Tables that start with the letter C and the associated parameters are given below. Click the arrow beside the table name to expand the section and view the parameters.
|
Name |
Type |
Description |
|
Id [KEY] |
String |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. |
|
DN |
String |
The full distinguished name. |
|
RDN |
String |
The relative distinguished name. |
|
BaseDN |
String |
The base distinguished name. |
|
AuthorityRevocationList |
String |
Cross certificate, Certificate Revocation List. |
|
CACertificate |
String |
Certificates of trusted Certification Authorities. |
|
CertificateRevocationList |
String |
Represents a list of certificates that have been revoked. |
|
InstanceType |
String |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. |
|
NTSecurityDescriptor |
String |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. |
|
ObjectCategory |
String |
An object class name used to group objects of this or derived classes. |
|
ObjectClass |
String |
The list of classes from which this class is derived. |
|
AdminDescription |
String |
The description displayed on admin screens. |
|
AdminDisplayName |
String |
The name to be displayed on admin screens. |
|
AllowedAttributes |
String |
Attributes that will be permitted to be assigned to a class. |
|
AllowedAttributesEffective |
String |
A list of attributes that can be modified on the object. |
|
AllowedChildClasses |
String |
Classes that can be contained by a class. |
|
AllowedChildClassesEffective |
String |
A list of classes that can be modified. |
|
BridgeheadServerListBL |
String |
The list of servers that are bridgeheads for replication. |
|
CACertificateDN |
String |
Full distinguished name from the CA certificate. |
|
CAConnect |
String |
The connection string for binding to a certification authority. |
|
CanonicalName |
String |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format.This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). |
|
CAUsages |
String |
List of OID/CSP name concatenations. |
|
CAWEBURL |
String |
URL for http connection to a certification authority. |
|
CertificateTemplates |
String |
Contains information for a certificate issued by a Certificate Server. |
|
Cn |
String |
The name that represents an object. Used to perform searches. |
|
CreateTimeStamp |
Datetime |
The date when this object was created. This value isreplicated. |
|
CRLObject |
String |
Reference to certificate revocation list object associated with a certification authority. |
|
CrossCertificatePair |
String |
V3 Cross Certificate. |
|
CurrentParentCA |
String |
Reference to the certification authorities that issued the current certificates for a certification authority. |
|
DeltaRevocationList |
String |
List of certificates that have been revoked since the last delta update. |
|
Description |
String |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. |
|
DisplayName |
String |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. |
|
DisplayNamePrintable |
String |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. |
|
DNSHostName |
String |
Name of computer as registered in DNS. |
|
DomainID |
String |
Reference to a domain that is associated with a certification authority. |
|
DomainPolicyObject |
String |
Reference to the policy object that defines the Local Security Authority policy for the host domain. |
|
DSASignature |
String |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. |
|
DSCorePropagationData |
String |
The DS-Core-Propagation-Data attribute is for internal use only. |
|
EnrollmentProviders |
String |
PKI - Certificate Templates. |
|
ExtensionName |
String |
The name of a property page used to extend the UI of a directory object. |
|
Flags |
String |
To be used by the object to store bit information. |
|
FromEntry |
String |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. |
|
FrsComputerReferenceBL |
String |
Reference to replica sets to which this computer belongs. |
|
FRSMemberReferenceBL |
String |
Reference to subscriber objects for this member. |
|
FSMORoleOwner |
String |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. |
|
IsCriticalSystemObject |
String |
If TRUE,the object hosting this attribute must be replicated during installation of a new replica. |
|
IsDeleted |
String |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. |
|
MemberOf |
String |
The distinguished name of the groups to which this object belongs. |
|
IsPrivilegeHolder |
String |
Backward link to privileges held by a given principal. |
|
LastKnownParent |
String |
The Distinguished Name (DN) of the last known parent of an orphaned object. |
|
ManagedObjects |
String |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. |
|
MasteredBy |
String |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. |
|
ModifyTimeStamp |
Datetime |
A computed attribute that represents the date when this object was last changed. This value is not replicated. |
|
MS-DS-ConsistencyChildCount |
String |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. |
|
MS-DS-ConsistencyGuid |
String |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. |
|
NetbootSCPBL |
String |
A list of service connection points that reference this NetBoot server. |
|
NonSecurityMemberBL |
String |
List of nonsecurity-members for an Exchange distribution list. |
|
DistinguishedName |
String |
Same as the Distinguished Name for an object. Used by Exchange. |
|
ObjectGUID |
String |
The unique identifier for an object. |
|
ObjectVersion |
String |
This can be used to store a version number for the object. |
|
OtherWellKnownObjects |
String |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. |
|
ParentCA |
String |
The distinguished name of a certification authority (CA) object for a parent CA. |
|
ParentCACertificateChain |
String |
DER-encoded X.509v3 certificate for the parent certification authority. |
|
PartialAttributeDeletionList |
String |
Tracks the internal replication state of partial replicas (that is, on GCs).Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. |
|
PartialAttributeSet |
String |
Tracks the internal replication state of partial replicas (that is, on GCs).Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. |
|
PendingCACertificates |
String |
The certificates that are about to become effective for this certification authority. |
|
PendingParentCA |
String |
Reference to the certification authorities that issued the pending certificates for thiscertification authority. |
|
PossibleInferiors |
String |
The list of objects that this object can contain. |
|
PreviousCACertificates |
String |
Last expired certificate for this certification authority. |
|
PreviousParentCA |
String |
Reference to the certification authorities that issued the last expired certificate for a certification authority. |
|
ProxiedObjectName |
String |
This attribute is used internally by Active Directory to help track interdomain moves. |
|
ProxyAddresses |
String |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. |
|
QueryPolicyBL |
String |
