Attributes
dp-User-Credentials-Data
Stores fingerprint registration templates for the user. The size of DigitalPersona fingerprint data depends on the number of fingerprints registered to a maximum 6.5 KB.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-User-Credentials-Data |
Display name of this object for use in directory service administrative tools. |
|
adminDescription |
dp-User-Credentials-Data |
Description of this object for use in directory service administrative tools. |
|
cn |
dp-User-Credentials-Data |
Common name. |
|
lDAPDisplayName |
dpUserCredentialsData |
The name used by LDAP clients to refer to the object's class. |
|
attributeID |
1.2.840.113556.1.8000.651.1 |
A unique OID that identifies the attribute. |
|
objectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
objectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
schemaIDGUID |
oCvajfqPIUKjQ8PJPGnSxw== |
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
attributeSyntax |
2.5.5.10 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
oMSyntax |
4 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
isSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
attributeSecurityGUID |
Not set |
An optional GUID that identifies the attribute as a member of an attribute set (also known as a property set). |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
searchFlags |
128 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects. |
|
rangeUpper |
512000 |
The maximum value or length of an attribute. |
|
showInAdvancedViewOnly |
TRUE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
|
systemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference. |
|
systemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
dp-User-Account-Control
Specifies the flags that control fingerprint credentials behavior for the user.
Size of DigitalPersona data: 4 bytes.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-User-Account-Control |
Display name of this object for use in directory service administrative tools. |
|
adminDescription |
dp-User-Account-Control |
Description of this object for use in directory service administrative tools. |
|
cn |
dp-User-Account-Control |
Common name. |
|
lDAPDisplayName |
dpUserAccountControl |
The name used by LDAP clients to refer to the object's class. |
|
attributeID |
1.2.840.113556.1.8000.651.15 |
A unique OID that identifies the attribute. |
|
objectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
objectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
schemaIDGUID |
apzEreoDukOn3jrhzQ3rCA== |
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
attributeSyntax |
2.5.5.9 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
oMSyntax |
2 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
isSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
attributeSecurityGUID |
Not set |
An optional GUID that identifies the attribute as a member of an attribute set (also known as a property set). |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
searchFlags |
0 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects. |
|
showInAdvancedViewOnly |
TRUE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
|
systemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference. |
|
systemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
dp-User-Private-Data
Stores the user’s secure application data.
Size of DigitalPersona data: Varies, depending on the type and size of the user Secrets saved. Potentially there is no limit. Usually it is around 530 bytes. OTS Secrets: Approximately 520 bytes + application logon data. Each application logon data consists of the account name + password + 18 bytes.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-User-Private-Data |
Display name of this object for use in directory service administrative tools. |
|
adminDescription |
dp-User-Private-Data |
Description of this object for use in directory service administrative tools. |
|
cn |
dp-User-Private-Data |
Common name. |
|
lDAPDisplayName |
dpUserPrivateData |
The name used by LDAP clients to refer to the object's class. |
|
attributeID |
1.2.840.113556.1.8000.651.2 |
A unique OID that identifies the attribute. |
|
objectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
objectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
schemaIDGUID |
Flr0u6/u30+6qf3uU13MPw== |
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
attributeSyntax |
2.5.5.10 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
oMSyntax |
4 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
isSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
attributeSecurityGUID |
Not set |
An optional GUID that identifies the attribute as a member of an attribute set (also known as a property set). |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
searchFlags |
128 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects. |
|
rangeUpper |
512000 |
The maximum value or length of an attribute. |
|
showInAdvancedViewOnly |
TRUE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
|
systemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference. |
|
systemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
dp-Servers-Data
Stores configuration data for all authentication servers in particular domain.
