Specifies the flags that control password, lockout, disable/enable, script, and home directory behavior for the user.
| Attribute property | Value | Description |
|---|---|---|
| adminDisplayName | User-Account-Control | Display name of this object for use in directory service administrative tools. |
| adminDescription | User-Account-Control | Description of this object for use in directory service administrative tools. |
| cn | User-Account-Control | Common name. |
| lDAPDisplayName | userAccountControl | The name used by LDAP clients to refer to the object's class. |
| attributeID | 1.2.840.113556.1.4.8 | A unique OID that identifies the attribute. |
| objectClass | Attribute-Schema | The class of which this object is an instance. |
| objectCategory | Attribute-Schema | Reference to an object class or one of its superclasses, which is used when searching for this object. |
| schemaIDGUID | {BF967A68-0DE6-11D0-A285-00AA003049E2} | A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
| attributeSyntax | 2.5.5.9 | An OID of a syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
| oMSyntax | 2 | Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
| isSingleValued | TRUE | TRUE means that the attribute has a single value, FALSE means that the attribute can have multiple values. |
| attributeSecurityGUID | {4C164200-20C0-11D0-A768-00AA006E0529} | An optional GUID that identifies the attribute as a member of an attribute set(also known as a property set). |
| isMemberOfPartialAttributeSet | TRUE | TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
| searchFlags | 25 | An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects. |
| showInAdvancedViewOnly | TRUE | TRUE means that the object will apear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
| systemFlags | 18 | An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference. |
| systemOnly | FALSE | TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
| Remarks | This property also contains a flag that indicates the account type of the object. The user object usually has the UF_NORMAL_ACCOUNT flag set. The flags are defined in LMACCESS.H and information about the meaning of each flag can be found in the Active Directory™ Programmer's Guide. |