Printout Header
RSS Feed

Attributes for Active Directory Groups


In this section of the SelfADSI Scripting tutorial the attributes of an Active Directory Services group object will be described. There are quite a lot of attributes defined for AD groups, all these can be read and manipulated over LDAP and therefore with ADSI also. Interesting links for this topic:


MSDN docu of the schema attributes for AD group objects MSDN general documentation of the AD Schema
Reading attributes (SelfADSI scripting tutorial whitepaper) Writing attributes (SelfADSI scripting tutorial whitepaper)
Searching directory objects for specific attribute values    

When you start dealing with attributes, it can be a bit confusing that in the MSDN documentation there is always two kinds of AD user attribute names: the internal AD database label and the official LDAP label. Unfortunately, sometimes there is no intuitive reference to the meaning of the attribute - or both names are very different from each other.



Attributes in the administrational GUI tools

From this point, you can jump to the enumeration of the AD user attributes in the regarding administrational GUI tools:


Windows 2008
AD Users and Computers


Windows 2000 /
Windows 2003
AD Users and Computers


Exchange 2003
AD Users and Computers


Exchange 2007
Exchange Management
Console


Services for Unix
AD Users and Computers


ADS User und Computer 2008 ADS User und Computer 2000/2003 ADS User und Computer - Exchange 2003 Exchange 2007 Management Console ADS User und Computer - Services for Unix


Alphabetical list of the group attributes

adminDescription
adminDisplayName
ADsPath
authOrig
authOrigBL
canonicalName
Class
cn
createTimeStamp
delivContLength
descritpion
displayName
displayNamePrintable
distinguishedName
dLMemRejectPerms
dLMemRejectPermsBL
dLMemSubmitPerms
dLMemSubmitPermsBL
extensionAttribute
groupType
homeMTA
info
isDeleted
legacyExchangeDN
mail
mailNickName
managedBy
member
memberOf
modifyTimeStamp
msExchExpansionServerName
msExchHideFromAddressLists
msExchHomeServerName
msExchRequireAuthToSendTo
msSFU30GidNumber
msSFU30Name
msSFU30NisDomain
msSFU30PosixMember
name
Name (ADSI Property)
nTSecurityDescriptor
objectCategory
objectClass
objectGUID
objectSid
oOFReplyToOriginator
Parent
primaryGroupToken
proxyAddresses
reportToOriginator
reportToOwner
sAMAccountName
telephoneNumber
textEncodedORAddress
unauthOrig
unauthOrigBL
uSNChanged
uSNCreated
whenChanged
whenCreated


s