Size of DigitalPersona data: 1KB.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-Servers-Data |
Display name of this object for use in directory service administrative tools. |
|
adminDescription |
dp-Servers-Data |
Description of this object for use in directory service administrative tools. |
|
cn |
dp-Servers-Data |
Common name. |
|
lDAPDisplayName |
dpServersData |
The name used by LDAP clients to refer to the object's class. |
|
attributeID |
1.2.840.113556.1.8000.651.10 |
A unique OID that identifies the attribute. |
|
objectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
objectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
schemaIDGUID |
KOx/8PQ/g0Gv/NSzrCSq2A== |
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
attributeSyntax |
2.5.5.10 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
oMSyntax |
4 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
isSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
attributeSecurityGUID |
Not set |
An optional GUID that identifies the attribute as a member of an attribute set (also known as a property set). |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
searchFlags |
128 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects. |
|
rangeUpper |
32768 |
The maximum value or length of an attribute. |
|
showInAdvancedViewOnly |
TRUE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
|
systemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference. |
|
systemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
dp-License
Stores license information for all DigitalPersona Servers in the Active Directory forest.
Size of DigitalPersona data: 0 (Not currently used – provided for future extension).
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-License |
Display name of this object for use in directory service administrative tools. |
|
adminDescription |
dp-License |
Description of this object for use in directory service administrative tools. |
|
cn |
dp-License |
Common name. |
|
lDAPDisplayName |
dpLicense |
The name used by LDAP clients to refer to the object's class. |
|
attributeID |
1.2.840.113556.1.8000.651.14 |
A unique OID that identifies the attribute. |
|
objectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
objectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
schemaIDGUID |
d4SD+F6pd0WV0RUVAq+ioA== |
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
attributeSyntax |
2.5.5.10 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
oMSyntax |
4 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
isSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
attributeSecurityGUID |
Not set |
An optional GUID that identifies the attribute as a member of an attribute set (also known as a property set). |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
searchFlags |
0 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects. |
|
rangeUpper |
32768 |
The maximum value or length of an attribute. |
|
showInAdvancedViewOnly |
TRUE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
|
systemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference. |
|
systemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
dp-User-Logon-Policy
Stores the user’s logon policy information.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-User-Logon-Policy |
Display name of this object for use in directory service administrative tools. |
|
adminDescription |
dp-User-Logon-Policy |
Description of this object for use in directory service administrative tools. |
|
cn |
dp-User-Logon-Policy |
Common name. |
|
lDAPDisplayName |
dpUserLogonPolicy |
The name used by LDAP clients to refer to the object's class. |
|
attributeID |
1.2.840.113556.1.8000.651.16 |
A unique OID that identifies the attribute. |
|
objectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
objectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
schemaIDGUID |
e667KO53BEyWMiMRqj3t4A== |
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
attributeSyntax |
2.5.5.9 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
oMSyntax |
2 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
isSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
attributeSecurityGUID |
Not set |
An optional GUID that identifies the attribute as a member of an attribute set (also known as a property set). |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
searchFlags |
0 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects. |
|
showInAdvancedViewOnly |
FALSE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
|
systemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference. |
|
systemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
dp-User-Public-Key
Stores the user’s public key.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-User-Public-Key |
Display name of this object for use in directory service administrative tools. |
|
adminDescription |
dp-User-Public-Key |
Description of this object for use in directory service administrative tools. |
|
cn |
dp-User-Public-Key |
Common name. |
|
lDAPDisplayName |
dpUserPublicKey |
The name used by LDAP clients to refer to the object's class. |
|
attributeID |
1.2.840.113556.1.8000.651.17 |
A unique OID that identifies the attribute. |
|
objectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
objectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
schemaIDGUID |
EKCZhzpoSUab8sea7KZotA== |
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
attributeSyntax |
2.5.5.10 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
oMSyntax |
4 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
isSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
attributeSecurityGUID |
Not set |
An optional GUID that identifies the attribute as a member of an attribute set (also known as a property set). |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
searchFlags |
0 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects. |
|
rangeUpper |
32768 |
The maximum value or length of an attribute. |
|
showInAdvancedViewOnly |
TRUE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
|
systemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference. |
|
systemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
dp-User-Payload
Stores the user’s unified key data.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-User-Payload |
Display name of this object for use in directory service administrative tools. |
|
adminDescription |
dp-User-Payload |
Description of this object for use in directory service administrative tools. |
|
cn |
dp-User-Payload |
Common name. |
|
lDAPDisplayName |
dpUserPayload |
The name used by LDAP clients to refer to the object's class. |
|
attributeID |
1.2.840.113556.1.8000.651.18 |
A unique OID that identifies the attribute. |
|
objectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
objectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
schemaIDGUID |
dQ37kC2oqkeUbLYqkjYP5g== |
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
attributeSyntax |
2.5.5.10 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
oMSyntax |
4 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
isSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
attributeSecurityGUID |
Not set |
An optional GUID that identifies the attribute as a member of an attribute set (also known as a property set). |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
searchFlags |
128 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects. |
|
rangeUpper |
32768 |
The maximum value or length of an attribute. |
|
showInAdvancedViewOnly |
TRUE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
|
systemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference. |
|
systemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
dp-User-Recovery-Key
Stores the user’s recovery key.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-User-Recovery-Key |
Display name of this object for use in directory service administrative tools. |
|
adminDescription |
dp-User-Recovery-Key |
Description of this object for use in directory service administrative tools. |
|
cn |
dp-User-Recovery-Key |
Common name. |
|
lDAPDisplayName |
dpUserRecoveryKey |
The name used by LDAP clients to refer to the object's class. |
|
attributeID |
1.2.840.113556.1.8000.651.19 |
A unique OID that identifies the attribute. |
|
objectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
objectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
schemaIDGUID |
mjZ6wqHk9Em+SPvzPrRJpg== |
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
attributeSyntax |
2.5.5.10 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
oMSyntax |
4 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
isSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
attributeSecurityGUID |
Not set |
An optional GUID that identifies the attribute as a member of an attribute set (also known as a property set). |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
searchFlags |
128 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects. |
|
rangeUpper |
32768 |
The maximum value or length of an attribute. |
|
showInAdvancedViewOnly |
TRUE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
|
systemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference. |
|
systemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
dp-User-Data-Type
Stores the type of the user data stored in the dp-User-Private-Data attribute.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-User-Data-Type |
Display name of this object for use in directory service administrative tools. |
|
adminDescription |
dp-User-Data-Type |
Description of this object for use in directory service administrative tools. |
|
cn |
dp-User-Data-Type |
Common name. |
|
lDAPDisplayName |
dpUserDataType |
The name used by LDAP clients to refer to the object's class. |
|
attributeID |
1.2.840.113556.1.8000.651.20 |
A unique OID that identifies the attribute. |
|
objectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
objectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
schemaIDGUID |
DM0XzjX0Iki8UuvgJG9x1g== |
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
attributeSyntax |
2.5.5.9 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
oMSyntax |
2 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
isSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
attributeSecurityGUID |
Not set |
An optional GUID that identifies the attribute as a member of an attribute set (also known as a property set). |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
searchFlags |
0 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects. |
|
systemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference. |
|
systemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
dp-Lockout-Time
Stores the date and time (UTC) that this account was locked out. This value is stored as a large integer that represents the number of 100 nanosecond intervals since January 1, 1601 (UTC). A value of zero indicates that the account is not currently locked out.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-Lockout-Time |
Display name of this object for use in directory service administrative tools. |
|
adminDescription |
dp-Lockout-Time |
Description of this object for use in directory service administrative tools. |
|
cn |
dp-Lockout-Time |
Common name. |
|
lDAPDisplayName |
dpLockoutTime |
The name used by LDAP clients to refer to the object's class. |
|
attributeID |
1.2.840.113556.1.8000.651.21 |
A unique OID that identifies the attribute. |
|
objectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
objectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
schemaIDGUID |
xgA1ZWjIrkG6vncgwE0A2g== |
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
attributeSyntax |
2.5.5.16 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
oMSyntax |
65 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
isSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
attributeSecurityGUID |
Not set |
An optional GUID that identifies the attribute as a member of an attribute set (also known as a property set). |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
searchFlags |
0 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects. |
