Schema Objects Details
dp-User-Credentials-Data
Stores fingerprint registration templates for the user. The size of DigitalPersona fingerprint data depends on the number of fingerprints registered to a maximum 6.5 KB.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-User-Credentials-Data |
Display name of this object for use in directory service administrative tools. |
|
AdminDescription |
dp-User-Credentials-Data |
Description of this object for use in directory service administrative tools. |
|
Cn |
dp-User-Credentials-Data |
Common name. |
|
LDAPDisplayName |
dpUserCredentialsData |
The name used by LDAP clients to refer to the object's class. |
|
AttributeID |
1.2.840.113556.1.8000.651.1 |
A unique OID that identifies the attribute. |
|
ObjectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
ObjectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
SchemaIDGUID |
|
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
AttributeSyntax |
2.5.5.10 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
OMSyntax |
4 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
IsSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
attributeSecurityGUID |
Not set |
An optional GUID that identifies the attribute as a member of an attribute set (also known as a property set). |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
SearchFlags |
128 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects |
|
rangeUpper |
|
The maximum value or length of an attribute. |
|
showInAdvancedViewOnly |
TRUE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
|
SystemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference. |
|
SystemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
dp-User-Account-Control
Specifies the flags that control fingerprint credentials behavior for the user.
Size of DigitalPersona data: 4 bytes.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-User-Account-Control |
Display name of this object for use in directory service administrative tools. |
|
AdminDescription |
dp-User-Account-Control |
Description of this object for use in directory service administrative tools. |
|
Cn |
dp-User-Account-Control |
Common name. |
|
LDAPDisplayName |
dpUserAccountControl |
The name used by LDAP clients to refer to the object's class. |
|
AttributeID |
1.2.840.113556.1.8000.651.15 |
A unique OID that identifies the attribute. |
|
ObjectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
ObjectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
SchemaIDGUID |
|
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
AttributeSyntax |
2.5.5.9 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
OMSyntax |
2 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
IsSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
attributeSecurityGUID |
Not set |
An optional GUID that identifies the attribute as a member of an attribute set (also known as a property set). |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
SearchFlags |
0 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects |
|
showInAdvancedViewOnly |
TRUE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
|
SystemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference. |
|
SystemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
dp-User-Private-Data
Stores the user’s secure application data.
Size of DigitalPersona data: Varies, depending on the type and size of the user Secrets saved. Potentially there is no limit. Usually it is around 530 bytes. OTS Secrets: Approximately 520 bytes + application logon data. Each application logon data consists of the account name + password + 18 bytes.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-User-Private-Data |
Display name of this object for use in directory service administrative tools. |
|
AdminDescription |
dp-User-Private-Data |
Description of this object for use in directory service administrative tools. |
|
Cn |
dp-User-Private-Data |
Common name. |
|
LDAPDisplayName |
dpUserPrivateData |
The name used by LDAP clients to refer to the object's class. |
|
AttributeID |
1.2.840.113556.1.8000.651.2 |
A unique OID that identifies the attribute. |
|
ObjectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
ObjectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
SchemaIDGUID |
|
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
AttributeSyntax |
2.5.5.10 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
OMSyntax |
4 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
IsSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
attributeSecurityGUID |
Not set |
An optional GUID that identifies the attribute as a member of an attribute set (also known as a property set). |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
SearchFlags |
0 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects |
|
rangeUpper |
131072 |
The maximum value or length of an attribute. |
|
showInAdvancedViewOnly |
TRUE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
|
SystemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference. |
|
SystemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
dp-Servers-Data
Stores configuration data for all authentication servers in particular domain.
Size of DigitalPersona data: 1KB.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-Servers-Data |
Display name of this object for use in directory service administrative tools. |
|
AdminDescription |
dp-Servers-Data |
Description of this object for use in directory service administrative tools. |
|
Cn |
dp-Servers-Data |
Common name. |
|
LDAPDisplayName |
dpServersData |
The name used by LDAP clients to refer to the object's class. |
|
AttributeID |
1.2.840.113556.1.8000.651.10 |
A unique OID that identifies the attribute. |
|
ObjectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
ObjectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
SchemaIDGUID |
|
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
AttributeSyntax |
2.5.5.10 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
OMSyntax |
4 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
IsSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
attributeSecurityGUID |
Not set |
An optional GUID that identifies the attribute as a member of an attribute set (also known as a property set). |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
SearchFlags |
128 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects |
|
rangeUpper |
32768 |
The maximum value or length of an attribute. |
|
showInAdvancedViewOnly |
TRUE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
|
SystemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference. |
|
SystemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
dp-License
Stores license information for all DigitalPersona Servers in the Active Directory forest.