List of all objects holding references to a given Query-Policy. |
|
Name |
String |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. |
|
ReplPropertyMetaData |
String |
Tracks internal replication state information for DS objects.Information here can be extracted in public form through the public API DsReplicaGetInfo().Present on all DS objects. |
|
ReplUpToDateVector |
String |
Tracks internal replication state information for an entire NC.Information here can be extracted in public form through the API DsReplicaGetInfo().Present on all NC root objects. |
|
DirectReports |
String |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. |
|
RepsFrom |
String |
Lists the servers from which the directory will accept changes for the defined naming context. |
|
RepsTo |
String |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. |
|
Revision |
String |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. |
|
SDRightsEffective |
String |
This constructed attribute returns a single DWORD value that can have up to three bits set: |
|
SearchGuide |
String |
Specifies information of suggested search criteria, which may be included in some entries that are expected to be a convenient base-object for the search operation, for example, country/region or organization. |
|
ServerReferenceBL |
String |
Found in the domain naming context. The distinguished name of a computer under the sites folder. |
|
ShowInAdvancedViewOnly |
String |
TRUE if this attribute is to be visible in the Advanced mode of the UI. |
|
SignatureAlgorithms |
String |
This attribute indicates the type of algorithm that must be used to decode a digital signature during the authentication process. |
|
SiteObjectBL |
String |
The list of distinguished names for subnets that belong to this site. |
|
SubRefs |
String |
List of subordinate references of a Naming Context. |
|
SubSchemaSubEntry |
String |
The distinguished name for the location of the subschema object where a class or attribute is defined. |
|
SupportedApplicationContext |
String |
Specifies the object identifiers of application contexts that an OSI application supports. |
|
SystemFlags |
String |
An integer value that contains flags that define additional properties of the class.See Remarks. |
|
TeletexTerminalIdentifier |
String |
Specifies the Teletex terminal identifier and, optionally, parameters, for a teletex terminal associated with an object. |
|
USNChanged |
String |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. |
|
USNCreated |
String |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. |
|
USNDSALastObjRemoved |
String |
Contains the update sequence number (USN) for the last system object that was removed from a server. |
|
USNIntersite |
String |
The update sequence number (USN) for inter-site replication. |
|
USNLastObjRem |
String |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. |
|
USNSource |
String |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. |
|
WbemPath |
String |
References to objects in other ADSI namespaces. |
|
WellKnownObjects |
String |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object.The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): |
|
WhenChanged |
Datetime |
The date when this object was last changed. This value is not replicated and exists in the global catalog. |
|
WhenCreated |
Datetime |
The date when this object was created. This value is replicated and is in the global catalog. |
|
WWWHomePage |
String |
A web page that is the primary landing page of a website. |
|
Url |
String |
A list of alternate webpages. |
|
Name |
Type |
Description |
|
Id [KEY] |
String |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. |
|
DN |
String |
The full distinguished name. |
|
RDN |
String |
The relative distinguished name. |
|
BaseDN |
String |
The base distinguished name. |
|
InstanceType |
String |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. |
|
NTSecurityDescriptor |
String |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. |
|
ObjectCategory |
String |
An object class name used to group objects of this or derived classes. |
|
ObjectClass |
String |
The list of classes from which this class is derived. |
|
AccountExpires |
String |
The date when the account expires. This value represents the number of 100-nanosecond intervals since January 1, 1601 (UTC). A value of 0 or 0x7FFFFFFFFFFFFFFF (9223372036854775807) indicates that the account never expires. |
|
ACSPolicyName |
String |
String name of an ACS policy that applies to this user. |
|
StreetAddress |
String |
The user's address. |
|
HomePostalAddress |
String |
A user's home address. |
|
AdminCount |
String |
Indicates that a given object has had its ACLs changed to a more secure value by the system because it was a member of one of the administrative groups (directly or transitively). |
|
AdminDescription |
String |
The description displayed on admin screens. |
|
AdminDisplayName |
String |
The name to be displayed on admin screens. |
|
AllowedAttributes |
String |
Attributes that will be permitted to be assigned to a class. |
|
AllowedAttributesEffective |
String |
A list of attributes that can be modified on the object. |
|
AllowedChildClasses |
String |
Classes that can be contained by a class. |
|
AllowedChildClassesEffective |
String |
A list of classes that can be modified. |
|
Assistant |
String |
The distinguished name of a user's administrative assistant. |
|
BadPasswordTime |
String |
The last time and date that an attempt to log on to this account was made with a password that is not valid. This value is stored as a large integer that represents the number of 100-nanosecond intervals since January 1, 1601 (UTC). A value of zero means that the last time a incorrect password was used is unknown. |
|
BadPwdCount |
String |
The number of times the user tried to log on to the account using an incorrect password. A value of 0 indicates that the value is unknown. |
|
BridgeheadServerListBL |
String |
The list of servers that are bridgeheads for replication. |
|
CanonicalName |
String |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format.This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). |
|
Catalogs |
String |
The list of catalogs that index storage on a given computer. |
|
CodePage |
String |
Specifies the code page for the user's language of choice. This value is not used by Windows 2000. |
|
Cn |
String |
The name that represents an object. Used to perform searches. |
|
Company |
String |
The user's company name. |
|
ControlAccessRights |
String |
Used by DS Security to determine which users can perform specific operations on the host object. |
|
CountryCode |
String |
Specifies the country/region code for the user's language of choice. This value is not used by Windows 2000. |
|
C |
String |
The country/region in the address of the user. The country/region is represented as a 2-character code based on ISO-3166. |
|
CreateTimeStamp |
Datetime |
The date when this object was created. This value isreplicated. |
|
DBCSPwd |
String |
The account's LAN Manager password. |
|
DefaultClassStore |
String |
The default Class Store for a given user. |
|
DefaultLocalPolicyObject |
String |
A reference to a Policy object that defines the local policy for the host object. |
|
Department |
String |
Contains the name for the department in which the user works. |
|
Description |
String |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. |
|
DesktopProfile |
String |
The location of the desktop profile for a user or group of users. Not used. |
|
DestinationIndicator |
String |
This is part of the X.500 specification andnot used by NTDS. |
|
DisplayName |
String |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. |
|
DisplayNamePrintable |
String |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. |
|
Division |
String |
The user's division. |
|
DNSHostName |
String |
Name of computer as registered in DNS. |
|
DSASignature |
String |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. |
|
DSCorePropagationData |
String |
The DS-Core-Propagation-Data attribute is for internal use only. |
|
DynamicLDAPServer |
String |
DNS name of server handing dynamic properties for this account. |
|
|
String |
The list of email addresses for a contact. |
|
EmployeeID |
String |
The ID of an employee. |
|
ExtensionName |
String |
The name of a property page used to extend the UI of a directory object. |
|
FacsimileTelephoneNumber |
String |
Contains telephone number of the user's business fax machine. |
|
Flags |
String |
To be used by the object to store bit information. |
|
FromEntry |
String |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. |
|
FrsComputerReferenceBL |
String |
Reference to replica sets to which this computer belongs. |
|
FRSMemberReferenceBL |
String |
Reference to subscriber objects for this member. |
|
FSMORoleOwner |
String |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. |
|
GenerationQualifier |
String |
Indicates a person generation. For example, Jr. or II. |
|
GivenName |
String |
Contains the given name (first name) of the user. |
|
GroupMembershipSAM |
String |
Windows NT Security. Down level Windows NT support. |
|
GroupPriority |
String |
The Group-Priority attribute is not currently used. |
|
GroupsToIgnore |
String |
The Groups-to-Ignore attribute is not currently used. |
|
HomeDirectory |
String |
The home directory for the account. If homeDrive is set and specifies a drive letter, homeDirectory must be a UNC path. Otherwise, homeDirectory is a fully qualified local path including the drive letter (for example, DriveLetter:\Directory\Folder). This value can be a null string. |
|
HomeDrive |
String |
Specifies the drive letter to which to map the UNC path specified by homeDirectory. The drive letter must be specified in the form DriveLetter: where DriveLetter is the letter of the drive to map. The DriveLetter must be a single, uppercase letter and the colon (:) is required. |
|
Initials |
String |
Contains the initials for parts of the user's full name. This may be used as the middle initial in the Windows Address Book. |
|
InternationalISDNNumber |
String |
Specifies an International ISDN Number associated with an object. |
|
IsCriticalSystemObject |
String |
If TRUE,the object hosting this attribute must be replicated during installation of a new replica. |
|
IsDeleted |
String |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. |
|
MemberOf |
String |
The distinguished name of the groups to which this object belongs. |
|
IsPrivilegeHolder |
String |
Backward link to privileges held by a given principal. |
|
LastKnownParent |
String |
The Distinguished Name (DN) of the last known parent of an orphaned object. |
|
LastLogoff |
String |
This attribute is not used. |
|
LastLogon |
String |
The last time the user logged on. This value is stored as a large integer that represents the number of 100-nanosecond intervals since January 1, 1601 (UTC). A value of zero means that the last logon time is unknown. |
|
LmPwdHistory |
String |
The password history of the user in LAN Manager (LM) one-way format (OWF). The LM OWF is used for compatibility with LAN Manager 2.x clients, Windows 95, and Windows 98. |
|
LocaleID |
String |
This attribute contains a list of locale IDs supported by this application. A locale ID represents a geographic location, such as a country/region, city, county, and so on. |
|
L |
String |
Represents the name of a locality, such as a town or city. |
|
LocalPolicyFlags |
String |
Flags that determine where a computer gets its policy. Local-Policy-Reference. |
|
Location |
String |
The user's location, such as office number. |
|
LockoutTime |
String |
The date and time (UTC) that this account was locked out. This value is stored as a large integer that represents the number of 100-nanosecond intervals since January 1, 1601 (UTC). A value of zero means that the account is not currently locked out. |
|
ThumbnailLogo |
String |
BLOB that contains a logo for this object. |
|
LogonCount |
String |
The number of times the account has successfully logged on. A value of 0 indicates that the value is unknown. |
|
LogonHours |
String |
The hours that the user is allowed to logon to the domain. |
|
LogonWorkstation |
String |
This attribute is not used. See the User-Workstations attribute. |
|
MachineRole |
String |
Role for a machine: DC, Server, or Workstation. |
|
ManagedBy |
String |
The distinguished name of the user that is assigned to manage this object. |
|
ManagedObjects |
String |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. |
|
Manager |
String |
Contains the distinguished name of the user who is the user's manager. The manager's user object contains a directReports property that contains references to all user objects that have their manager properties set to this distinguished name. |
|
MasteredBy |
String |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. |
|
MaxStorage |
String |
The maximum amount of disk space the user can use. Use the value specified in USER_MAXSTORAGE_UNLIMITED to use all available disk space. |
|
MhsORAddress |
String |
X.400 address. |
|
ModifyTimeStamp |
Datetime |
A computed attribute that represents the date when this object was last changed. This value is not replicated. |
|
MS-DS-ConsistencyChildCount |
String |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. |
|
MS-DS-ConsistencyGuid |
String |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. |
|
MS-DS-CreatorSID |
String |
The security ID of the creator of the object that contains this attribute. |
|
MSMQDigests |
String |
An array of digests of the corresponding certificates in attribute mSMQ-Sign-Certificates. They are used for mapping a digest into a certificate. |
|
MSMQDigestsMig |
String |
In MSMQ mixed-mode, contains the previous value of mSMQDigests. |
|
MSMQSignCertificates |
String |
This attribute contains a number of certificates. A user can generate a certificate per computer.For each certificate we also keep a digest. |
|
MSMQSignCertificatesMig |
String |
In MSMQ mixed-mode, the attribute contains the previous value of mSMQSignCertificates. MSMQ supports migration from the MSMQ 1.0 DS to the Windows 2000 DS, and mixed mode specifies a state in which some of the DS severs were not upgraded to Windows 2000. |
|
MsNPAllowDialin |
String |
Indicates whether the account has permission to dial in to the RAS server. Do not modify this value directly. Use the appropriate RAS administration function to modify this value. |
|
MsNPCallingStationID |
String |
The msNPCallingStationID attribute is used internally. Do not modify this value directly. |
|
MsNPSavedCallingStationID |
String |
The msNPSavedCallingStationID attribute is used internally. Do not modify this value directly. |
|
MsRADIUSCallbackNumber |
String |
The msRADIUSCallbackNumber attribute is used internally. Do not modify this value directly. |
|
MsRADIUSFramedIPAddress |
String |
The msRADIUSFramedIPAddress attribute is used internally. Do not modify this value directly. |
|
MsRADIUSFramedRoute |
String |
The msRADIUSFramedRoute attribute is used internally. Do not modify this value directly. |
|
MsRADIUSServiceType |
String |
The msRADIUSServiceType attribute is used internally. Do not modify this value directly. |
|
MsRASSavedCallbackNumber |
String |
The msRASSavedCallbackNumber attribute is used internally. Do not modify this value directly. |
|
MsRASSavedFramedIPAddress |
String |
The msRASSavedFramedIPAddress attribute is used internally. Do not modify this value directly. |
|
MsRASSavedFramedRoute |
String |
The msRASSavedFramedRoute attribute is used internally. Do not modify this value directly. |
|
NetbootGUID |
String |
Diskless boot: A computer's on-board GUID. Corresponds to the computer's network card MAC address. |
|
NetbootInitialization |
String |
Default boot path for diskless boot. |
|
NetbootMachineFilePath |
String |
This attribute specifies the server that answers the client. Beginning with the Windows Server 2003 operating system, it can indicate the Startrom.com that the client gets. |
|
NetbootMirrorDataFile |
String |
The Netboot-Mirror-Data-File attribute is reserved for internal use. |
|
NetbootSCPBL |
String |
A list of service connection points that reference this NetBoot server. |
|
NetbootSIFFile |
String |
The Netboot-SIF-File attribute is reserved for internal use. |
|
NetworkAddress |
String |
The TCP/IP address for a network segment. Also called the subnet address. |
|
NonSecurityMemberBL |
String |
List of nonsecurity-members for an Exchange distribution list. |
|
NtPwdHistory |
String |
The password history of the user in Windows NT one-way format (OWF). Windows 2000 uses the Windows NT OWF. |
|
DistinguishedName |
String |
Same as the Distinguished Name for an object. Used by Exchange. |
|
ObjectGUID |
String |
The unique identifier for an object. |
|
ObjectVersion |
String |
This can be used to store a version number for the object. |
|
OperatingSystem |
String |
The Operating System name, for example, Windows Vista Enterprise. |
|
OperatingSystemHotfix |
String |
The hotfix level of the operating system. |
|
OperatingSystemServicePack |
String |
The operating system service pack ID string (for example, SP3). |
|
OperatingSystemVersion |
String |
The operating system version string, for example, 4.0. |
|
OperatorCount |
String |
Operator count. |
|
Ou |
String |
The name of the organizational unit. |
|
O |
String |
The name of the company or organization. |
|
OtherLoginWorkstations |
String |
Non-Windows NT or LAN Manager workstations from which a user can log on. |
|
OtherMailbox |
String |
Contains other additional mail addresses in a form such as CCMAIL: BruceKeever. |
|
MiddleName |
String |
Additional names for a user. For example, middle name,patronymic, matronymic, or others. |
|
OtherWellKnownObjects |
String |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. |
|
PartialAttributeDeletionList |
String |
Tracks the internal replication state of partial replicas (that is, on GCs).Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. |
|
PartialAttributeSet |
String |
Tracks the internal replication state of partial replicas (that is, on GCs).Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. |
|
PersonalTitle |
String |
The user's title. |
|
OtherFacsimileTelephoneNumber |
String |
A list of alternate facsimile numbers. |
|
OtherHomePhone |
String |
A list of alternate home phone numbers. |
|
HomePhone |
String |
The user's main home phone number. |
|
OtherIpPhone |
String |
The list of alternate TCP/IP addresses for the phone. Used by Telephony. |
|
IpPhone |
String |
The TCP/IP address for the phone. Used by Telephony. |
|
PrimaryInternationalISDNNumber |
String |
The primary ISDN. |
|
OtherMobile |
String |
A list of alternate mobile phone numbers. |
|
Mobile |
String |
The primary mobile phone number. |
|
OtherTelephone |
String |
A list of alternate office phone numbers. |
|
OtherPager |
String |
A list of alternate pager numbers. |
|
Pager |
String |
The primary pager number. |
|
PhysicalDeliveryOfficeName |
String |
Contains the office location in the user's place of business. |
|
PhysicalLocationObject |
String |
Used to map a device (for example, a printer, computer, and so on) to a physical location. |
|
ThumbnailPhoto |
String |
An image of the user.A space-efficient format like JPEG or GIF is recommended. |
|
PolicyReplicationFlags |
String |
Determines which LSA properties are replicated to clients. |
|
PossibleInferiors |
String |
The list of objects that this object can contain. |
|
PostalAddress |
String |
The mailing address for the object. |
|
PostalCode |
String |
The postal or zip code for mail delivery. |
|
PostOfficeBox |
String |
The post office box number for this object. |
|
PreferredDeliveryMethod |
String |
The X.500-preferred way to deliver to addressee. |
|
PreferredOU |
String |
The Organizational Unit to show by default on user' s desktop. |
|
PrimaryGroupID |
String |
Contains the relative identifier (RID) for the primary group of the user. By default, this is the RID for the Domain Users group. |
|
ProfilePath |
String |
Specifies a path to the user's profile. This value can be a null string, a local absolute path, or a UNC path. |
|
ProxiedObjectName |
String |
This attribute is used internally by Active Directory to help track interdomain moves. |
|
ProxyAddresses |
String |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. |
|
PwdLastSet |
String |
The date and time that the password for this account was last changed. This value is stored as a large integer that represents the number of 100 nanosecond intervals since January 1, 1601 (UTC). If this value is set to 0 and the User-Account-Control attribute does not contain the UF_DONT_EXPIRE_PASSWD flag, then the user must set the password at the next logon. |
|
QueryPolicyBL |
String |
List of all objects holding references to a given Query-Policy. |
|
Name |
String |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. |
|
RegisteredAddress |
String |
Specifies a mnemonic for an address associated with an object at a particular city location. The mnemonic is registered in the country/region in which the city is located and is used in the provision of the Public Telegram Service. |
|
ReplPropertyMetaData |
String |
Tracks internal replication state information for DS objects.Information here can be extracted in public form through the public API DsReplicaGetInfo().Present on all DS objects. |
|
ReplUpToDateVector |
String |
Tracks internal replication state information for an entire NC.Information here can be extracted in public form through the API DsReplicaGetInfo().Present on all NC root objects. |
|
DirectReports |
String |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. |
|
RepsFrom |
String |
Lists the servers from which the directory will accept changes for the defined naming context. |
|
RepsTo |
String |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. |
|
Revision |
String |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. |
|
RIDSetReferences |
String |
List of references to RID-Set objects that manage Relative Identifier (RID) allocation. |
|
ScriptPath |
String |
This attribute specifies the path for the user's logon script. The string can be null. |
|
SDRightsEffective |
String |
This constructed attribute returns a single DWORD value that can have up to three bits set: |
|
SeeAlso |
String |
List of distinguished names that are related to an object. |
|
ServerReferenceBL |
String |
Found in the domain naming context. The distinguished name of a computer under the sites folder. |
|
ServicePrincipalName |
String |
List of principal names used for mutual authentication with an instance of a service on this computer. |
|
ShowInAdvancedViewOnly |
String |
TRUE if this attribute is to be visible in the Advanced mode of the UI. |
|
SiteGUID |
String |
The unique identifier for a site. |
|
SiteObjectBL |
String |
The list of distinguished names for subnets that belong to this site. |
|
St |
String |
The name of a user's state or province. |
|
Street |
String |
The street address. |
|
SubRefs |
String |
List of subordinate references of a Naming Context. |
|
SubSchemaSubEntry |
String |
The distinguished name for the location of the subschema object where a class or attribute is defined. |
|
Sn |
String |
This attribute contains the family or last name for a user. |
|
SystemFlags |
String |
An integer value that contains flags that define additional properties of the class.See Remarks. |
|
TelephoneNumber |
String |
The primary telephone number. |
|
TeletexTerminalIdentifier |
String |
Specifies the Teletex terminal identifier and, optionally, parameters, for a teletex terminal associated with an object. |
|
TelexNumber |
String |
A list of alternate telex numbers. |
|
PrimaryTelexNumber |
String |
The primary telex number. |
|
TerminalServer |
String |
Opaque data used by the Windows NT terminal server. |
|
Co |
String |
The country/region in which the user is located. |
|
Title |
String |
Contains the user's job title. This property is commonly used to indicate the formal job title, such as Senior Programmer, rather than occupational class, such as programmer. It is not typically used for suffix titles such as Esq. or DDS. |
|
UnicodePwd |
String |
The password of the user in Windows NT one-way format (OWF). Windows 2000 uses the Windows NT OWF. This property is used only by the operating system. Note that you cannot derive the clear password back from the OWF form of the password. |
|
UserAccountControl |
String |
Flags that control the behavior of the user account. |
|
Comment |
String |
The user's comments. |
|
UserParameters |
String |
Parameters of the user. Points to a Unicode string that is set aside for use by applications. This string can be a null string, or it can have any number of characters before the terminating null character. Microsoft products use this member to store user data specific to the individual program. |
|
UserPassword |
String |
The user's password in UTF-8 format. This is a write-only attribute. |
|
UserPrincipalName |
String |
This attribute contains the UPN that is an Internet-style login name for a user based on the Internet standard RFC 822. The UPN is shorter than the distinguished name and easier to remember. By convention, this should map to the user email name.The value set for this attribute is equal to the length of the user's ID and the domain name.For more information about this attribute, see User Naming Attributes. |
|
UserSharedFolder |
String |
Specifies a UNC path to the user's shared documents folder. The path must be a network UNC path of the form \\Server\Share\Directory. This value can be a null string. |
|
UserSharedFolderOther |
String |
Specifies a UNC path to the user's additional shared documents folder. The path must be a network UNC path of the form \\Server\Share\Directory. This value can be a null string. |
|
UserWorkstations |
String |
Contains the NetBIOS or DNS names of the computers running Windows NT Workstation or Windows 2000 Professional from which the user can log on. Each NetBIOS name is separated by a comma. Multiple names should be separated by commas. |
|
USNChanged |
String |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. |
|
USNCreated |
String |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. |
|
USNDSALastObjRemoved |
String |
Contains the update sequence number (USN) for the last system object that was removed from a server. |
|
USNIntersite |
String |
The update sequence number (USN) for inter-site replication. |
|
USNLastObjRem |
String |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. |
|
USNSource |
String |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. |
|
VolumeCount |
String |
The tracked volume quota for a given computer. |
|
WbemPath |
String |
References to objects in other ADSI namespaces. |
|
WellKnownObjects |
String |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object.The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): |
|
WhenChanged |
Datetime |
The date when this object was last changed. This value is not replicated and exists in the global catalog. |
|
WhenCreated |
Datetime |
The date when this object was created. This value is replicated and is in the global catalog. |
|
WWWHomePage |
String |
A web page that is the primary landing page of a website. |
|
Url |
String |
A list of alternate webpages. |
|
X121Address |
String |
The X.121 address for an object. |
|
UserCertificate |
String |
Contains the DER-encoded X.509v3 certificates issued to the user. Note that this property contains the public key certificates issued to this user by Microsoft Certificate Service. |
|
Name |
Type |
Description |
|
Id [KEY] |
String |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. |
|
DN |
String |
The full distinguished name. |
|
RDN |
String |
The relative distinguished name. |
|
BaseDN |
String |
The base distinguished name. |
|
InstanceType |
String |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. |
|
NTSecurityDescriptor |
String |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. |
|
ObjectCategory |
String |
An object class name used to group objects of this or derived classes. |
|
ObjectClass |
String |
The list of classes from which this class is derived. |
|
Notes |
String |
Free text for notes on object. |
|
StreetAddress |
String |
The user's address. |
|
HomePostalAddress |
String |
A user's home address. |
|
AdminDescription |
String |
The description displayed on admin screens. |
|
AdminDisplayName |
String |
The name to be displayed on admin screens. |
|
AllowedAttributes |
String |
Attributes that will be permitted to be assigned to a class. |
|
AllowedAttributesEffective |
String |
A list of attributes that can be modified on the object. |
|
AllowedChildClasses |
String |
Classes that can be contained by a class. |
|
AllowedChildClassesEffective |
String |
A list of classes that can be modified. |
|
Assistant |
String |
The distinguished name of a user's administrative assistant. |
|
BridgeheadServerListBL |
String |
The list of servers that are bridgeheads for replication. |
|
CanonicalName |
String |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format.This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). |
|
Info |
String |
The user's comments. This string can be a null string. |
|
Cn |
String |
The name that represents an object. Used to perform searches. |
|
Company |
String |
The user's company name. |
|
CountryCode |
String |
Specifies the country/region code for the user's language of choice. This value is not used by Windows 2000. |
|
C |
String |
The country/region in the address of the user. The country/region is represented as a 2-character code based on ISO-3166. |
|
CreateTimeStamp |
Datetime |
The date when this object was created. This value isreplicated. |
|
Department |
String |
Contains the name for the department in which the user works. |
|
Description |
String |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. |
|
DestinationIndicator |
String |
This is part of the X.500 specification andnot used by NTDS. |
|
DisplayName |
String |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. |
|
DisplayNamePrintable |
String |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. |
|
Division |
String |
The user's division. |
|
DSASignature |
String |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. |
|
DSCorePropagationData |
String |
The DS-Core-Propagation-Data attribute is for internal use only. |
|
|
String |
The list of email addresses for a contact. |
|
EmployeeID |
String |
The ID of an employee. |
|
ExtensionName |
String |
The name of a property page used to extend the UI of a directory object. |
|
FacsimileTelephoneNumber |
String |
Contains telephone number of the user's business fax machine. |
|
Flags |
String |
To be used by the object to store bit information. |
|
FromEntry |
String |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. |
|
FrsComputerReferenceBL |
String |
Reference to replica sets to which this computer belongs. |
|
FRSMemberReferenceBL |
String |
Reference to subscriber objects for this member. |
|
FSMORoleOwner |
String |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. |
|
GarbageCollPeriod |
String |
This attribute is located on the CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,... object.It represents the time, in hours, between DS garbage collection runs. |
|
GenerationQualifier |
String |
Indicates a person generation. For example, Jr. or II. |
|
GivenName |
String |
Contains the given name (first name) of the user. |
|
Initials |
String |
Contains the initials for parts of the user's full name. This may be used as the middle initial in the Windows Address Book. |
|
InternationalISDNNumber |
String |
Specifies an International ISDN Number associated with an object. |
|
IsCriticalSystemObject |
String |
If TRUE,the object hosting this attribute must be replicated during installation of a new replica. |
|
IsDeleted |
String |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. |
|
MemberOf |
String |
The distinguished name of the groups to which this object belongs. |
|
IsPrivilegeHolder |
String |
Backward link to privileges held by a given principal. |
|
LastKnownParent |
String |
The Distinguished Name (DN) of the last known parent of an orphaned object. |
|
LegacyExchangeDN |
String |
The distinguished name previously used by Exchange. |
|
L |
String |
Represents the name of a locality, such as a town or city. |
|
ThumbnailLogo |
String |
BLOB that contains a logo for this object. |
|
ManagedObjects |
String |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. |
|
Manager |
String |
Contains the distinguished name of the user who is the user's manager. The manager's user object contains a directReports property that contains references to all user objects that have their manager properties set to this distinguished name. |
|
MasteredBy |
String |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. |
|
MhsORAddress |
String |
X.400 address. |
|
ModifyTimeStamp |
Datetime |
A computed attribute that represents the date when this object was last changed. This value is not replicated. |
|
MS-DS-ConsistencyChildCount |
String |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. |
|
MS-DS-ConsistencyGuid |
String |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. |
|
NetbootSCPBL |
String |
A list of service connection points that reference this NetBoot server. |
|
NonSecurityMemberBL |
String |
List of nonsecurity-members for an Exchange distribution list. |
|
DistinguishedName |
String |
Same as the Distinguished Name for an object. Used by Exchange. |
|
ObjectGUID |
String |
The unique identifier for an object. |
|
ObjectVersion |
String |
This can be used to store a version number for the object. |
|
Ou |
String |
The name of the organizational unit. |
|
O |
String |
The name of the company or organization. |
|
OtherMailbox |
String |
Contains other additional mail addresses in a form such as CCMAIL: BruceKeever. |
|
MiddleName |
String |
Additional names for a user. For example, middle name,patronymic, matronymic, or others. |
|
OtherWellKnownObjects |
String |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. |
|
PartialAttributeDeletionList |
String |
Tracks the internal replication state of partial replicas (that is, on GCs).Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. |
|
PartialAttributeSet |
String |
Tracks the internal replication state of partial replicas (that is, on GCs).Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. |
|
PersonalTitle |
String |
The user's title. |
|
OtherFacsimileTelephoneNumber |
String |
A list of alternate facsimile numbers. |
|
OtherHomePhone |
String |
A list of alternate home phone numbers. |
|
HomePhone |
String |
The user's main home phone number. |
|
OtherIpPhone |
String |
The list of alternate TCP/IP addresses for the phone. Used by Telephony. |
|
IpPhone |
String |
The TCP/IP address for the phone. Used by Telephony. |
|
PrimaryInternationalISDNNumber |
String |
The primary ISDN. |
|
OtherMobile |
String |