|
showInAdvancedViewOnly |
TRUE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
|
systemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference. |
|
systemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
dp-Recovery-Password-Last-Set-Time
Stores data indicating the last time that the Recovery Password was set.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-Recovery-Password-Last-Set-Time |
Display name of this object for use in directory service administrative tools. |
|
adminDescription |
dp-Recovery-Password-Last-Set-Time |
Description of this object for use in directory service administrative tools. |
|
cn |
dp-Recovery-Password-Last-Set-Time |
Common name. |
|
lDAPDisplayName |
dpRecoveryPasswordLastSetTime |
The name used by LDAP clients to refer to the object's class. |
|
attributeID |
1.2.840.113556.1.8000.651.22 |
A unique OID that identifies the attribute. |
|
objectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
objectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
schemaIDGUID |
jmnH4M/Zr0CPvjDHQSv78A== |
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
attributeSyntax |
2.5.5.16 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
oMSyntax |
65 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
isSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
attributeSecurityGUID |
Not set |
An optional GUID that identifies the attribute as a member of an attribute set (also known as a property set). |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
searchFlags |
0 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects. |
|
systemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference. |
|
systemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
dp-Recovery-Password
Stores the computer’s recovery password.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-Recovery-Password |
Display name of this object for use in directory service administrative tools. |
|
adminDescription |
dp-Recovery-Password |
Description of this object for use in directory service administrative tools. |
|
cn |
dp-Recovery-Password |
Common name. |
|
lDAPDisplayName |
dpRecoveryPassword |
The name used by LDAP clients to refer to the object's class. |
|
attributeID |
1.2.840.113556.1.8000.651.23 |
A unique OID that identifies the attribute. |
|
objectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
objectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
schemaIDGUID |
TG9FV2HZEE+i5W33PUbIzA== |
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
attributeSyntax |
2.5.5.10 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
oMSyntax |
4 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
isSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
attributeSecurityGUID |
Not set |
An optional GUID that identifies the attribute as a member of an attribute set (also known as a property set). |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
searchFlags |
128 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects. |
|
rangeUpper |
32768 |
The maximum value or length of an attribute. |
|
showInAdvancedViewOnly |
TRUE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
|
systemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference. |
|
systemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
dp-Master-Key
Stores a computer’s hard drive encryption key.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-Master-Key |
Display name of this object for use in directory service administrative tools. |
|
adminDescription |
dp-Master-Key |
Description of this object for use in directory service administrative tools. |
|
cn |
dp-Master-Key |
Common name. |
|
lDAPDisplayName |
dpMasterKey |
The name used by LDAP clients to refer to the object's class. |
|
attributeID |
1.2.840.113556.1.8000.651.24 |
A unique OID that identifies the attribute. |
|
objectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
objectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
schemaIDGUID |
mgi6pPYxi0+h5zAF2o9DAw== |
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
attributeSyntax |
2.5.5.10 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
oMSyntax |
4 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
isSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
attributeSecurityGUID |
Not set |
An optional GUID that identifies the attribute as a member of an attribute set (also known as a property set). |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
searchFlags |
128 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects. |
|
rangeUpper |
32768 |
The maximum value or length of an attribute. |
|
showInAdvancedViewOnly |
TRUE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
|
systemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference. |
|
systemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
dp-Password-Manager-Data
Stores Password manager data.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-Password-Manager-Data |
Display name of this object for use in directory service administrative tools. |
|
adminDescription |
dp-Password-Manager-Data |
Description of this object for use in directory service administrative tools. |
|
cn |
dp-Password-Manager-Data |
Common name. |
|
lDAPDisplayName |
dpPasswordManagerData |
The name used by LDAP clients to refer to the object's class. |
|
attributeID |
1.2.840.113556.1.8000.651.300 |
A unique OID that identifies the attribute. |
|
objectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
objectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
schemaIDGUID |
WubMEBRH1ECmVdJsZGPZLw== |
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
attributeSyntax |
2.5.5.12 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
oMSyntax |
64 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
isSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
attributeSecurityGUID |
Not set |
An optional GUID that identifies the attribute as a member of an attribute set (also known as a property set). |
|
rangeUpper |
512000 |
The maximum value or length of an attribute. |
dp-OTP-Key