Size of DigitalPersona data: 0 (Not currently used – provided for future extension).
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-License |
Display name of this object for use in directory service administrative tools. |
|
AdminDescription |
dp-License |
Description of this object for use in directory service administrative tools. |
|
Cn |
dp-License |
Common name. |
|
LDAPDisplayName |
dpLicense |
The name used by LDAP clients to refer to the object's class. |
|
AttributeID |
1.2.840.113556.1.8000.651.14 |
A unique OID that identifies the attribute. |
|
ObjectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
ObjectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
SchemaIDGUID |
|
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
AttributeSyntax |
2.5.5.10 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
OMSyntax |
4 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
IsSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
attributeSecurityGUID |
Not set |
An optional GUID that identifies the attribute as a member of an attribute set (also known as a property set). |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
SearchFlags |
0 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects |
|
rangeUpper |
32768 |
The maximum value or length of an attribute. |
|
showInAdvancedViewOnly |
TRUE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
|
SystemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference. |
|
SystemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
dp-User-Logon-Policy
Stores the user’s logon policy information.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-User-Logon-Policy |
Display name of this object for use in directory service administrative tools. |
|
AdminDescription |
dp-User-Logon-Policy |
Description of this object for use in directory service administrative tools. |
|
Cn |
dp-User-Logon-Policy |
Common name. |
|
LDAPDisplayName |
dpUserLogonPolicy |
The name used by LDAP clients to refer to the object's class. |
|
AttributeID |
1.2.840.113556.1.8000.651.16 |
A unique OID that identifies the attribute. |
|
ObjectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
ObjectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
SchemaIDGUID |
e667KO53BEyWMiMRqj3t4A== |
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
AttributeSyntax |
2.5.5.9 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
OMSyntax |
2 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
IsSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
attributeSecurityGUID |
Not set |
An optional GUID that identifies the attribute as a member of an attribute set (also known as a property set). |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
SearchFlags |
0 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects |
|
showInAdvancedViewOnly |
FALSE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
|
SystemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference. |
|
SystemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
dp-User-Public-Key
Stores the user’s public key.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-User-Public-Key |
Display name of this object for use in directory service administrative tools. |
|
AdminDescription |
dp-User-Public-Key |
Description of this object for use in directory service administrative tools. |
|
Cn |
dp-User-Public-Key |
Common name. |
|
LDAPDisplayName |
dpUserPublicKey |
The name used by LDAP clients to refer to the object's class. |
|
AttributeID |
1.2.840.113556.1.8000.651.17 |
A unique OID that identifies the attribute. |
|
ObjectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
ObjectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
SchemaIDGUID |
|
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
AttributeSyntax |
2.5.5.10 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
OMSyntax |
4 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
IsSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
attributeSecurityGUID |
Not set |
An optional GUID that identifies the attribute as a member of an attribute set (also known as a property set). |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
SearchFlags |
0 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects |
|
rangeUpper |
131072 |
The maximum value or length of an attribute. |
|
showInAdvancedViewOnly |
TRUE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
|
SystemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference. |
|
SystemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
dp-User-Payload
Stores the user’s unified key data.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-User-Payload |
Display name of this object for use in directory service administrative tools. |
|
AdminDescription |
dp-User-Payload |
Description of this object for use in directory service administrative tools. |
|
Cn |
dp-User-Payload |
Common name. |
|
LDAPDisplayName |
dpUserPayload |
The name used by LDAP clients to refer to the object's class. |
|
AttributeID |
1.2.840.113556.1.8000.651.18 |
A unique OID that identifies the attribute. |
|
ObjectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
ObjectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
SchemaIDGUID |
|
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
AttributeSyntax |
2.5.5.10 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
OMSyntax |
4 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
IsSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
attributeSecurityGUID |
Not set |
An optional GUID that identifies the attribute as a member of an attribute set (also known as a property set). |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
SearchFlags |
128 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects |
|
rangeUpper |
32768 |
