LDAP name: useraccountcontrol
Description: The account is disabled.
LDAP name: accountexpires
Description: The date when the account expires. If this date is not empty then account will expire at end of this date. Therefore, account will be working in this date.
LDAP name: accountexpires
Description: The days and hours when the account expires.
LDAP name: accountexpires
Description: This account will never expire.
LDAP name: samaccounttype
Description: This attribute contains information about every account type object.
LDAP name: homePostalAddress
Description: User's home address.
LDAP name: adminDescription
Description: Description displayed on admin screens.
LDAP name: adminDisplayName
Description: Name to be displayed on admin screens.
LDAP name: admincount
Description: Indicates that a given object has had its ACLs changed to a more secure value by the system because it was a member of one of the administrative groups (directly or transitively). Anyone with adminCount=1 is or was a privileged user of some sort.
LDAP name: useraccountcontrol
Description: The user cannot change the password.
LDAP name: canonicalName
Description: Name of the object in canonical format, e.g. me.domain.com.
LDAP name: l
Description: City
LDAP name: cn
Description: The name that represents an object.
LDAP name: company
Description: User's company name.
LDAP name: co
Description: The country in which the user is located.
LDAP name: countrycode
Description: Specifies the country/region code for the user's language of choice.
LDAP name: whencreated
Description: The date when this object was created.
LDAP name: isDeleted
Description: If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system.
LDAP name: department
Description: Contains the name of the department in which the user works.
LDAP name: description
Description: Contains the description to display for an object.
LDAP name: displayName
Description: Name displayed in the address book for a particular user. This is usually the combination of the user's first name, middle initial and last name.
LDAP name: distinguishedname
Description: The LDAP API references an LDAP object by its distinguished name (DN). A DN is a sequence of relative distinguished names (RDN) connected by commas.
LDAP name: memberof
Description: This attribute specifies the distinguished names of the groups to which this object belongs.
LDAP name: division
Description: User's division
LDAP name: memberof
Description: This attribute specifies the distinguished names of the groups to which this object belongs.
LDAP name: useraccountcontrol
Description: (Windows 2000/Windows Server 2003) This account does not require Kerberos pre-authentication for logon.
LDAP name: mail
Description: Email address.
LDAP name: employeeID
Description: ID of an employee.
LDAP name: employeeType
Description: Job category for an employee.
LDAP name: facsimileTelephoneNumber
Description: Fax.
LDAP name: givenname
Description: Contains the given name (first name) of the user.
LDAP name: memberof
Description: This attribute specifies the distinguished names of the groups to which this object belongs.
LDAP name: memberof
Description: This attribute specifies the distinguished names of the groups to which this object belongs.
LDAP name: memberof
Description: This attribute specifies the distinguished names of the groups to which this object belongs.
LDAP name: memberof
Description: This attribute specifies the distinguished names of the groups to which this object belongs.
LDAP name: thumbnailPhoto
Description: Has Thumbnail Photo.
LDAP name: memberof
Description: Whether the user is a member of any group except the primary group.
LDAP name: homeDirectory
Description: The default home directory location that is mapped to the user's home directory. Useful to identify file servers quickly on the network, but be mindful of DFS (i.e. \domain\home\user vs \fileserver\home\user).
LDAP name: useraccountcontrol
Description: The home directory is required.
LDAP name: homeDrive
Description: Specifies the drive letter to which to map the UNC path specified by homeDirectory. Example, "H:".
LDAP name: houseIdentifier
Description: Specifies a linguistic construct used to identify a particular building, for example, a house number or house name relative to a street, avenue, town, city, and so on.
LDAP name: initials
Description: Contains the initials for parts of the user's full name. This may be used as the middle initial in the Windows Address Book.
LDAP name: useraccountcontrol
Description: This is a permit to trust account for a system domain that trusts other domains.
LDAP name: ipPhone
Description: IP phone.
LDAP name: iscriticalsystemobject
Description: If TRUE, the object hosting this attribute must be replicated during installation of a new replica.
LDAP name: primaryGroupId
Description: Is this user's primary group is Domain Guests.
LDAP name: primaryGroupId
Description: Is this user's primary group is Domain Users.
LDAP name: useraccountcontrol
Description: This is an account for users whose primary account is in another domain. This account provides user access to this domain, but not to any domain that trusts this domain. Also known as a local user account.
LDAP name: badpasswordtime
Description: The last time and date that an attempt to log on to this account was made with a password that is not valid. This attribute is not replicated.
LDAP name: lastKnownParent
Description: The Distinguished Name (DN) of the last known parent of an orphaned object.
LDAP name: lastLogon
Description: The domain controller that authenticated this computer the last time it logged on to the network.
LDAP name: lastlogon
Description: The last time the user logged on.
LDAP name: sn
Description: This attribute contains the family or last name for a user.
LDAP name: l
Description: Contains the locality, such as the town or city, in the user's address.
LDAP name: lockoutTime
Description: The account is currently locked out. Calculated by attribute lockoutTime value and Account Lockout Policy Account lockout duration setting.
LDAP name: lockoutTime
Description: The date and time (UTC) that this account was locked out.
LDAP name: logoncount
Description: The number of times the account has successfully logged on.
LDAP name: samaccountname
Description: The username (the logon name used to support clients and servers running earlier versions of the operating system.)
LDAP name: scriptPath
Description: Logon Script.
LDAP name: useraccountcontrol
Description: The logon script is executed.
LDAP name: userWorkstations
Description: Contains the NetBIOS or DNS names of the computers running Windows NT Workstation or Windows 2000 Professional from which the user can log on. A comma separates each NetBIOS name.
Description: Managed Accounts.
Description: Managed Accounts Count.
LDAP name: manager
Description: Contains the distinguished name of the user who is the user's manager. The manager's user object contains a directReports property that contains references to all user objects that have their manager properties set to this distinguished name.
LDAP name: manager
Description: Contains the distinguished name of the user who is the user's manager. The manager's user object contains a directReports property that contains references to all user objects that have their manager properties set to this distinguished name.
LDAP name: manager
Description: Contains the distinguished name of the user who is the user's manager. The manager's user object contains a directReports property that contains references to all user objects that have their manager properties set to this distinguished name.
LDAP name: mobile
Description: Mobile.
LDAP name: whenchanged
Description: The date when this object was last changed. This value is not replicated and exists in the global catalog.
LDAP name: pwdLastSet
Description: Must change password at next logon. pwdLastSet = 0.
LDAP name: name
Description: Object name.
LDAP name: msNPAllowDialin
Description: Indicates whether the account has permission to dial in to the RAS server.
LDAP name: useraccountcontrol
Description: The security context of the user will not be delegated to a service even if the service account is set as trusted for Kerberos delegation.
LDAP name: info
Description: User's notes.
LDAP name: badpwdcount
Description: The number of times the user tried to log on to the account using an incorrect password. This number is taken from domain controller containing the latest bad password time.
LDAP name: memberof
Description: Count of direct group membership.
LDAP name: objectcategory
Description: An object class name used to group objects of this or derived classes.
LDAP name: objectclass
Description: The list of classes from which this class is derived.
LDAP name: physicalDeliveryOfficeName
Description: Office.
LDAP name: postOfficeBox
Description: P.O.Box
LDAP name: pager
Description: Pager.
Description: Gets this entry's parent in the Active Directory Domain Services hierarchy. Return parent name if it is a container.
Description: Gets this entry's parent name in the Active Directory Domain Services hierarchy.
Description: Gets this entry's parent in the Active Directory Domain Services hierarchy. Return parent name if it is an organizational unit.
LDAP name: msDS-UserPasswordExpiryTimeComputed
Description: (Windows Server 2008 and newer) This attribute indicates the time when the password of the object will expire.
LDAP name: useraccountcontrol
Description: The user password has expired. This flag is created by the system using data from the Pwd-Last-Set attribute and the domain policy.
LDAP name: pwdlastset
Description: The date and time that the password for this account was last changed.
LDAP name: useraccountcontrol
Description: The password for this account will never expire.
LDAP name: useraccountcontrol
Description: No password is required.
LDAP name: homePhone
Description: User's main home phone number.
LDAP name: primarygroupid
Description: Contains the relative identifier (RID) for the primary group of the user. By default, this is the RID for the Domain Users group.
LDAP name: userPrincipalName
Description: This attribute contains the UPN that is an Internet-style login name for a user based on the Internet standard RFC 822. The UPN is shorter than the distinguished name and easier to remember. By convention, this should map to the user email name. The value set for this attribute is equal to the length of the user's ID and the domain name.
LDAP name: profilePath
Description: Profile Path.
Description: Is object protected from accidental deletion. It is calculated from access control entry (ACE) - deny Delete + DeleteTree. Can take some time to calculate that is why advised to use other filters to narrow down record count.
LDAP name: memberof
Description: This attribute specifies the distinguished names of the groups to which this object belongs.
LDAP name: objectsid
Description: A binary value that specifies the security identifier (SID) of the user. The SID is a unique value used to identify the user as a security principal.
LDAP name: useraccountcontrol
Description: The user must log on using a smart card.
LDAP name: st
Description: State/Province.
LDAP name: useraccountcontrol
Description: The user can send an encrypted password.
LDAP name: streetAddress
Description: The Street address.
LDAP name: msds-supportedencryptiontypes
Description: The encryption algorithms supported by user, computer or trust accounts.
LDAP name: telephoneNumber
Description: Telephone Number.
LDAP name: title
Description: Title.
LDAP name: useraccountcontrol
Description: The service account (user or computer account), under which a service runs, is trusted for Kerberos delegation. Any such service can impersonate a client requesting the service.
LDAP name: useraccountcontrol
Description: (Windows 2000/Windows Server 2003) The account is enabled for delegation. This is a security-sensitive setting; accounts with this option enabled should be strictly controlled. This setting enables a service running under the account to assume a client identity and authenticate as that user to other remote servers on the network.