Stores the Time-based OTP (One-Time Password) key.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-OTP-Key |
Display name of this object for use in directory service administrative tools. |
|
adminDescription |
dp-OTP-Key |
Description of this object for use in directory service administrative tools. |
|
cn |
dp-OTP-Key |
Common name. |
|
lDAPDisplayName |
dpOTPKey |
The name used by LDAP clients to refer to the object's class. |
|
attributeID |
1.2.840.113556.1.8000.651.33 |
A unique OID that identifies the attribute. |
|
objectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
objectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
schemaIDGUID |
GpxNxP/1L0SmME0QEBl9Mw== |
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
attributeSyntax |
2.5.5.10 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
oMSyntax |
4 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
isSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
searchFlags |
128 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects. |
|
rangeUpper |
32768 |
The maximum value or length of an attribute. |
|
showInAdvancedViewOnly |
TRUE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
|
systemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference. |
|
systemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
dp-OTP-Length
Stores the number of digits required in the OTP code.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-OTP-Length |
Display name of this object for use in directory service administrative tools. |
|
adminDescription |
dp-OTP-Length |
Description of this object for use in directory service administrative tools. |
|
cn |
dp-OTP-Length |
Common name. |
|
lDAPDisplayName |
dpOTPLength |
The name used by LDAP clients to refer to the object's class. |
|
attributeID |
1.2.840.113556.1.8000.651.35 |
A unique OID that identifies the attribute. |
|
objectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
objectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
schemaIDGUID |
C6XUG7q5akWi7Wpwxf9IHA== |
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
attributeSyntax |
2.5.5.9 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
oMSyntax |
2 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
isSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
searchFlags |
0 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects. |
|
showInAdvancedViewOnly |
TRUE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
|
systemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference. |
|
systemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
dp-OTP-Time-Interval
Stores the time interval for Time-based OTP.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-OTP-Time-Interval |
Display name of this object for use in directory service administrative tools. |
|
adminDescription |
dp-OTP-Time-Interval |
Description of this object for use in directory service administrative tools. |
|
cn |
dp-OTP-Time-Interval |
Common name. |
|
lDAPDisplayName |
dpOTPTimeInterval |
The name used by LDAP clients to refer to the object's class. |
|
attributeID |
1.2.840.113556.1.8000.651.36 |
A unique OID that identifies the attribute. |
|
objectClass |
Attribute-Schema |
The class of which this object is an instance. |
|
objectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
schemaIDGUID |
fBCb5mFA6EaqnP2rXeSTNw== |
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
attributeSyntax |
2.5.5.9 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
oMSyntax |
2 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
isSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
searchFlags |
0 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects. |
|
showInAdvancedViewOnly |
TRUE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
|
systemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in ADSI Reference. |
|
systemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
dp-Servers-Configuration
Stores configuration information (settings) shared by all DigitalPersona Servers.
| Attribute property | Value | Description |
|---|---|---|
|
adminDisplayName |
dp-Servers-Configuration |
Display name of this object for use in directory service administrative tools. |
|
adminDescription |
dp-Servers-Configuration |
Description of this object for use in directory service administrative tools. |
|
cn |
dp-Servers-Configuration |
Common name. |
|
lDAPDisplayName |
dpServersConfiguration |
The name used by LDAP clients to refer to the object's class. |
|
attributeID |
1.2.840.113556.1.8000.651.38 |
A unique OID that identifies the attribute. |
|
objectClass |
attribute-Schema |
The class of which this object is an instance. |
|
objectCategory |
Attribute-Schema |
Reference to an object class or one of its superclasses, which is used when searching for this object. |
|
schemaIDGUID |
y7u2s3vp0UuWC/l+j1vKqA== |
A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
|
attributeSyntax |
2.5.5.10 |
An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
|
oMSyntax |
4 |
Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
|
isSingleValued |
TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
|
isMemberOfPartialAttributeSet |
FALSE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
|
searchFlags |
0 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects. |
|
rangeUpper |
131072 |
The maximum value or length of an attribute. |
|
showInAdvancedViewOnly |
TRUE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
|
systemFlags |
0 |
An integer value that contains flags that define additional properties of this object. Category 1 classes or attributes have the 0x10 bit set by the system and cannot be set by users. They are shipped with Active Directory. For more information, see ADS_SYSETMFLAG_ENUM enumeration in Microsoft’s Active Directory Service Interfaces Reference. |
|
systemOnly |
FALSE |
TRUE means that only Active Directory can modify the class of this object. FALSE means users can make the modification as well. |
dp-Kiosk-Configuration
Stores the configuration settings for the DigitalPersona Kiosk Shared Account.