The maximum value or length of an attribute. |
|
showInAdvancedViewOnly |
TRUE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
|
SystemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference. |
|
SystemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
dp-User-Recovery-Key
Stores the user’s recovery key.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-User-Recovery-Key |
Display name of this object for use in directory service administrative tools. |
|
AdminDescription |
dp-User-Recovery-Key |
Description of this object for use in directory service administrative tools. |
|
Cn |
dp-User-Recovery-Key |
Common name. |
|
LDAPDisplayName |
dpUserRecoveryKey |
The name used by LDAP clients to refer to the object's class. |
|
AttributeID |
1.2.840.113556.1.8000.651.19 |
A unique OID that identifies the attribute. |
|
ObjectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
ObjectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
SchemaIDGUID |
|
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
AttributeSyntax |
2.5.5.10 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
OMSyntax |
4 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
IsSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
attributeSecurityGUID |
Not set |
An optional GUID that identifies the attribute as a member of an attribute set (also known as a property set). |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
SearchFlags |
128 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects |
|
rangeUpper |
32768 |
The maximum value or length of an attribute. |
|
showInAdvancedViewOnly |
TRUE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
|
SystemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference. |
|
SystemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
dp-User-Data-Type
Stores the type of the user data stored in the dp-User-Private-Data attribute.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-User-Data-Type |
Display name of this object for use in directory service administrative tools. |
|
AdminDescription |
dp-User-Data-Type |
Description of this object for use in directory service administrative tools. |
|
Cn |
dp-User-Data-Type |
Common name. |
|
LDAPDisplayName |
dpUserDataType |
The name used by LDAP clients to refer to the object's class. |
|
AttributeID |
1.2.840.113556.1.8000.651.20 |
A unique OID that identifies the attribute. |
|
ObjectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
ObjectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
SchemaIDGUID |
|
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
AttributeSyntax |
2.5.5.9 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
OMSyntax |
4 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
IsSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
attributeSecurityGUID |
Not set |
An optional GUID that identifies the attribute as a member of an attribute set (also known as a property set). |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
SearchFlags |
0 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects |
|
SystemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference. |
|
SystemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
dp-Lockout-Time
Stores the date and time (UTC) that this account was locked out. This value is stored as a large integer that represents the number of 100 nanosecond intervals since January 1, 1601 (UTC). A value of zero indicates that the account is not currently locked out.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-Lockout-Time |
Display name of this object for use in directory service administrative tools. |
|
AdminDescription |
dp-Lockout-Time |
Description of this object for use in directory service administrative tools. |
|
Cn |
dp-Lockout-Time |
Common name. |
|
LDAPDisplayName |
dpLockoutTime |
The name used by LDAP clients to refer to the object's class. |
|
AttributeID |
1.2.840.113556.1.8000.651.21 |
A unique OID that identifies the attribute. |
|
ObjectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
ObjectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
SchemaIDGUID |
|
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
AttributeSyntax |
2.5.5.16 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
OMSyntax |
65 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
IsSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
attributeSecurityGUID |
Not set |
An optional GUID that identifies the attribute as a member of an attribute set (also known as a property set). |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
SearchFlags |
0 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects |
|
showInAdvancedViewOnly |
TRUE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
|
SystemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference. |
|
SystemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
dp-Recovery-Password-Last-Set-Time
Stores data indicating the last time that the Recovery Password was set.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-Recovery-Password-Last-Set-Time |
Display name of this object for use in directory service administrative tools. |
|
AdminDescription |
dp-Recovery-Password-Last-Set-Time |
Description of this object for use in directory service administrative tools. |
|
Cn |
dp-Recovery-Password-Last-Set-Time |
Common name. |
|
LDAPDisplayName |
dpRecoveryPasswordLastSetTime |
The name used by LDAP clients to refer to the object's class. |
|
AttributeID |
1.2.840.113556.1.8000.651.22 |
A unique OID that identifies the attribute. |
|
ObjectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
ObjectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
SchemaIDGUID |
|
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
AttributeSyntax |
2.5.5.16 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
