ms-DS-Managed-Service-Account
DMD
DSA
Top
TOC
Collapse the table of content
Expand the table of content

ms-DS-Managed-Service-Account class

Service account class is used to create accounts that are used for running Windows services.

CNms-DS-Managed-Service-Account
Ldap-Display-NamemsDS-ManagedServiceAccount
Update Privilege-
Update Frequency-
Schema-Id-Guidce206244-5827-4a86-ba1c-1c0c386c1b64

Implementations

Windows Server 2008 R2

System-OnlyFalse
Object-Category1
Default-Object-Category-
Governs-Id1.2.840.113556.1.5.264
Default-Hiding-Value0
Rdn-Att-Id
Subclass of
Possible Superiors Container
 
Organizational-Unit
 
Domain-DNS
Auxiliary Classes-
NT-Security-DescriptorO:BAG:BAD:S:
Default Security DescriptorD:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;AO)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPCRLCLORCSDDT;;;CO)(OA;;WP;4c164200-20c0-11d0-a768-00aa006e0529;;CO)(OA;;SW;72e39547-7b18-11d1-adef-00c04fd8d5cd;;CO)(OA;;SW;f3a64788-5306-11d1-a9c5-0000f80367c1;;CO)(OA;;WP;3e0abfd0-126a-11d0-a060-00aa006c33ed;bf967a86-0de6-11d0-a285-00aa003049e2;CO)(OA;;WP;5f202010-79a5-11d0-9020-00c04fc2d4cf;bf967a86-0de6-11d0-a285-00aa003049e2;CO)(OA;;WP;bf967950-0de6-11d0-a285-00aa003049e2;bf967a86-0de6-11d0-a285-00aa003049e2;CO)(OA;;WP;bf967953-0de6-11d0-a285-00aa003049e2;bf967a86-0de6-11d0-a285-00aa003049e2;CO)(OA;;SW;f3a64788-5306-11d1-a9c5-0000f80367c1;;PS)(OA;;RPWP;77B5B886-944A-11d1-AEBD-0000F80367C1;;PS)(OA;;SW;72e39547-7b18-11d1-adef-00c04fd8d5cd;;PS)(A;;RPLCLORC;;;AU)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;WD)(OA;;RPWP;bf967a7f-0de6-11d0-a285-00aa003049e2;;CA)(OA;;RP;46a9b11d-60ae-405a-b7e8-ff8a58d456d2;;S-1-5-32-560)(OA;;RP;b7c69e6d-2cc7-11d2-854e-00a0c983f608;;ED)
System-Flags0x00000010

Windows Server 2008 R2 Attributes

This class contains the following attributes for Windows Server 2008 R2:

AttributeMandatoryDerived from
Account-Expires False
ACS-Policy-Name False
Address False
Address-Home False
Admin-Count False
Admin-Description False
Top
Admin-Display-Name False
Top
Allowed-Attributes False
Top
Allowed-Attributes-Effective False
Top
Allowed-Child-Classes False
Top
Allowed-Child-Classes-Effective False
Top
Assistant False
attributeCertificateAttribute False
audio False
Bad-Password-Time False
Bad-Pwd-Count False
Bridgehead-Server-List-BL False
Top
Business-Category False
Canonical-Name False
Top
carLicense False
Catalogs False
Code-Page False
Common-Name True
Top
 
Company False
Control-Access-Rights False
Country-Code False
Country-Name False
Create-Time-Stamp False
Top
DBCS-Pwd False
Default-Class-Store False
Default-Local-Policy-Object False
Department False
departmentNumber False
Description False
Top
Desktop-Profile False
Destination-Indicator False
Display-Name False
 
Top
Display-Name-Printable False
Top
Division False
DNS-Host-Name False
DSA-Signature False
Top
DS-Core-Propagation-Data False
Top
Dynamic-LDAP-Server False
E-mail-Addresses False
Employee-ID False
Employee-Number False
Employee-Type False
Extension-Name False
Top
Facsimile-Telephone-Number False
Flags False
Top
From-Entry False
Top
Frs-Computer-Reference-BL False
Top
FRS-Member-Reference-BL False
Top
FSMO-Role-Owner False
Top
Generation-Qualifier False
Given-Name False
 