| Attribute property | Value | Description |
|---|---|---|
| objectClass | attributeSchema | The class of which this object is an instance. |
| cn | dp-Kiosk-Configuration | Common name. |
| attributeID | 1.2.840.113556.1.8000.651.43 | A unique OID that identifies the attribute. |
| attributeSyntax | 2.5.5.10 | An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
| isSingleValued | TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
| adminDisplayName | dp-Kiosk-Configuration | Display name of this object for use in directory service administrative tools. |
| oMSyntax | 4 | Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
| lDAPDisplayName | dpKioskConfiguration | The name used by LDAP clients to refer to the object's class. |
| schemaIDGUID | oG9fOZpxdUSt7T0j17CZng== | A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
| objectCategory | CN=Attribute-Schema,CN=Schema,CN=Configuration,DomainRoot | Reference to an object class or one of its superclasses, which is used when searching for this object. |
| showInAdvancedViewOnly | TRUE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
| rangeUpper | 131072 | The maximum value or length of an attribute. |
| searchFlags | 128 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects. |
dp-Prox-Card-Data
Stores the CID PACS data hash used for CID card identification.
| Attribute property | Value | Description |
|---|---|---|
| objectClass | attributeSchema | The class of which this object is an instance. |
| cn | dp-Prox-Card-Data | Common name. |
| attributeID | 1.2.840.113556.1.8000.651.39 | A unique OID that identifies the attribute. |
| attributeSyntax | 2.5.5.10 | An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
| isSingleValued | TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
| adminDisplayName | dp-Prox-Card-Data | Display name of this object for use in directory service administrative tools. |
| oMSyntax | 4 | Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
| lDAPDisplayName | dpProxCardData | The name used by LDAP clients to refer to the object's class. |
| schemaIDGUID | eONxLcmLgUa9g4rpRA1aPA== | A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
| objectCategory | CN=Attribute-Schema,CN=Schema,CN=Configuration,DomainRoot | Reference to an object class or one of its superclasses, which is used when searching for this object. |
| isMemberOfPartialAttributeSet | TRUE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
| rangeUpper | 128 | The maximum value or length of an attribute. |
| showInAdvancedViewOnly | TRUE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
| searchFlags | 129 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects. |
dp-Radius-Name
Stores the user name for RADIUS logon.
| Attribute property | Value | Description |
|---|---|---|
| objectClass | attributeSchema | The class of which this object is an instance. |
| cn | dp-Radius-Name | Common name. |
| attributeID | 1.2.840.113556.1.8000.651.40 | A unique OID that identifies the attribute. |
| attributeSyntax | 2.5.5.12 | An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
| isSingleValued | TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
| adminDisplayName | dp-Radius-Name | Display name of this object for use in directory service administrative tools. |
| oMSyntax | 64 | Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
| lDAPDisplayName | dpRadiusName | The name used by LDAP clients to refer to the object's class. |
| schemaIDGUID | zwZFRhSEM0C/cMw+091KhQ== | A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
| objectCategory | CN=Attribute-Schema,CN=Schema,CN=Configuration,DomainRoot | Reference to an object class or one of its superclasses, which is used when searching for this object. |
| isMemberOfPartialAttributeSet | TRUE |
TRUE means that the attribute is replicated to the global catalog. FALSE means that the attribute is not included in the global catalog. |
| rangeLower | 0 | The minimum value or length of an attribute. |
| rangeUpper | 128 | The maximum value or length of an attribute. |
| showInAdvancedViewOnly | TRUE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
| searchFlags | 1 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects. |
dp-Group-Policy
Stores the logon policy for an Active Directory group.