OMSyntax |
65 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
IsSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
attributeSecurityGUID |
Not set |
An optional GUID that identifies the attribute as a member of an attribute set (also known as a property set). |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
SearchFlags |
0 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects |
|
SystemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference. |
|
SystemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
dp-Recovery-Password
Stores the computer’s recovery password.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-Recovery-Password |
Display name of this object for use in directory service administrative tools. |
|
AdminDescription |
dp-Recovery-Password |
Description of this object for use in directory service administrative tools. |
|
Cn |
dp-Recovery-Password |
Common name. |
|
LDAPDisplayName |
dpRecoveryPassword |
The name used by LDAP clients to refer to the object's class. |
|
AttributeID |
1.2.840.113556.1.8000.651.23 |
A unique OID that identifies the attribute. |
|
ObjectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
ObjectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
SchemaIDGUID |
|
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
AttributeSyntax |
2.5.5.10 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
OMSyntax |
4 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
IsSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
attributeSecurityGUID |
Not set |
An optional GUID that identifies the attribute as a member of an attribute set (also known as a property set). |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
SearchFlags |
128 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects |
|
rangeUpper |
32768 |
The maximum value or length of an attribute. |
|
showInAdvancedViewOnly |
TRUE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
|
SystemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference. |
|
SystemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
dp-Master-Key
Stores a computer’s hard drive encryption key.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-Master-Key |
Display name of this object for use in directory service administrative tools. |
|
AdminDescription |
dp-Master-Key |
Description of this object for use in directory service administrative tools. |
|
Cn |
dp-Master-Key |
Common name. |
|
LDAPDisplayName |
dpMasterKey |
The name used by LDAP clients to refer to the object's class. |
|
AttributeID |
1.2.840.113556.1.8000.651.24 |
A unique OID that identifies the attribute. |
|
ObjectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
ObjectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
SchemaIDGUID |
|
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
AttributeSyntax |
2.5.5.10 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
OMSyntax |
4 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
IsSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
attributeSecurityGUID |
Not set |
An optional GUID that identifies the attribute as a member of an attribute set (also known as a property set). |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
SearchFlags |
128 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects |
|
rangeUpper |
32768 |
The maximum value or length of an attribute. |
|
showInAdvancedViewOnly |
TRUE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
|
SystemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference. |
|
SystemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
dp-Omit-Reasons
Stores the reasons credentials are omitted during attended enrollment.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-Omit-Reasons |
Display name of this object for use in directory service administrative tools. |
|
AdminDescription |
dp-Omit-Reasons |
Description of this object for use in directory service administrative tools. |
|
Cn |
dp-Omit-Reasons |
Common name. |
|
LDAPDisplayName |
dpOmitReasons |
The name used by LDAP clients to refer to the object's class. |
|
AttributeID |
1.2.840.113556.1.8000.651.29 |
A unique OID that identifies the attribute. |
|
ObjectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
ObjectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
SchemaIDGUID |
zKGWRTmm6U6DVvYunGgcPw== |
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
AttributeSyntax |
2.5.5.12 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
OMSyntax |
64 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
IsSingleValued |
FALSE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
attributeSecurityGUID |
Not set |
An optional GUID that identifies the attribute as a member of an attribute set (also known as a property set). |
|
rangeUpper |
32768 |
The maximum value or length of an attribute. |
dp-Password-Manager-Data
Stores Password manager data.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-Password-Manager-Data |
Display name of this object for use in directory service administrative tools. |
|
AdminDescription |
dp-Password-Manager-Data |
Description of this object for use in directory service administrative tools. |
|
Cn |
dp-Password-Manager-Data |
Common name. |
|
LDAPDisplayName |
dpPasswordManagerData |
The name used by LDAP clients to refer to the object's class. |
|
AttributeID |
1.2.840.113556.1.8000.651.300 |
A unique OID that identifies the attribute. |
|
ObjectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
ObjectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
SchemaIDGUID |
WubMEBRH1ECmVdJsZGPZLw== |
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
AttributeSyntax |
2.5.5.12 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
OMSyntax |
64 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
IsSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
attributeSecurityGUID |
Not set |
An optional GUID that identifies the attribute as a member of an attribute set (also known as a property set). |
|
rangeUpper |
131072 |
The maximum value or length of an attribute. |
dp-OTP-Key
Stores the Time-based OTP (One-Time Password) key.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-OTP-Key |
Display name of this object for use in directory service administrative tools. |
|
AdminDescription |
dp-OTP-Key |
Description of this object for use in directory service administrative tools. |
|
Cn |
dp-OTP-Key |
Common name. |
|
LDAPDisplayName |
dpOTPKey |
The name used by LDAP clients to refer to the object's class. |
|
AttributeID |
1.2.840.113556.1.8000.651.33 |
A unique OID that identifies the attribute. |
|
ObjectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
ObjectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
SchemaIDGUID |
GpxNxP/1L0SmME0QEBl9Mw== |
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
AttributeSyntax |
2.5.5.10 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
OMSyntax |
4 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
IsSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
SearchFlags |
128 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects |
|
rangeUpper |
32768 |
The maximum value or length of an attribute. |
|
showInAdvancedViewOnly |
TRUE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
|
SystemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference. |
|
SystemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
dp-OTP-Length
Stores the number of digits required in the OTP code.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-OTP-Length |
Display name of this object for use in directory service administrative tools. |
|
AdminDescription |
dp-OTP-Length |
Description of this object for use in directory service administrative tools. |
|
Cn |
dp-OTP-Length |
Common name. |
|
LDAPDisplayName |
dpOTPLength |
The name used by LDAP clients to refer to the object's class. |
|
AttributeID |
1.2.840.113556.1.8000.651.35 |
A unique OID that identifies the attribute. |
|
ObjectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
ObjectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
SchemaIDGUID |
C6XUG7q5akWi7Wpwxf9IHA== |
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
AttributeSyntax |
2.5.5.9 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
OMSyntax |
2 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
IsSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
SearchFlags |
|
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects |
|
rangeUpper |
|
The maximum value or length of an attribute. |
|
showInAdvancedViewOnly |
TRUE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
|
SystemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference. |
|
SystemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
dp-OTP-Time-Interval
Stores the time interval for Time-based OTP.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-OTP-Time-Interval |
Display name of this object for use in directory service administrative tools. |
|
AdminDescription |
dp-OTP-Time-Interval |
Description of this object for use in directory service administrative tools. |
|
Cn |
dp-OTP-Time-Interval |
Common name. |
|
LDAPDisplayName |
dpOTPTimeInterval |
The name used by LDAP clients to refer to the object's class. |
|
AttributeID |
1.2.840.113556.1.8000.651.36 |
A unique OID that identifies the attribute. |
|
ObjectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
ObjectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
SchemaIDGUID |
fBCb5mFA6EaqnP2rXeSTNw== |
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
AttributeSyntax |
2.5.5.9 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
OMSyntax |
2 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
IsSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
SearchFlags |
|
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects |
|
rangeUpper |
|
The maximum value or length of an attribute. |
|
showInAdvancedViewOnly |
TRUE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
|
SystemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference. |
|
SystemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
dp-Servers-Configuration
Stores configuration information (settings) shared by all DigitalPersona Servers.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-Servers-Configuration |
Display name of this object for use in directory service administrative tools. |
|
AdminDescription |
dp-Servers-Configuration |
Description of this object for use in directory service administrative tools. |
|
Cn |
dp-Servers-Configuration |
Common name. |
|
LDAPDisplayName |
dpServersConfiguration |
The name used by LDAP clients to refer to the object's class. |
|
AttributeID |
1.2.840.113556.1.8000.651.38 |
A unique OID that identifies the attribute. |
|
ObjectClass |
attribute-Schema |
The class of which this object is an instance. |
|
ObjectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
SchemaIDGUID |
y7u2s3vp0UuWC/l+j1vKqA== |
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
AttributeSyntax |
2.5.5.10 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
OMSyntax |
1 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
IsSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
SearchFlags |
|
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects |
|
rangeUpper |
131072 |
The maximum value or length of an attribute. |
|
showInAdvancedViewOnly |
TRUE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
|
SystemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in Microsoft’s Active Directory Service Interfaces Reference. |
|
SystemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
