Printout Header
RSS Feed

Attributes for ADS Users

In this section of the SelfADSI Scripting tutorial the attributes of an Active Directory Services user object will be described. There are quite a lot of attributes defined for ADS users, all these can be read and manipulated over LDAP and therefore with ADSI also. Interesting links for this topic:


MSDN docu of the schema attributes for ADS user objects MSDN general documentation of the AD Schema
Reading attributes (SelfADSI scripting tutorial whitepaper) Writing attributes (SelfADSI scripting tutorial whitepaper)
Searching directory objects for specific attribute values    

When you start dealing with attributes, it can be a bit confusing that in the MSDN documentation there is always two kinds of AD user attribute names: the internal AD database label and the official LDAP label. Unfortunately, sometimes there is no intuitive reference to the meaning of the attribute - or both names are very different from each other.


Attributes in the administrational GUI tools

From this point, you can jump to the enumeration of the AD user attributes in the regarding administrational GUI tools:


Windows 2008
ADS Users and Computers

 Windows 2000 /
Windows 2003
ADS Users and Computers

 Exchange 2003
ADS Users and Computers

Exchange 2007
Exchange Management
Console

 Services for Unix
ADS Users and Computers
ADS User und Computer 2008 ADS User und Computer 2000/2003 ADS User und Computer - Exchange 2003 Exchange 2007 Management Console ADS User und Computer - Services for Unix

< back to top

Alphabetical list of the user attributes

accountExpires
adminDescription
adminDisplayName
ADsPath
altRecipient
altRecipientBL
authOrig
authOrigBL
autoReplyMessage
badPasswordTime
badPwdCount
c (Country)
canonicalName
Class
co (Country)
company
countryCode
createTimeStamp
deletedItemFlags
delivContLength
deliverAndRedirect
department
description
directReports
displayName
displayNamePrintable
distinguishedName
dLMemRejectPerms
dLMemRejectPermsBL
dLMemSubmitPerms
dLMemSubmitPermsBL
extensionAttribute1 - 15
facsimileTelephoneNumber
garbageCollPeriod
givenName
homeDirectory
homeDrive
homeMDB
homeMTA
homePhone
info
initials
ipPhone
isDeleted
l (Location)
lastLogoff
lastLogon
lastLogonTimestamp
legacyExchangeDN
lockoutTime
logonCount
logonHours
mail
mailNickname
manager
mDBOverHardQuotaLimit
mDBOverQuotaLimit
mDBStorageQuota
mDBUseDefaults
member
memberOf
mobile
modifyTimeStamp
msCOM-UserPartitionSetLink
msDS-User-Account-Control-Computed
msExchHideFromAddressLists
msExchHomeServerName
msExchMailbox
SecurityDescriptor
msExchMasterAccountSID
msExchOmaAdmin
WirelessEnable
msExchPoliciesExcluded
msExchRecipLimit
msExchRequireAuthToSendTo
msExchUserAccountControl
msNPAllowDialin
msNPCallingStationID
msNPSavedCallingStationID
msRADIUSCallbackNumber
msRADIUSFramedIPAddress
msRADIUSFramedRoute
msRADIUSServiceType
msRASSavedCallbackNumber
msRASSavedFramedIPAddress
msRASSavedFramedRoute
msSFU30GidNumber
msSFU30HomeDirectory
msSFU30LoginShell
msSFU30Name
msSFU30NisDomain
msSFU30Password
msSFU30UidNumber
name
Name (ADSI Property)
nTSecurityDescriptor
objectCategory
objectClass
objectGUID
objectSid
other facsimileTelephoneNumber
otherHomePhone
otherIpPhone
otherMobile
otherPager
otherTelephone
pager
Parent
physicalDeliveryOfficeName
postalCode
postOfficeBox
primaryGroupID
profilePath
protocolSettings
proxyAddresses
publicDelegates
publicDelegatesBL
pwdLastSet
sAMAccountName
scriptPath
securityProtocol
sIDHistory
sn (Surname)
st (State)
streetAddress
submissionContLength
telephoneNumber
textEncodedORAddress
title
unauthOrig
unauthOrigBL
url
userAccountControl
userCertificate
userParameters
userPrincipalName
userWorkstations
uSNChanged
uSNCreated
whenChanged
whenCreated
wWWHomePage

< back to top

< back to SelfADSI home