DIT-Content-Rules

Content rules define the possible contents of the class instances stored in a directory service. In Active Directory the contetnt rules are completely expressed by the System-Must-Have and System-May-Have properties of each schema class.

Attribute propertyValueDescription
adminDisplayNameDIT-Content-Rules Display name of this object for use in directory service administrative tools.
adminDescriptionDIT-Content-Rules Description of this object for use in directory service administrative tools.
cnDIT-Content-Rules Common name.
lDAPDisplayNamedITContentRules The name used by LDAP clients to refer to the object's class.
attributeID2.5.21.2 A unique OID that identifies the attribute.
objectClassAttribute-SchemaThe class of which this object is an instance.
objectCategoryAttribute-SchemaReference to an object class or one of its superclasses, which is used when searching for this object.
schemaIDGUID{9A7AD946-CA53-11D1-BBD0-0080C76670C0} A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object.
attributeSyntax2.5.5.12 An OID of a syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute.
oMSyntax64 Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification.
isSingleValuedFALSE TRUE means that the attribute has a single value, FALSE means that the attribute can have multiple values.
attributeSecurityGUID-- not set -- An optional GUID that identifies the attribute as a member of an attribute set(also known as a property set).
showInAdvancedViewOnlyTRUE TRUE means that the object will apear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell.
FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell.
systemFlags134217748 An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference.
systemOnlyTRUE TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well.