDToGroup-Link-BL False
Top
ms-DS-Operations-For-Az-Role-BL False
Top
ms-DS-Operations-For-Az-Task-BL False
Top
ms-DS-Phonetic-Display-Name False
ms-DS-Principal-Name False
Top
ms-DS-PSO-Applied False
Top
ms-DS-Repl-Attribute-Meta-Data False
Top
ms-DS-Repl-Value-Meta-Data False
Top
ms-DS-Revealed-DSAs False
Top
ms-DS-Revealed-List-BL False
Top
ms-DS-Tasks-For-Az-Role-BL False
Top
ms-DS-Tasks-For-Az-Task-BL False
Top
ms-Exch-Assistant-Name False
ms-Exch-LabeledURI False
ms-Exch-Owner-BL False
Top
msSFU-30-Name FalseGroup
msSFU-30-Nis-Domain FalseGroup
msSFU-30-Posix-Member FalseGroup
msSFU-30-Posix-Member-Of False
Top
netboot-SCP-BL False
Top
Non-Security-Member FalseGroup
Non-Security-Member-BL False
Top
NT-Group-Members FalseGroup
NT-Security-Descriptor True
Top
 
Obj-Dist-Name False
Top
Object-Category True
Top
Object-Class True
Top
Object-Guid False
Top
Object-Sid True
Object-Version False
Top
Operator-Count FalseGroup
Other-Well-Known-Objects False
Top
Partial-Attribute-Deletion-List False
Top
Partial-Attribute-Set False
Top
Possible-Inferiors False
Top
Primary-Group-Token FalseGroup
Proxied-Object-Name False
Top
Proxy-Addresses False
Top
Query-Policy-BL False
Top
RDN False
Top
Repl-Property-Meta-Data False
Top
Repl-UpToDate-Vector False
Top
Reports False
Top
Reps-From False
Top
Reps-To False
Top
Revision False
Top
Rid False
SAM-Account-Name True
SAM-Account-Type False
SD-Rights-Effective False
Top
secretary False
Security-Identifier False
Server-Reference-BL False
Top
Show-In-Address-Book False
Show-In-Advanced-View-Only False
Top
SID-History False
Site-Object-BL False
Top
Structural-Object-Class False
Top
Sub-Refs False
Top
SubSchemaSubEntry False
Top
Supplemental-Credentials False
System-Flags False
Top
Telephone-Number False
Text-Encoded-OR-Address False
Token-Groups False
Token-Groups-Global-And-Universal False
Token-Groups-No-GC-Acceptable False
unixUserPassword False
User-Cert False
User-Password False
User-SMIME-Certificate False
USN-Changed False
Top
USN-Created False
Top
USN-DSA-Last-Obj-Removed False
Top
USN-Intersite False
Top
USN-Last-Obj-Rem False
Top
USN-Source False
Top
Wbem-Path False
Top
Well-Known-Objects False
Top
When-Changed False
Top
When-Created False
Top
WWW-Home-Page False
Top
WWW-Page-Other False
Top
X509-Cert False

Windows Server 2008 R2 Extended Rights

This class contains the following extended rights for Windows Server 2008 R2:

Common Name
Send-To

Windows Server 2008 R2 Validated Writes

This class contains the following validated writes for Windows Server 2008 R2:

Common Name
Self-Membership

Windows Server 2008 R2 Property Sets

This class contains the following property sets for Windows Server 2008 R2:

Common Name
Email-Information

Windows Server 2012

System-OnlyFalse
Object-Category1
Default-Object-Category-
Governs-Id1.2.840.113556.1.5.8
Default-Hiding-Value0
Rdn-Att-Id
Subclass of
Top
Possible Superiors Domain-DNS
 
Organizational-Unit
 
Builtin-Domain
 
Container
 
ms-DS-Az-Admin-Manager
 
ms-DS-Az-Application
 
ms-DS-Az-Scope
Auxiliary Classes posixGroup
 
Security-Principal (System)
 