Group-Membership-SAM False
Group-Priority False
Groups-to-Ignore False
Home-Directory False
Home-Drive False
houseIdentifier False
Initials False
Instance-Type True
Top
International-ISDN-Number False
Is-Critical-System-Object False
Top
Is-Deleted False
Top
Is-Member-Of-DL False
Top
Is-Privilege-Holder False
Top
Is-Recycled False
Top
jpegPhoto False
labeledURI False
Last-Known-Parent False
Top
Last-Logoff False
Last-Logon False
Last-Logon-Timestamp False
Lm-Pwd-History False
Locale-ID False
Locality-Name False
Local-Policy-Flags False
Location False
Lockout-Time False
Logo False
Logon-Count False
Logon-Hours False
Logon-Workstation False
Machine-Role False
Managed-By False
Managed-Objects False
Top
Manager False
Mastered-By False
Top
Max-Storage False
MHS-OR-Address False
Modify-Time-Stamp False
Top
ms-COM-PartitionSetLink False
Top
ms-COM-UserLink False
Top
ms-COM-UserPartitionSetLink False
ms-DFSR-ComputerReferenceBL False
Top
ms-DFSR-MemberReferenceBL False
Top
MS-DRM-Identity-Certificate False
ms-DS-Additional-Dns-Host-Name False
ms-DS-Additional-Sam-Account-Name False
ms-DS-Allowed-To-Delegate-To False
ms-DS-Approx-Immed-Subordinates False
Top
ms-DS-AuthenticatedAt-DC False
ms-DS-AuthenticatedTo-Accountlist False
Top
ms-DS-Cached-Membership False
ms-DS-Cached-Membership-Time-Stamp False
MS-DS-Consistency-Child-Count False
Top
MS-DS-Consistency-Guid False
Top
MS-DS-Creator-SID False
ms-DS-Enabled-Feature-BL False
Top
ms-DS-ExecuteScriptPassword False
ms-DS-Failed-Interactive-Logon-Count False
ms-DS-Failed-Interactive-Logon-Count-At-Last-Successful-Logon False
ms-DS-HAB-Seniority-Index False
ms-DS-Host-Service-Account False
ms-DS-Host-Service-Account-BL False
Top
ms-DS-Is-Domain-For False
Top
ms-DS-Is-Full-Replica-For False
Top
ms-DS-isGC False
ms-DS-Is-Partial-Replica-For False
Top
ms-DS-isRODC False
ms-DS-Is-User-Cachable-At-Rodc False
ms-DS-KrbTgt-Link False
ms-DS-KrbTgt-Link-BL False
Top
ms-DS-Last-Failed-Interactive-Logon-Time False
ms-DS-Last-Known-RDN False
Top
ms-DS-Last-Successful-Interactive-Logon-Time False
ms-DS-local-Effective-Deletion-Time False
Top
ms-DS-local-Effective-Recycle-Time False
Top
ms-DS-Mastered-By False
Top
ms-DS-Members-For-Az-Role-BL False
Top
ms-DS-NC-Repl-Cursors False
Top
ms-DS-NC-Repl-Inbound-Neighbors False
Top
ms-DS-NC-Repl-Outbound-Neighbors False
Top
ms-DS-NC-RO-Replica-Locations-BL False
Top
ms-DS-NC-Type False
Top
ms-DS-Never-Reveal-Group False
ms-DS-Non-Members-BL False
Top
ms-DS-Object-Reference-BL False
Top
ms-DS-OIDToGroup-Link-BL False
Top
ms-DS-Operations-For-Az-Role-BL False
Top
ms-DS-Operations-For-Az-Task-BL False
Top
ms-DS-Phonetic-Company-Name False
ms-DS-Phonetic-Department False
ms-DS-Phonetic-Display-Name False
ms-DS-Phonetic-First-Name False
ms-DS-Phonetic-Last-Name False
