Printout Header
RSS Feed

Table of Content > Attributes for Active Directory Users > objectClass

Attributes for AD Users : objectClass

The Active Directory attribute objectClass represents the classification of user objects in the Active Directory schema hierarchy. Besides the class 'user', all higher-ranking classes, from which the user class is derived, are listet here.


objectClass


LDAP name objectClass
Data type String
Multivalue (Array) Yes
System Flags

0x12
Search Flags 0x08
In Global Catalog? Yes
Attribute ID 2.5.4.0
AD DB attribute name Object-Class
ADSI datatype 3 - String(Object Identifier)
LDAP syntax 1.3.6.1.4.1.1466.115.121.1.38 - OID
Used in ... > W2K
Schema Info Microsoft - MSDN

The object class of a user object is always the following array:


    - top
    - person
    - organizationalPerson
    - user


The schema class organizationalPerson represents hereby the actual object class of the mailbox - this is the class you must provide when you want to create a user object. This main class (also called structural class) is always the last array member in Active Directory environments - this is a difference to Exchange 5.5 object classes). If you want to make sure that the object you deal with actually is a user you have to use the following script code:


Set obj = GetObject("LDAP://.... classArray = obj.objectClass If (classArray(UBound(classArray)) = "user") Then . . . End If
Download ScriptDownload Icon

Even easier would be the use of the ADSI-Interface attribute Class because then the actual object class 'user' is returned without array and the check for the object class would look like this:


Set obj = GetObject("LDAP://.... If (obj.class = "user") Then . . . End If
Download ScriptDownload Icon

Note: If you use the LDAP filter "(objectClass=user)" to search the directory for user objects, you get as a result user AND computer objects. This is because computer objects have (amongst others) the objectclass "user", too. The filter for the "real" users should be like this: "((&objectClass=user)(objectCategory=Person))" . You can get more information about this point in the SelfADSI tutorial in topic "Searching Objects".


The other classes "organizationalPerson", "person" and "Top" are the superior classes from which user is deduced hierarchically. When a user object is created, the attribute objectClass can't be changed afterwards.

< back to attribute list

< back to SelfADSI home