A

Automation

Automation technology is a way to manipulate objects within a scripting environment. Methods within an Automation environment are typically accessed through the IDispatch interface.

access-control entry (ACE)

An ACE is an entry in an access-control list (ACL). An ACE contains a set of access rights and a security identifier (SID) that identifies a trustee (such as a user or group) for whom the rights are allowed, denied, or audited.

access-control list (ACL)

An ACL is a list of access-control entries (ACEs) that define the security protections on an object. There are two kinds of ACLs that can appear in an object's security descriptor: a discretionary ACL (DACL) that controls access to the object, and a system ACL (SACL) that controls auditing of attempts to access the object.

Active Directory Service Interfaces (ADSI)

Active Directory™ Service Interfaces is a set of specifications for COM objects and interfaces. Administrators and developers can use ADSI objects to perform common administrative operations, such as adding new users or managing a print queue. See ADSI Programmer's Guide.

attribute

An attribute is a property of a directory object. A directory object is described by the values of its attributes; for example, a car can be described by its make, model, color, and so on. These are the attributes of the car. The term "attribute" is often used interchangeably with "property". Some attributes have a single value; others can have multiple values. See Characteristics of Attributes.

authoritative restore

When a replica of Active Directory™ is restored from backup, you can use the NTDSUTIL utility to mark selected objects as authoritatively restored. When replication occurs with other domain controllers, the authoritatively restored object replaces existing copies of the object on other DCs. Objects that are not authoritatively restored will be updated to reflect changes that occurred since the backup was made.