| Class property | Value | Description |
|---|---|---|
| adminDisplayName | Domain-Policy | Display name of this object for use in directory service administrative tools. |
| adminDescription | Domain-Policy | Description of this object for use in directory service administrative tools. |
| cn | Domain-Policy | Common name. |
| lDAPDisplayName | domainPolicy | The name used by LDAP clients to refer to the object's class. |
| objectClass | Class-Schema | The class of which this object is an instance. |
| objectCategory | Class-Schema | Reference to an object class or one of its superclasses, which is used when searching for this object. |
| objectClassCategory | 1 | 1 means structural classes. 2 means abstract classes. 3 means auxiliary classes. |
| defaultObjectCategory | Domain-Policy | Object-Category used in queries for objects of this class. |
| rDNAttID | cn | Attribute name used as the Relative Distinguished Name (RDN) for this class. |
| subClassOf | Leaf | Immediate superclass of this class. |
| systemAuxiliaryClass | Auxiliary classes that this class inherits from. | |
| governsID | 1.2.840.113556.1.5.18 | A unique OID identifying the class. |
| schemaIDGUID | {BF967A99-0DE6-11D0-A285-00AA003049E2} | A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
| defaultSecurityDescriptor | D:(A\;\;RPWPCRCCDCLCLORCWOWDSDDTSW\;\;\;DA) (A\;\;RPWPCRCCDCLCLORCWOWDSDDTSW\;\;\;SY) (A\;\;RPLCLORC\;\;\;AU) | The default security descriptor for new instances of this class. |
| defaultHidingValue | TRUE | TRUE means that new object instances are hidden in the Administrative snap-ins and the Windows shell, FALSE covers all other situations. |
| showInAdvancedViewOnly | TRUE | TRUE means that the object will apear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
| systemPossSuperiors | Container Domain-DNS Organizational-Unit | Structural classes that can be containers of instances of this class. For the complete set of classes that can contain this class, you must include, in addition to any values shown on the left, those inherited from its superclasses as listed in the subClassOf attribute above. |
| systemOnly | FALSE | TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
| systemMustContain | Mandatory attributes that MUST be present on instances of this class. For the complete set of mandatory attributes for this class, you must, in addition to any values shown on the left, include those inherited from its superclasses as listed in the subClassOf attribute above and/or those derived from any of its auxiliary classes as specified in the systemAuxiliary attribute above and as inherited from its superclasses. | |
| systemMayContain | Authentication-Options Default-Local-Policy-Object Domain-Certificate-Authorities Domain-Policy-Reference Domain-Wide-Policy EFSPolicy Force-Logoff Ipsec-Policy-Reference Lock-Out-Observation-Window Lockout-Duration Lockout-Threshold Managed-By Max-Pwd-Age Max-Renew-Age Max-Ticket-Age Min-Pwd-Age Min-Pwd-Length Min-Ticket-Age Proxy-Lifetime Public-Key-Policy Pwd-History-Length Pwd-Properties Quality-Of-Service | Optional attributes that may be present on instances of this class. For the complete set of optional attributes for this class, you must include, in addition to any values shown on the left, those inherited from its superclasses as listed in the subClassOf attribute above and/or those derived from any of its auxiliary classes as specified in the systemAuxiliary attribute above and as inherited from its superclasses. |