Mail-Recipient (System)
NT-Security-DescriptorO:BAG:BAD:S:
Default Security DescriptorD:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPLCLORC;;;AU)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;AO)(A;;RPLCLORC;;;PS)(OA;;CR;ab721a55-1e2f-11d0-9819-00aa0040529b;;AU)(OA;;RP;46a9b11d-60ae-405a-b7e8-ff8a58d456d2;;S-1-5-32-560)
System-Flags0x00000010

Windows Server 2012 Attributes

This class contains the following attributes for Windows Server 2012:

AttributeMandatoryDerived from
Account-Name-History False
Admin-Count FalseGroup
Admin-Description False
Top
Admin-Display-Name False
Top
Allowed-Attributes False
Top
Allowed-Attributes-Effective False
Top
Allowed-Child-Classes False
Top
Allowed-Child-Classes-Effective False
Top
Alt-Security-Identities False
Bridgehead-Server-List-BL False
Top
Canonical-Name False
Top
Comment False
Common-Name True
Top
 
 
Control-Access-Rights FalseGroup
Create-Time-Stamp False
Top
Description False
Top
 
Desktop-Profile FalseGroup
Display-Name False
Top
Display-Name-Printable False
Top
DSA-Signature False
Top
DS-Core-Propagation-Data False
Top
E-mail-Addresses FalseGroup
Extension-Name False
Top
Flags False
Top
From-Entry False
Top
Frs-Computer-Reference-BL False
Top
FRS-Member-Reference-BL False
Top
FSMO-Role-Owner False
Top
Garbage-Coll-Period False
gidNumber False
Group-Attributes FalseGroup
Group-Membership-SAM FalseGroup
Group-Type TrueGroup
Instance-Type True
Top
Is-Critical-System-Object False
Top
Is-Deleted False
Top
Is-Member-Of-DL False
Top
Is-Privilege-Holder False
Top
Is-Recycled False
Top
labeledURI False
Last-Known-Parent False
Top
Legacy-Exchange-DN False
Managed-By FalseGroup
Managed-Objects False
Top
Mastered-By False
Top
Member FalseGroup
memberUid False
Modify-Time-Stamp False
Top
ms-COM-PartitionSetLink False
Top
ms-COM-UserLink False
Top
ms-DFSR-ComputerReferenceBL False
Top
ms-DFSR-MemberReferenceBL False
Top
ms-DS-Approx-Immed-Subordinates False
Top
ms-DS-AuthenticatedTo-Accountlist False
Top
ms-DS-Az-Application-Data FalseGroup
ms-DS-Az-Biz-Rule FalseGroup
ms-DS-Az-Biz-Rule-Language FalseGroup
ms-DS-Az-Generic-Data FalseGroup
ms-DS-Az-Last-Imported-Biz-Rule-Path FalseGroup
ms-DS-Az-LDAP-Query FalseGroup
ms-DS-Az-Object-Guid FalseGroup
ms-DS-Claim-Shares-Possible-Values-With-BL False
Top
MS-DS-Consistency-Child-Count False
Top
MS-DS-Consistency-Guid False
Top
ms-DS-Enabled-Feature-BL False
Top
ms-DS-GeoCoordinates-Altitude False
ms-DS-GeoCoordinates-Latitude False
ms-DS-GeoCoordinates-Longitude False
ms-DS-Host-Service-Account-BL False
Top
ms-DS-Is-Domain-For False
Top
ms-DS-Is-Full-Replica-For False
Top
ms-DS-Is-Partial-Replica-For False
Top
ms-DS-Is-Primary-Computer-For False
Top
ms-DS-KeyVersionNumber False
ms-DS-KrbTgt-Link-BL False
Top
ms-DS-Last-Known-RDN False
Top
ms-DS-local-Effective-Deletion-Time False
Top
ms-DS-local-Effective-Recycle-Time False
Top
ms-DS-Mastered-By False
Top
ms-DS-Members-For-Az-Role-BL False
Top
ms-DS-Members-Of-Resource-Property-List-BL False
Top
ms-DS-NC-Repl-Cursors False
Top
ms-DS-NC-Repl-Inbound-Neighbors False
Top
ms-DS-NC-Repl-Outbound-Neighbors False
Top
ms-DS-NC-RO-Replica-Locations-BL False
Top
ms-DS-NC-Type False
Top
ms-DS-Non-Members FalseGroup
ms-DS-Non-Members-BL False
Top
ms-DS-Object-Reference-BL False
Top
ms-DS-OIDToGroup-Link-BL False
Top
ms-DS-Operations-For-Az-Role-BL False
Top
ms-DS-Operations-For-Az-Task-BL False
Top
ms-DS-Phonetic-Display-Name False
ms-DS-Primary-Computer FalseGroup
ms-DS-Principal-Name False
Top
ms-DS-PSO-Applied False
Top
ms-DS-Repl-Attribute-Meta-Data False
Top
ms-DS-Repl-Value-Meta-Data False
Top
ms-DS-Revealed-DSAs False
Top
ms-DS-Revealed-List-BL False
Top
ms-DS-Tasks-For-Az-Role-BL False
Top
ms-DS-Tasks-For-Az-Task-BL False
Top
ms-DS-TDO-Egress-BL False
Top
ms-DS-TDO-Ingress-BL False
Top
ms-DS-Value-Type-Reference-BL False
Top
ms-Exch-Assistant-Name False
ms-Exch-LabeledURI False
ms-Exch-Owner-BL False
Top
msSFU-30-Name FalseGroup
msSFU-30-Nis-Domain FalseGroup
msSFU-30-Posix-Member FalseGroup
msSFU-30-Posix-Member-Of False
Top
netboot-SCP-BL False
Top
Non-Security-Member FalseGroup
Non-Security-Member-BL False
Top
NT-Group-Members FalseGroup
NT-Security-Descriptor True
Top
 