A list of alternate mobile phone numbers. |
|
Mobile |
String |
The primary mobile phone number. |
|
OtherTelephone |
String |
A list of alternate office phone numbers. |
|
OtherPager |
String |
A list of alternate pager numbers. |
|
Pager |
String |
The primary pager number. |
|
PhysicalDeliveryOfficeName |
String |
Contains the office location in the user's place of business. |
|
ThumbnailPhoto |
String |
An image of the user.A space-efficient format like JPEG or GIF is recommended. |
|
PossibleInferiors |
String |
The list of objects that this object can contain. |
|
PostalAddress |
String |
The mailing address for the object. |
|
PostalCode |
String |
The postal or zip code for mail delivery. |
|
PostOfficeBox |
String |
The post office box number for this object. |
|
PreferredDeliveryMethod |
String |
The X.500-preferred way to deliver to addressee. |
|
ProxiedObjectName |
String |
This attribute is used internally by Active Directory to help track interdomain moves. |
|
ProxyAddresses |
String |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. |
|
QueryPolicyBL |
String |
List of all objects holding references to a given Query-Policy. |
|
Name |
String |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. |
|
RegisteredAddress |
String |
Specifies a mnemonic for an address associated with an object at a particular city location. The mnemonic is registered in the country/region in which the city is located and is used in the provision of the Public Telegram Service. |
|
ReplPropertyMetaData |
String |
Tracks internal replication state information for DS objects.Information here can be extracted in public form through the public API DsReplicaGetInfo().Present on all DS objects. |
|
ReplUpToDateVector |
String |
Tracks internal replication state information for an entire NC.Information here can be extracted in public form through the API DsReplicaGetInfo().Present on all NC root objects. |
|
DirectReports |
String |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. |
|
RepsFrom |
String |
Lists the servers from which the directory will accept changes for the defined naming context. |
|
RepsTo |
String |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. |
|
Revision |
String |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. |
|
SDRightsEffective |
String |
This constructed attribute returns a single DWORD value that can have up to three bits set: |
|
SeeAlso |
String |
List of distinguished names that are related to an object. |
|
ServerReferenceBL |
String |
Found in the domain naming context. The distinguished name of a computer under the sites folder. |
|
ShowInAddressBook |
String |
This attribute is used to indicate in which MAPI address books an object will appear. It is usually maintained by the Exchange Recipient Update Service. |
|
ShowInAdvancedViewOnly |
String |
TRUE if this attribute is to be visible in the Advanced mode of the UI. |
|
SiteObjectBL |
String |
The list of distinguished names for subnets that belong to this site. |
|
St |
String |
The name of a user's state or province. |
|
Street |
String |
The street address. |
|
SubRefs |
String |
List of subordinate references of a Naming Context. |
|
SubSchemaSubEntry |
String |
The distinguished name for the location of the subschema object where a class or attribute is defined. |
|
Sn |
String |
This attribute contains the family or last name for a user. |
|
SystemFlags |
String |
An integer value that contains flags that define additional properties of the class.See Remarks. |
|
TelephoneNumber |
String |
The primary telephone number. |
|
TeletexTerminalIdentifier |
String |
Specifies the Teletex terminal identifier and, optionally, parameters, for a teletex terminal associated with an object. |
|
TelexNumber |
String |
A list of alternate telex numbers. |
|
PrimaryTelexNumber |
String |
The primary telex number. |
|
Co |
String |
The country/region in which the user is located. |
|
TextEncodedORAddress |
String |
This attribute is used to support X.400 addresses in a text format. |
|
Title |
String |
Contains the user's job title. This property is commonly used to indicate the formal job title, such as Senior Programmer, rather than occupational class, such as programmer. It is not typically used for suffix titles such as Esq. or DDS. |
|
UserCert |
String |
Nortel v1 or DMS certificates. |
|
Comment |
String |
The user's comments. |
|
UserPassword |
String |
The user's password in UTF-8 format. This is a write-only attribute. |
|
UserSMIMECertificate |
String |
Certificate distribution object or tagged certificates. |
|
USNChanged |
String |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. |
|
USNCreated |
String |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. |
|
USNDSALastObjRemoved |
String |
Contains the update sequence number (USN) for the last system object that was removed from a server. |
|
USNIntersite |
String |
The update sequence number (USN) for inter-site replication. |
|
USNLastObjRem |
String |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. |
|
USNSource |
String |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. |
|
WbemPath |
String |
References to objects in other ADSI namespaces. |
|
WellKnownObjects |
String |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object.The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): |
|
WhenChanged |
Datetime |
The date when this object was last changed. This value is not replicated and exists in the global catalog. |
|
WhenCreated |
Datetime |
The date when this object was created. This value is replicated and is in the global catalog. |
|
WWWHomePage |
String |
A web page that is the primary landing page of a website. |
|
Url |
String |
A list of alternate webpages. |
|
X121Address |
String |
The X.121 address for an object. |
|
UserCertificate |
String |
Contains the DER-encoded X.509v3 certificates issued to the user. Note that this property contains the public key certificates issued to this user by Microsoft Certificate Service. |
|
Name |
Type |
Description |
|
Id [KEY] |
String |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. |
|
DN |
String |
The full distinguished name. |
|
RDN |
String |
The relative distinguished name. |
|
BaseDN |
String |
The base distinguished name. |
|
AuthorityRevocationList |
String |
Cross certificate, Certificate Revocation List. |
|
CertificateRevocationList |
String |
Represents a list of certificates that have been revoked. |
|
InstanceType |
String |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. |
|
NTSecurityDescriptor |
String |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. |
|
ObjectCategory |
String |
An object class name used to group objects of this or derived classes. |
|
ObjectClass |
String |
The list of classes from which this class is derived. |
|
AdminDescription |
String |
The description displayed on admin screens. |
|
AdminDisplayName |
String |
The name to be displayed on admin screens. |
|
AllowedAttributes |
String |
Attributes that will be permitted to be assigned to a class. |