ms-DS-Principal-Name False
Top
ms-DS-Promotion-Settings False
ms-DS-PSO-Applied False
Top
ms-DS-Repl-Attribute-Meta-Data False
Top
ms-DS-Repl-Value-Meta-Data False
Top
ms-DS-Resultant-PSO False
ms-DS-Revealed-DSAs False
Top
ms-DS-Revealed-List False
ms-DS-Revealed-List-BL False
Top
ms-DS-Revealed-Users False
ms-DS-Reveal-OnDemand-Group False
ms-DS-Secondary-KrbTgt-Number False
ms-DS-Site-Affinity False
ms-DS-SiteName False
ms-DS-Source-Object-DN False
ms-DS-Supported-Encryption-Types False
ms-DS-Tasks-For-Az-Role-BL False
Top
ms-DS-Tasks-For-Az-Task-BL False
Top
ms-DS-User-Account-Control-Computed False
ms-DS-User-Password-Expiry-Time-Computed False
ms-Exch-House-Identifier False
ms-Exch-Owner-BL False
Top
ms-IIS-FTP-Dir False
ms-IIS-FTP-Root False
MSMQ-Digests False
MSMQ-Digests-Mig False
MSMQ-Sign-Certificates False
MSMQ-Sign-Certificates-Mig False
msNPAllowDialin False
msNPCallingStationID False
msNPSavedCallingStationID False
ms-PKI-AccountCredentials False
ms-PKI-Credential-Roaming-Tokens False
ms-PKI-DPAPIMasterKeys False
ms-PKI-RoamingTimeStamp False
msRADIUSCallbackNumber False
ms-RADIUS-FramedInterfaceId False
msRADIUSFramedIPAddress False
ms-RADIUS-FramedIpv6Prefix False
ms-RADIUS-FramedIpv6Route False
msRADIUSFramedRoute False
ms-RADIUS-SavedFramedInterfaceId False
ms-RADIUS-SavedFramedIpv6Prefix False
ms-RADIUS-SavedFramedIpv6Route False
msRADIUSServiceType False
msRASSavedCallbackNumber False
msRASSavedFramedIPAddress False
msRASSavedFramedRoute False
msSFU-30-Aliases False
msSFU-30-Name False
msSFU-30-Nis-Domain False
msSFU-30-Posix-Member-Of False
Top
ms-TPM-OwnerInformation False
ms-TS-Allow-Logon False
ms-TS-Broken-Connection-Action False
ms-TS-Connect-Client-Drives False
ms-TS-Connect-Printer-Drives False
ms-TS-Default-To-Main-Printer False
ms-TS-Endpoint-Data False
ms-TS-Endpoint-Plugin False
ms-TS-Endpoint-Type False
MS-TS-ExpireDate False
MS-TS-ExpireDate2 False
MS-TS-ExpireDate3 False
MS-TS-ExpireDate4 False
ms-TS-Home-Directory False
ms-TS-Home-Drive False
ms-TS-Initial-Program False
MS-TS-LicenseVersion False
MS-TS-LicenseVersion2 False
MS-TS-LicenseVersion3 False
MS-TS-LicenseVersion4 False
MS-TSLS-Property01 False
MS-TSLS-Property02 False
MS-TS-ManagingLS False
MS-TS-ManagingLS2 False
MS-TS-ManagingLS3 False
MS-TS-ManagingLS4 False
ms-TS-Max-Connection-Time False
ms-TS-Max-Disconnection-Time False
ms-TS-Max-Idle-Time False
ms-TS-Primary-Desktop False
ms-TS-Primary-Desktop-BL False
ms-TS-Profile-Path False
MS-TS-Property01 False
MS-TS-Property02 False
ms-TS-Reconnection-Action False
ms-TS-Remote-Control False
ms-TS-Secondary-Desktop-BL False
ms-TS-Secondary-Desktops False
ms-TS-Work-Directory False
Netboot-GUID False
Netboot-Initialization False
Netboot-Machine-File-Path False
Netboot-Mirror-Data-File False
netboot-SCP-BL False