Obj-Dist-Name False
Top
Object-Category True
Top
Object-Class True
Top
Object-Guid False
Top
Object-Sid True
Object-Version False
Top
Operator-Count FalseGroup
Other-Well-Known-Objects False
Top
Partial-Attribute-Deletion-List False
Top
Partial-Attribute-Set False
Top
Possible-Inferiors False
Top
Primary-Group-Token FalseGroup
Proxied-Object-Name False
Top
Proxy-Addresses False
Top
Query-Policy-BL False
Top
RDN False
Top
Repl-Property-Meta-Data False
Top
Repl-UpToDate-Vector False
Top
Reports False
Top
Reps-From False
Top
Reps-To False
Top
Revision False
Top
Rid False
SAM-Account-Name True
SAM-Account-Type False
SD-Rights-Effective False
Top
secretary False
Security-Identifier False
Server-Reference-BL False
Top
Show-In-Address-Book False
Show-In-Advanced-View-Only False
Top
SID-History False
Site-Object-BL False
Top
Structural-Object-Class False
Top
Sub-Refs False
Top
SubSchemaSubEntry False
Top
Supplemental-Credentials False
System-Flags False
Top
Telephone-Number False
Text-Encoded-OR-Address False
Token-Groups False
Token-Groups-Global-And-Universal False
Token-Groups-No-GC-Acceptable False
unixUserPassword False
User-Cert False
User-Password False
User-SMIME-Certificate False
USN-Changed False
Top
USN-Created False
Top
USN-DSA-Last-Obj-Removed False
Top
USN-Intersite False
Top
USN-Last-Obj-Rem False
Top
USN-Source False
Top
Wbem-Path False
Top
Well-Known-Objects False
Top
When-Changed False
Top
When-Created False
Top
WWW-Home-Page False
Top
WWW-Page-Other False
Top
X509-Cert False

Windows Server 2012 Extended Rights

This class contains the following extended rights for Windows Server 2012:

Common Name
Send-To

Windows Server 2012 Validated Writes

This class contains the following validated writes for Windows Server 2012:

Common Name
Self-Membership

Windows Server 2012 Property Sets

This class contains the following property sets for Windows Server 2012:

Common Name
Email-Information

 

 

Show: