Attributes for Active Directory Users
In this section of the SelfADSI Scripting tutorial the attributes of an Active Directory Services user object will be described. There are quite a lot of attributes defined for AD users, all these can be read and manipulated over LDAP and therefore with ADSI also. Interesting links for this topic:
When you start dealing with attributes, it can be a bit confusing that in the MSDN documentation there is always two kinds of AD user attribute names: the internal AD database label and the official LDAP label. Unfortunately, sometimes there is no intuitive reference to the meaning of the attribute - or both names are very different from each other.
Attributes in the administrational GUI tools
From this point, you can jump to the enumeration of the AD user attributes in the regarding administrational GUI tools:
| Windows 2012 R2 AD Users and Computers |
Windows 2008 R2 AD Users and Computers |
Services for Unix AD User und Computer |
||
 |
 |
|
 |
Archive / Obsolete:
Windows 2000 / Windows 2003 AD Users and Computers
Exchange 2003 AD Users and Computers
Exchange 2007 Exchange Management Console
Alphabetical list of the user attributes
| accountExpires | adminDescription | adminDisplayName | ADsPath |
| altRecipient | altRecipientBL | authOrig | authOrigBL |
| autoReplyMessage | badPasswordTime | badPwdCount | c (Country) |
| canonicalName | Class | co (Country) | comment |
| company | countryCode | createTimeStamp | deletedItemFlags |
| delivContLength | deliverAndRedirect | department | departmentNumber |
| description | directReports | displayName | displayNamePrintable |
| distinguishedName | division | dLMemRejectPerms | dLMemRejectPermsBL |
| dLMemSubmitPerms | dLMemSubmitPermsBL | employeeID | employeeNumber |
| employeeType | extensionData | extensionAttribute1 - 15 | facsimileTelephoneNumber |
| garbageCollPeriod | givenName | homeDirectory | homeDrive |
| homeMDB | homeMTA | homePhone | info |
| initials | ipPhone | isDeleted | isRecycled |
| l (Location) | lastKnownParent | lastLogoff | lastLogon |
| lastLogonTimestamp | legacyExchangeDN | lockoutTime | logonCount |
| logonHours | mailNickname | manager | |
| mDBOverHardQuotaLimit | mDBOverQuotaLimit | mDBStorageQuota | mDBUseDefaults |
| memberOf | mobile | modifyTimeStamp | msCOM-UserPartitionSetLink |
|
msDS-User-Account- Control-Computed |
msDS-UserPassword ExpiryTimeComputed |
msExchHideFromAddressLists | msExchHomeServerName |
| msExchMailboxSecurityDescriptor | msExchMasterAccountSID | msExchOmaAdminWirelessEnable | msExchPoliciesExcluded |
| msExchRecipLimit | msExchRequireAuthToSendTo | msExchUserAccountControl | msNPAllowDialin |
| msNPCallingStationID | msNPSavedCallingStationID | msRADIUSCallbackNumber | msRADIUSFramedIPAddress |
| msRADIUSFramedRoute | msRADIUSServiceType | msRASSavedCallbackNumber | msRASSavedFramedIPAddress |
| msRASSavedFramedRoute | msSFU30GidNumber | msSFU30HomeDirectory | msSFU30LoginShell |
| msSFU30Name | msSFU30NisDomain | msSFU30Password | msSFU30UidNumber |
| name | Name (ADSI Property) | nTSecurityDescriptor | objectCategory |
| objectClass | objectGUID | objectSid | otherFacsimileTelephoneNumber |
| otherHomePhone | otherIpPhone | otherMobile | otherPager |
| otherTelephone | pager | Parent | physicalDeliveryOfficeName |
| postalCode | postOfficeBox | primaryGroupID | profilePath |
| protocolSettings | proxyAddresses | publicDelegates | publicDelegatesBL |
| pwdLastSet | sAMAccountName | scriptPath | seeAlso |
| securityProtocol | sIDHistory | sn (Surname) | st (State) |
| streetAddress | submissionContLength | telephoneNumber | textEncodedORAddress |
| title | unauthOrig | unauthOrigBL | url |
| userAccountControl | userCertificate | userParameters | userPrincipalName |
| userWorkstations | uSNChanged | uSNCreated | whenChanged |
| whenCreated | wWWHomePage |