| Attribute property | Value | Description |
|---|---|---|
| objectClass | attributeSchema | The class of which this object is an instance. |
| cn | dp-Group-Policy | Common name. |
| attributeID | 1.2.840.113556.1.8000.651.41 | A unique OID that identifies the attribute. |
| attributeSyntax | 2.5.5.16 | An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
| isSingleValued | FALSE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
| adminDisplayName | dp-Group-Policy | Display name of this object for use in directory service administrative tools. |
| oMSyntax | 65 | Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
| lDAPDisplayName | dpGroupPolicy | The name used by LDAP clients to refer to the object's class. |
| schemaIDGUID | X+5ueZnFQUqYqieHBoBclw== | A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
| objectCategory | CN=Attribute-Schema,CN=Schema,CN=Configuration,DomainRoot | Reference to an object class or one of its superclasses, which is used when searching for this object. |
dp-Password-Manager-Data2
Stores unsecured data, such as manifests, for the Password Manager.
| Attribute property | Value | Description |
|---|---|---|
| objectClass | attributeSchema | The class of which this object is an instance. |
| cn | dp-Password-Manager-Data2 | Common name. |
| attributeID | 1.2.840.113556.1.8000.651.301 | A unique OID that identifies the attribute. |
| attributeSyntax | 2.5.5.12 | An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
| isSingleValued | TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
| adminDisplayName | dp-Password-Manager-Data2 | Display name of this object for use in directory service administrative tools. |
| oMSyntax | 64 | Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
| lDAPDisplayName | dpPasswordManagerData2 | The name used by LDAP clients to refer to the object's class. |
| schemaIDGUID | ipPBaFJwgUiq+NMOfR8T8Q== | A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
| objectCategory | CN=Attribute-Schema,CN=Schema,CN=Configuration,DomainRoot | Reference to an object class or one of its superclasses, which is used when searching for this object. |
| rangeUpper | 512000 | The maximum value or length of an attribute. |
dp-OTP-Recovery
Stores the Time-based OTP recovery key.
| Attribute property | Value | Description |
|---|---|---|
| objectClass | attributeSchema | The class of which this object is an instance. |
| cn | dp-OTP-Recovery | Common name. |
| attributeID | 1.2.840.113556.1.8000.651.42 | A unique OID that identifies the attribute. |
| attributeSyntax | 2.5.5.10 | An OID of the syntax. The combination of the attributeSyntax and oMSyntax properties determines the syntax of an attribute. |
| isSingleValued | TRUE |
TRUE means that the attribute has a single value. FALSE means that the attribute can have multiple values. |
| adminDisplayName | dp-OTP-Recovery | Display name of this object for use in directory service administrative tools. |
| oMSyntax | 4 | Syntax of this attribute as defined by the XAPIA XOM (X/Open Object Model) specification. |
| lDAPDisplayName | dpOTPRecovery | The name used by LDAP clients to refer to the object's class. |
| schemaIDGUID | szJcfaQEmU6WUmmckszEGQ== | A GUID that uniquely identifies this object. You can use this string value in an ACE to control access to objects of this object. |
| objectCategory | CN=Attribute-Schema,CN=Schema,CN=Configuration,DomainRoot | Reference to an object class or one of its superclasses, which is used when searching for this object. |
| rangeUpper | 32768 | The maximum value or length of an attribute. |
| showInAdvancedViewOnly | TRUE |
TRUE means that the object will appear in the Advanced View of the Users and Computers snap-in only, but not in the Windows shell. FALSE means that the object will appear in Normal view of the Users and Computers snap-in and the Windows shell. |
| searchFlags | 128 |
An integer value whose least significant bit indicates whether the attribute is indexed. The four bit flags in this value are: 1 = Index over attribute only 2 = Index over container and attribute 4 = Add this attribute to the Ambiguous Name Resolution set, used together with 0x0001 8 = Preserve this attribute in the tombstone object for deleted objects. |