Top
Netboot-SIF-File False
Network-Address False
nisMapName False
Non-Security-Member-BL False
Top
Nt-Pwd-History False
NT-Security-Descriptor True
Top
Obj-Dist-Name False
Top
Object-Category True
Top
Object-Class True
Top
Object-Guid False
Top
Object-Version False
Top
Operating-System False
Operating-System-Hotfix False
Operating-System-Service-Pack False
Operating-System-Version False
Operator-Count False
Organizational-Unit-Name False
Organization-Name False
Other-Login-Workstations False
Other-Mailbox False
Other-Name False
Other-Well-Known-Objects False
Top
Partial-Attribute-Deletion-List False
Top
Partial-Attribute-Set False
Top
Personal-Title False
Phone-Fax-Other False
Phone-Home-Other False
Phone-Home-Primary False
Phone-Ip-Other False
Phone-Ip-Primary False
Phone-ISDN-Primary False
Phone-Mobile-Other False
Phone-Mobile-Primary False
Phone-Office-Other False
Phone-Pager-Other False
Phone-Pager-Primary False
photo False
Physical-Delivery-Office-Name False
Physical-Location-Object False
Picture False
Policy-Replication-Flags False
Possible-Inferiors False
Top
Postal-Address False
Postal-Code False
Post-Office-Box False
Preferred-Delivery-Method False
preferredLanguage False
Preferred-OU False
Primary-Group-ID False
Profile-Path False
Proxied-Object-Name False
Top
Proxy-Addresses False
Top
Pwd-Last-Set False
Query-Policy-BL False
Top
RDN False
Top
Registered-Address False
Repl-Property-Meta-Data False
Top
Repl-UpToDate-Vector False
Top
Reports False
Top
Reps-From False
Top
Reps-To False
Top
Revision False
Top
RID-Set-References False
roomNumber False
Script-Path False
SD-Rights-Effective False
Top
secretary False
See-Also False
Serial-Number False
Server-Reference-BL False
Top
Service-Principal-Name False
Show-In-Advanced-View-Only False
Top
Site-GUID False
Site-Object-BL False
Top
State-Or-Province-Name False
Street-Address False
Structural-Object-Class False
Top
Sub-Refs False
Top
SubSchemaSubEntry False
Top
Surname False
System-Flags False
Top
Telephone-Number False
Teletex-Terminal-Identifier False
Telex-Number False
Telex-Primary False
Terminal-Server False
Text-Country False
Title False
uid False
Unicode-Pwd False
User-Account-Control False
User-Comment False
User-Parameters False
User-Password False
userPKCS12 False
User-Principal-Name False
User-Shared-Folder False
User-Shared-Folder-Other False
User-SMIME-Certificate False
User-Workstations False
USN-Changed False
Top
USN-Created False
Top
USN-DSA-Last-Obj-Removed False
Top
USN-Intersite False
Top
USN-Last-Obj-Rem False
Top
USN-Source False
Top
Volume-Count False
Wbem-Path False
Top
Well-Known-Objects False
Top
When-Changed False
Top
When-Created False
Top
WWW-Home-Page False
Top
WWW-Page-Other False
Top
X121-Address False
x500uniqueIdentifier False
X509-Cert False

Windows Server 2008 R2 Extended Rights

This class contains the following extended rights for Windows Server 2008 R2:

Common Name
User-Change-Password
User-Force-Change-Password
Send-As
Receive-As
Allowed-To-Authenticate

Windows Server 2008 R2 Validated Writes

This class contains the following validated writes for Windows Server 2008 R2:

Common Name
Validated-DNS-Host-Name
Validated-SPN

Windows Server 2008 R2 Property Sets

This class contains the following property sets for Windows Server 2008 R2:

Common Name
User-Account-Restrictions
Personal-Information
Public-Information
DNS-Host-Name-Attributes
MS-TS-GatewayAccess

Windows Server 2012

System-OnlyFalse
Object-Category1
Default-Object-Category-
Governs-Id1.2.840.113556.1.5.264
Default-Hiding-Value0
Rdn-Att-Id
Subclass of
Possible Superiors Container
 
Organizational-Unit
 
Domain-DNS
Auxiliary Classes-
NT-Security-DescriptorO:BAG:BAD:S:
Default Security DescriptorD:(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;DA)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;AO)(A;;RPWPCRCCDCLCLORCWOWDSDDTSW;;;SY)(A;;RPCRLCLORCSDDT;;;CO)(OA;;WP;4c164200-20c0-11d0-a768-00aa006e0529;;CO)(OA;;SW;72e39547-7b18-11d1-adef-00c04fd8d5cd;;CO)(OA;;SW;f3a64788-5306-11d1-a9c5-0000f80367c1;;CO)(OA;;WP;3e0abfd0-126a-11d0-a060-00aa006c33ed;bf967a86-0de6-11d0-a285-00aa003049e2;CO)(OA;;WP;5f202010-79a5-11d0-9020-00c04fc2d4cf;bf967a86-0de6-11d0-a285-00aa003049e2;CO)(OA;;WP;bf967950-0de6-11d0-a285-00aa003049e2;bf967a86-0de6-11d0-a285-00aa003049e2;CO)(OA;;WP;bf967953-0de6-11d0-a285-00aa003049e2;bf967a86-0de6-11d0-a285-00aa003049e2;CO)(OA;;SW;f3a64788-5306-11d1-a9c5-0000f80367c1;;PS)(OA;;RPWP;77B5B886-944A-11d1-AEBD-0000F80367C1;;PS)(OA;;SW;72e39547-7b18-11d1-adef-00c04fd8d5cd;;PS)(A;;RPLCLORC;;;AU)(OA;;CR;ab721a53-1e2f-11d0-9819-00aa0040529b;;WD)(OA;;RPWP;bf967a7f-0de6-11d0-a285-00aa003049e2;;CA)(OA;;RP;46a9b11d-60ae-405a-b7e8-ff8a58d456d2;;S-1-5-32-560)(OA;;RP;b7c69e6d-2cc7-11d2-854e-00a0c983f608;;ED)
System-Flags0x00000010

Windows Server 2012 Attributes

This class contains the following attributes for Windows Server 2012:

AttributeMandatoryDerived from
Account-Expires False
ACS-Policy-Name False
Address False
Address-Home False
Admin-Count False
Admin-Description False
Top
Admin-Display-Name False
Top
Allowed-Attributes False
Top
Allowed-Attributes-Effective False
Top
Allowed-Child-Classes False
Top
Allowed-Child-Classes-Effective False
Top
Assistant False
attributeCertificateAttribute False
audio False
Bad-Password-Time False
Bad-Pwd-Count False
Bridgehead-Server-List-BL False
Top
Business-Category False
Canonical-Name False
Top
carLicense False
Catalogs False
Code-Page False
Common-Name True
Top
 
Company False
Control-Access-Rights False
Country-Code False
Country-Name False
Create-Time-Stamp False
Top
DBCS-Pwd False
Default-Class-Store False
Default-Local-Policy-Object False
Department False
departmentNumber False
Description False
Top
Desktop-Profile False
Destination-Indicator False
Display-Name False
 
Top
Display-Name-Printable False
Top
Division False
DNS-Host-Name False
DSA-Signature False
Top
DS-Core-Propagation-Data False
Top
Dynamic-LDAP-Server False
E-mail-Addresses False
Employee-ID False
Employee-Number False
Employee-Type False
Extension-Name False
Top
Facsimile-Telephone-Number False
Flags False
Top
From-Entry False
Top
Frs-Computer-Reference-BL False
Top
FRS-Member-Reference-BL False
Top
FSMO-Role-Owner False
Top
Generation-Qualifier False
Given-Name False
 
Group-Membership-SAM False
Group-Priority False
Groups-to-Ignore False
Home-Directory False
Home-Drive False
houseIdentifier False
Initials False
Instance-Type True
Top
International-ISDN-Number False
Is-Critical-System-Object False
Top
Is-Deleted False
Top
Is-Member-Of-DL False
Top
Is-Privilege-Holder False
Top
Is-Recycled False
Top
jpegPhoto False
labeledURI False
Last-Known-Parent False
Top
Last-Logoff False
Last-Logon False
Last-Logon-Timestamp False
Lm-Pwd-History False
Locale-ID False
Locality-Name False
Local-Policy-Flags False
Location False
Lockout-Time False
Logo False
Logon-Count False
Logon-Hours False
Logon-Workstation False
Machine-Role False
Managed-By False
Managed-Objects False
Top
Manager False
Mastered-By False
Top
Max-Storage False
MHS-OR-Address False
Modify-Time-Stamp False
Top
ms-COM-PartitionSetLink False
Top
ms-COM-UserLink False
Top
ms-COM-UserPartitionSetLink False
ms-DFSR-ComputerReferenceBL False
Top
ms-DFSR-MemberReferenceBL False
Top
MS-DRM-Identity-Certificate False
ms-DS-Additional-Dns-Host-Name False
ms-DS-Additional-Sam-Account-Name False
ms-DS-Allowed-To-Act-On-Behalf-Of-Other-Identity False
ms-DS-Allowed-To-Delegate-To False
ms-DS-Approx-Immed-Subordinates False
Top
ms-DS-AuthenticatedAt-DC False
ms-DS-AuthenticatedTo-Accountlist False
Top
ms-DS-Cached-Membership False
ms-DS-Cached-Membership-Time-Stamp False
ms-DS-Claim-Shares-Possible-Values-With-BL False
Top
MS-DS-Consistency-Child-Count False
Top
MS-DS-Consistency-Guid False
Top
MS-DS-Creator-SID False
ms-DS-Enabled-Feature-BL False
Top
ms-DS-ExecuteScriptPassword False
ms-DS-Failed-Interactive-Logon-Count False
ms-DS-Failed-Interactive-Logon-Count-At-Last-Successful-Logon False
ms-DS-Generation-Id False
ms-DS-HAB-Seniority-Index False
ms-DS-Host-Service-Account False
ms-DS-Host-Service-Account-BL False
Top
ms-DS-Is-Domain-For False
Top
ms-DS-Is-Full-Replica-For False
Top
ms-DS-isGC False
ms-DS-Is-Partial-Replica-For False
Top
ms-DS-Is-Primary-Computer-For False
Top
ms-DS-isRODC False
ms-DS-Is-User-Cachable-At-Rodc False
ms-DS-KrbTgt-Link False
ms-DS-KrbTgt-Link-BL False
Top
ms-DS-Last-Failed-Interactive-Logon-Time False
ms-DS-Last-Known-RDN False
Top
ms-DS-Last-Successful-Interactive-Logon-Time False
ms-DS-local-Effective-Deletion-Time False
Top
ms-DS-local-Effective-Recycle-Time False
Top
ms-DS-Mastered-By False
Top
ms-DS-Members-For-Az-Role-BL False
Top
ms-DS-Members-Of-Resource-Property-List-BL False
Top
ms-DS-NC-Repl-Cursors False
Top
ms-DS-NC-Repl-Inbound-Neighbors False
Top
ms-DS-NC-Repl-Outbound-Neighbors False
Top
ms-DS-NC-RO-Replica-Locations-BL False
Top
ms-DS-NC-Type False
Top
ms-DS-Never-Reveal-Group False
ms-DS-Non-Members-BL False
Top
ms-DS-Object-Reference-BL False
Top
ms-DS-OIDToGroup-Link-BL False
Top
ms-DS-Operations-For-Az-Role-BL False
Top
ms-DS-Operations-For-Az-Task-BL False
Top
ms-DS-Phonetic-Company-Name False
ms-DS-Phonetic-Department False
ms-DS-Phonetic-Display-Name False
ms-DS-Phonetic-First-Name False
ms-DS-Phonetic-Last-Name False
ms-DS-Primary-Computer False
ms-DS-Principal-Name False
Top
ms-DS-Promotion-Settings False
ms-DS-PSO-Applied False
Top
ms-DS-Repl-Attribute-Meta-Data False
Top
ms-DS-Repl-Value-Meta-Data False
Top
ms-DS-Resultant-PSO False
ms-DS-Revealed-DSAs False
Top
ms-DS-Revealed-List False
ms-DS-Revealed-List-BL False
Top
ms-DS-Revealed-Users False
ms-DS-Reveal-OnDemand-Group False
ms-DS-Secondary-KrbTgt-Number False
ms-DS-Site-Affinity False
ms-DS-SiteName False
ms-DS-Source-Object-DN False
ms-DS-Supported-Encryption-Types False
ms-DS-Tasks-For-Az-Role-BL False
Top
ms-DS-Tasks-For-Az-Task-BL False
Top
ms-DS-TDO-Egress-BL False
Top
ms-DS-TDO-Ingress-BL False
Top
ms-DS-User-Account-Control-Computed False
ms-DS-User-Password-Expiry-Time-Computed False
ms-DS-Value-Type-Reference-BL False
Top
ms-Exch-House-Identifier False
ms-Exch-Owner-BL False
Top
ms-IIS-FTP-Dir False
ms-IIS-FTP-Root False
ms-Imaging-Hash-Algorithm False
ms-Imaging-Thumbprint-Hash False
MSMQ-Digests False
MSMQ-Digests-Mig False
MSMQ-Sign-Certificates False
MSMQ-Sign-Certificates-Mig False
msNPAllowDialin False
msNPCallingStationID False
msNPSavedCallingStationID False
ms-PKI-AccountCredentials False
ms-PKI-Credential-Roaming-Tokens False
ms-PKI-DPAPIMasterKeys False
ms-PKI-RoamingTimeStamp False
msRADIUSCallbackNumber False
ms-RADIUS-FramedInterfaceId False
msRADIUSFramedIPAddress False
ms-RADIUS-FramedIpv6Prefix False
ms-RADIUS-FramedIpv6Route False
msRADIUSFramedRoute False
ms-RADIUS-SavedFramedInterfaceId False
ms-RADIUS-SavedFramedIpv6Prefix False
ms-RADIUS-SavedFramedIpv6Route False
msRADIUSServiceType False
msRASSavedCallbackNumber False
msRASSavedFramedIPAddress False
msRASSavedFramedRoute False
msSFU-30-Aliases False
msSFU-30-Name False
msSFU-30-Nis-Domain False
msSFU-30-Posix-Member-Of False
Top
ms-TPM-OwnerInformation False
ms-TPM-Tpm-Information-For-Computer False
ms-TS-Allow-Logon False
ms-TS-Broken-Connection-Action False
ms-TS-Connect-Client-Drives False
ms-TS-Connect-Printer-Drives False
ms-TS-Default-To-Main-Printer False
ms-TS-Endpoint-Data False
ms-TS-Endpoint-Plugin False
ms-TS-Endpoint-Type False
MS-TS-ExpireDate False
MS-TS-ExpireDate2 False
MS-TS-ExpireDate3 False
MS-TS-ExpireDate4 False
ms-TS-Home-Directory False
ms-TS-Home-Drive False
ms-TS-Initial-Program False
MS-TS-LicenseVersion False
MS-TS-LicenseVersion2 False
MS-TS-LicenseVersion3 False
MS-TS-LicenseVersion4 False
MS-TSLS-Property01 False
MS-TSLS-Property02 False
MS-TS-ManagingLS False
MS-TS-ManagingLS2 False
MS-TS-ManagingLS3 False
MS-TS-ManagingLS4 False
ms-TS-Max-Connection-Time False
ms-TS-Max-Disconnection-Time False
ms-TS-Max-Idle-Time False
ms-TS-Primary-Desktop False
ms-TS-Primary-Desktop-BL False
ms-TS-Profile-Path False
MS-TS-Property01 False
MS-TS-Property02 False
ms-TS-Reconnection-Action False
ms-TS-Remote-Control False
ms-TS-Secondary-Desktop-BL False
ms-TS-Secondary-Desktops False
ms-TS-Work-Directory False
Netboot-GUID False
Netboot-Initialization False
Netboot-Machine-File-Path False
Netboot-Mirror-Data-File False
netboot-SCP-BL False
Top
Netboot-SIF-File False
Network-Address False
nisMapName False
Non-Security-Member-BL False
Top
Nt-Pwd-History False
NT-Security-Descriptor True
Top
Obj-Dist-Name False
Top
Object-Category True
Top
Object-Class True
Top
Object-Guid False
Top
Object-Version False
Top
Operating-System False
Operating-System-Hotfix False
Operating-System-Service-Pack False
Operating-System-Version False
Operator-Count False
Organizational-Unit-Name False
Organization-Name False
Other-Login-Workstations False
Other-Mailbox False
Other-Name False
Other-Well-Known-Objects False
Top
Partial-Attribute-Deletion-List False
Top
Partial-Attribute-Set False
Top
Personal-Title False
Phone-Fax-Other False
Phone-Home-Other False
Phone-Home-Primary False
Phone-Ip-Other False
Phone-Ip-Primary False
Phone-ISDN-Primary False
Phone-Mobile-Other False
Phone-Mobile-Primary False
Phone-Office-Other False
Phone-Pager-Other False
Phone-Pager-Primary False
photo False
Physical-Delivery-Office-Name False
Physical-Location-Object False
Picture False
Policy-Replication-Flags False
Possible-Inferiors False
Top
Postal-Address False
Postal-Code False
Post-Office-Box False
Preferred-Delivery-Method False
preferredLanguage False
Preferred-OU False
Primary-Group-ID False
Profile-Path False
Proxied-Object-Name False
Top
Proxy-Addresses False
Top
Pwd-Last-Set False
Query-Policy-BL False
Top
RDN False
Top
Registered-Address False
Repl-Property-Meta-Data False
Top
Repl-UpToDate-Vector False
Top
Reports False
Top
Reps-From False
Top
Reps-To False
Top
Revision False
Top
RID-Set-References False
roomNumber False
Script-Path False
SD-Rights-Effective False
Top
secretary False
See-Also False
Serial-Number False
Server-Reference-BL False
Top
Service-Principal-Name False
Show-In-Advanced-View-Only False
Top
Site-GUID False
Site-Object-BL False
Top
State-Or-Province-Name False
Street-Address False
Structural-Object-Class False
Top
Sub-Refs False
Top
SubSchemaSubEntry False
Top
Surname False
System-Flags False
Top
Telephone-Number False
Teletex-Terminal-Identifier False
Telex-Number False
Telex-Primary False
Terminal-Server False
Text-Country False
Title False
uid False
Unicode-Pwd False
User-Account-Control False
User-Comment False
User-Parameters False
User-Password False
userPKCS12 False
User-Principal-Name False
User-Shared-Folder False
User-Shared-Folder-Other False
User-SMIME-Certificate False
User-Workstations False
USN-Changed False
Top
USN-Created False
Top
USN-DSA-Last-Obj-Removed False
Top
USN-Intersite False
Top
USN-Last-Obj-Rem False
Top
USN-Source False
Top
Volume-Count False
Wbem-Path False
Top
Well-Known-Objects False
Top
When-Changed False
Top
When-Created False
Top
WWW-Home-Page False
Top
WWW-Page-Other False
Top
X121-Address False
x500uniqueIdentifier False
X509-Cert False

Windows Server 2012 Extended Rights

This class contains the following extended rights for Windows Server 2012:

Common Name
User-Change-Password
User-Force-Change-Password
Send-As
Receive-As
Allowed-To-Authenticate

Windows Server 2012 Validated Writes

This class contains the following validated writes for Windows Server 2012:

Common Name
Validated-DNS-Host-Name
Validated-SPN

Windows Server 2012 Property Sets

This class contains the following property sets for Windows Server 2012:

Common Name
User-Account-Restrictions
Personal-Information
Public-Information
DNS-Host-Name-Attributes
MS-TS-GatewayAccess

 

 

Show:
© 2016 Microsoft