Security principal. The Windows® NT User object.
| Class property | Value | Description |
|---|---|---|
| adminDisplayName | User | Display name of this object for use in directory service administrative tools. |
| adminDescription | User | Description of this object for use in directory service administrative tools. |
| cn | User | Common name. |
| lDAPDisplayName | user | The name used by LDAP clients to refer to the object's class. |
| objectClass | Class-Schema | The class of which this object is an instance. |
| objectCategory | Class-Schema | Reference to an object class or one of its superclasses, which is used when searching for this object. |
| objectClassCategory | 1 | 1 means structural classes. 2 means abstract classes. 3 means auxiliary classes. |
| defaultObjectCategory | Person | Object-Category used in queries for objects of this class. |
| rDNAttID | cn | Attribute name used as the Relative Distinguished Name (RDN) for this class. |
| subClassOf | Organizational-Person | Immediate superclass of this class. |
| systemAuxiliaryClass | Mail-Recipient Security-Principal | Auxiliary classes that this class inherits from. |
| governsID | 1.2.840.113556.1.5.9 | A unique OID identifying the class. |
| schemaIDGUID | {BF967ABA-0DE6-11D0-A285-00AA003049E2} | A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
| defaultSecurityDescriptor | D:(A\;\;RPWPCRCCDCLCLORCWOWDSDDTSW\;\;\;DA) (A\;\;RPWPCRCCDCLCLORCWOWDSDDTSW\;\;\;SY) (A\;\;RPWPCRCCDCLCLORCWOWDSDDTSW\;\;\;AO) (A\;\;RPLCLORC\;\;\;PS) (OA\;\;CR\;ab721a53-1e2f-11d0-9819-00aa0040529b\;\;PS) (OA\;\;CR\;ab721a54-1e2f-11d0-9819-00aa0040529b\;\;PS) (OA\;\;CR\;ab721a56-1e2f-11d0-9819-00aa0040529b\;\;PS) (OA\;\;RPWP\;77B5B886-944A-11d1-AEBD-0000F80367C1\;\;PS) (OA\;\;RPWP\;E45795B2-9455-11d1-AEBD-0000F80367C1\;\;PS) (OA\;\;RPWP\;E45795B3-9455-11d1-AEBD-0000F80367C1\;\;PS) (OA\;\;RP\;037088f8-0ae1-11d2-b422-00a0c968f939\;\;RS) (OA\;\;RP\;4c164200-20c0-11d0-a768-00aa006e0529\;\;RS) (OA\;\;RP\;bc0ac240-79a9-11d0-9020-00c04fc2d4cf\;\;RS) (A\;\;RC\;\;\;AU) (OA\;\;RP\;59ba2f42-79a2-11d0-9020-00c04fc2d3cf\;\;AU) (OA\;\;RP\;77B5B886-944A-11d1-AEBD-0000F80367C1\;\;AU) (OA\;\;RP\;E45795B3-9455-11d1-AEBD-0000F80367C1\;\;AU) (OA\;\;RP\;e48d0154-bcf8-11d1-8702-00c04fb96050\;\;AU) (OA\;\;CR\;ab721a53-1e2f-11d0-9819-00aa0040529b\;\;WD) (OA\;\;RP\;5f202010-79a5-11d0-9020-00c04fc2d4cf\;\;RS) (OA\;\;RPWP\;bf967a7f-0de6-11d0-a285-00aa003049e2\;\;CA) | The default security descriptor for new instances of this class. |
| defaultHidingValue | FALSE | TRUE means that new object instances are hidden in the Administrative snap-ins and the Windows shell, FALSE covers all other situations. |
| showInAdvancedViewOnly | TRUE | TRUE means that the object will apear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
| systemPossSuperiors | Builtin-Domain Domain-DNS Organizational-Unit | Structural classes that can be containers of instances of this class. For the complete set of classes that can contain this class, you must include, in addition to any values shown on the left, those inherited from its superclasses as listed in the subClassOf attribute above. |
| systemOnly | FALSE | TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
| systemMustContain | Mandatory attributes that MUST be present on instances of this class. For the complete set of mandatory attributes for this class, you must, in addition to any values shown on the left, include those inherited from its superclasses as listed in the subClassOf attribute above and/or those derived from any of its auxiliary classes as specified in the systemAuxiliary attribute above and as inherited from its superclasses. | |
| systemMayContain | Account-Expires ACS-Policy-Name Admin-Count Bad-Password-Time Bad-Pwd-Count Code-Page Control-Access-Rights DBCS-Pwd Default-Class-Store Desktop-Profile Dynamic-LDAP-Server Group-Membership-SAM Group-Priority Groups-to-Ignore Home-Directory Home-Drive Last-Logoff Last-Logon Lm-Pwd-History Locale-ID Lockout-Time Logon-Count Logon-Hours Logon-Workstation Max-Storage MS-DS-Creator-SID MSMQ-Digests MSMQ-Digests-Mig MSMQ-Sign-Certificates MSMQ-Sign-Certificates-Mig msNPAllowDialin msNPCallingStationID msNPSavedCallingStationID msRADIUSCallbackNumber msRADIUSFramedIPAddress msRADIUSFramedRoute msRADIUSServiceType msRASSavedCallbackNumber msRASSavedFramedIPAddress msRASSavedFramedRoute Network-Address Nt-Pwd-History Operator-Count Other-Login-Workstations Preferred-OU Primary-Group-ID Profile-Path Pwd-Last-Set Script-Path Service-Principal-Name Terminal-Server Unicode-Pwd User-Account-Control User-Parameters User-Principal-Name User-Shared-Folder User-Shared-Folder-Other User-Workstations X509-Cert | Optional attributes that may be present on instances of this class. For the complete set of optional attributes for this class, you must include, in addition to any values shown on the left, those inherited from its superclasses as listed in the subClassOf attribute above and/or those derived from any of its auxiliary classes as specified in the systemAuxiliary attribute above and as inherited from its superclasses. |