|
AllowedAttributesEffective |
String |
A list of attributes that can be modified on the object. |
|
AllowedChildClasses |
String |
Classes that can be contained by a class. |
|
AllowedChildClassesEffective |
String |
A list of classes that can be modified. |
|
BridgeheadServerListBL |
String |
The list of servers that are bridgeheads for replication. |
|
CanonicalName |
String |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format.This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). |
|
CertificateAuthorityObject |
String |
Reference to the certification authority associated with a Certificate Revocation List distribution point. |
|
Cn |
String |
The name that represents an object. Used to perform searches. |
|
CreateTimeStamp |
Datetime |
The date when this object was created. This value isreplicated. |
|
CRLPartitionedRevocationList |
String |
Public Key Infrastructure-revocation lists. |
|
DeltaRevocationList |
String |
List of certificates that have been revoked since the last delta update. |
|
Description |
String |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. |
|
DisplayName |
String |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. |
|
DisplayNamePrintable |
String |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. |
|
DSASignature |
String |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. |
|
DSCorePropagationData |
String |
The DS-Core-Propagation-Data attribute is for internal use only. |
|
ExtensionName |
String |
The name of a property page used to extend the UI of a directory object. |
|
Flags |
String |
To be used by the object to store bit information. |
|
FromEntry |
String |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. |
|
FrsComputerReferenceBL |
String |
Reference to replica sets to which this computer belongs. |
|
FRSMemberReferenceBL |
String |
Reference to subscriber objects for this member. |
|
FSMORoleOwner |
String |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. |
|
IsCriticalSystemObject |
String |
If TRUE,the object hosting this attribute must be replicated during installation of a new replica. |
|
IsDeleted |
String |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. |
|
MemberOf |
String |
The distinguished name of the groups to which this object belongs. |
|
IsPrivilegeHolder |
String |
Backward link to privileges held by a given principal. |
|
LastKnownParent |
String |
The Distinguished Name (DN) of the last known parent of an orphaned object. |
|
ManagedObjects |
String |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. |
|
MasteredBy |
String |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. |
|
ModifyTimeStamp |
Datetime |
A computed attribute that represents the date when this object was last changed. This value is not replicated. |
|
MS-DS-ConsistencyChildCount |
String |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. |
|
MS-DS-ConsistencyGuid |
String |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. |
|
NetbootSCPBL |
String |
A list of service connection points that reference this NetBoot server. |
|
NonSecurityMemberBL |
String |
List of nonsecurity-members for an Exchange distribution list. |
|
DistinguishedName |
String |
Same as the Distinguished Name for an object. Used by Exchange. |
|
ObjectGUID |
String |
The unique identifier for an object. |
|
ObjectVersion |
String |
This can be used to store a version number for the object. |
|
OtherWellKnownObjects |
String |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. |
|
PartialAttributeDeletionList |
String |
Tracks the internal replication state of partial replicas (that is, on GCs).Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. |
|
PartialAttributeSet |
String |
Tracks the internal replication state of partial replicas (that is, on GCs).Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. |
|
PossibleInferiors |
String |
The list of objects that this object can contain. |
|
ProxiedObjectName |
String |
This attribute is used internally by Active Directory to help track interdomain moves. |
|
ProxyAddresses |
String |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. |
|
QueryPolicyBL |
String |
List of all objects holding references to a given Query-Policy. |
|
Name |
String |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. |
|
ReplPropertyMetaData |
String |
Tracks internal replication state information for DS objects.Information here can be extracted in public form through the public API DsReplicaGetInfo().Present on all DS objects. |
|
ReplUpToDateVector |
String |
Tracks internal replication state information for an entire NC.Information here can be extracted in public form through the API DsReplicaGetInfo().Present on all NC root objects. |
|
DirectReports |
String |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. |
|
RepsFrom |
String |
Lists the servers from which the directory will accept changes for the defined naming context. |
|
RepsTo |
String |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. |
|
Revision |
String |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. |
|
SDRightsEffective |
String |
This constructed attribute returns a single DWORD value that can have up to three bits set: |
|
ServerReferenceBL |
String |
Found in the domain naming context. The distinguished name of a computer under the sites folder. |
|
ShowInAdvancedViewOnly |
String |
TRUE if this attribute is to be visible in the Advanced mode of the UI. |
|
SiteObjectBL |
String |
The list of distinguished names for subnets that belong to this site. |
|
SubRefs |
String |
List of subordinate references of a Naming Context. |
|
SubSchemaSubEntry |
String |
The distinguished name for the location of the subschema object where a class or attribute is defined. |
|
SystemFlags |
String |
An integer value that contains flags that define additional properties of the class.See Remarks. |
|
USNChanged |
String |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. |
|
USNCreated |
String |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. |
|
USNDSALastObjRemoved |
String |
Contains the update sequence number (USN) for the last system object that was removed from a server. |
|
USNIntersite |
String |
The update sequence number (USN) for inter-site replication. |
|
USNLastObjRem |
String |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. |
|
USNSource |
String |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. |
|
WbemPath |
String |
References to objects in other ADSI namespaces. |
|
WellKnownObjects |
String |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object.The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): |
|
WhenChanged |
Datetime |
The date when this object was last changed. This value is not replicated and exists in the global catalog. |
|
WhenCreated |
Datetime |
The date when this object was created. This value is replicated and is in the global catalog. |
|
WWWHomePage |
String |
A web page that is the primary landing page of a website. |
|
Url |
String |
A list of alternate webpages. |