LDAP name: memberof
Description: This attribute specifies the distinguished names of the groups to which this object belongs.
LDAP name: useraccountcontrol
Description: Restrict this principal to use only Data Encryption Standard (DES) encryption types for keys.
LDAP name: wWWHomePage
Description: Web Page.
LDAP name: postalCode
Description: Zip/Postal Code.
LDAP name: useraccountcontrol
Description: The account is disabled.
LDAP name: samaccounttype
Description: This attribute contains information about every account type object.
LDAP name: adminDescription
Description: Description displayed on admin screens.
LDAP name: adminDisplayName
Description: Name to be displayed on admin screens.
LDAP name: admincount
Description: Indicates that a given object has had its ACLs changed to a more secure value by the system because it was a member of one of the administrative groups (directly or transitively). Anyone with adminCount=1 is or was a privileged user of some sort.
LDAP name: useraccountcontrol
Description: The user cannot change the password.
LDAP name: canonicalName
Description: Name of the object in canonical format, e.g. me.domain.com.
LDAP name: cn
Description: The name that represents an object.
LDAP name: whencreated
Description: The date when this object was created.
LDAP name: isDeleted
Description: If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system.
LDAP name: description
Description: Contains the description to display for an object.
LDAP name: displayname
Description: The display name for an object.
LDAP name: distinguishedname
Description: The LDAP API references an LDAP object by its distinguished name (DN). A DN is a sequence of relative distinguished names (RDN) connected by commas.
LDAP name: dnshostname
Description: Name of the computer as registered in DNS.
LDAP name: memberof
Description: This attribute specifies the distinguished names of the groups to which this object belongs.
LDAP name: useraccountcontrol
Description: (Windows 2000/Windows Server 2003) This account does not require Kerberos pre-authentication for logon.
LDAP name: memberof
Description: This attribute specifies the distinguished names of the groups to which this object belongs.
LDAP name: memberof
Description: This attribute specifies the distinguished names of the groups to which this object belongs.
LDAP name: memberof
Description: This attribute specifies the distinguished names of the groups to which this object belongs.
LDAP name: memberof
Description: This attribute specifies the distinguished names of the groups to which this object belongs.
LDAP name: memberof
Description: Whether the computer is a member of any group except the primary group.
LDAP name: useraccountcontrol
Description: The home directory is required.
LDAP name: useraccountcontrol
Description: This is a permit to trust account for a system domain that trusts other domains.
Description: Computer IPv4 address.
Description: Computer IPv6 address.
LDAP name: iscriticalsystemobject
Description: If TRUE, the object hosting this attribute must be replicated during installation of a new replica.
LDAP name: primaryGroupId
Description: Is this computer a domain controller. Checks primaryGroupId attribute for values 516 and 521.
LDAP name: useraccountcontrol
Description: This is an account for users whose primary account is in another domain. This account provides user access to this domain, but not to any domain that trusts this domain. Also known as a local user account.
LDAP name: badpasswordtime
Description: The last time and date that an attempt to log on to this account was made with a password that is not valid. This attribute is not replicated.
LDAP name: lastKnownParent
Description: The Distinguished Name (DN) of the last known parent of an orphaned object.
LDAP name: lastLogon
Description: The domain controller that authenticated this computer the last time it logged on to the network.
LDAP name: lastlogon
Description: The last time the user logged on.
LDAP name: localpolicyflags
Description: Flags that determine where a computer gets its policy.
LDAP name: lockoutTime
Description: The account is currently locked out. Calculated by attribute lockoutTime value and Account Lockout Policy Account lockout duration setting.
LDAP name: lockoutTime
Description: The date and time (UTC) that this account was locked out.
LDAP name: logoncount
Description: The number of times the account has successfully logged on.
LDAP name: samaccountname
Description: The username (the logon name used to support clients and servers running earlier versions of the operating system.)
LDAP name: useraccountcontrol
Description: The logon script is executed.
LDAP name: manager
Description: Contains the distinguished name of the user who is the user's manager. The manager's user object contains a directReports property that contains references to all user objects that have their manager properties set to this distinguished name.
LDAP name: manager
Description: Contains the distinguished name of the user who is the user's manager. The manager's user object contains a directReports property that contains references to all user objects that have their manager properties set to this distinguished name.
LDAP name: manager
Description: Contains the distinguished name of the user who is the user's manager. The manager's user object contains a directReports property that contains references to all user objects that have their manager properties set to this distinguished name.
LDAP name: whenchanged
Description: The date when this object was last changed. This value is not replicated and exists in the global catalog.
LDAP name: name
Description: Object name.
LDAP name: useraccountcontrol
Description: The security context of the user will not be delegated to a service even if the service account is set as trusted for Kerberos delegation.
LDAP name: badpwdcount
Description: The number of times the user tried to log on to the account using an incorrect password. This number is taken from domain controller containing the latest bad password time.
LDAP name: memberof
Description: Count of direct group membership.
LDAP name: objectcategory
Description: An object class name used to group objects of this or derived classes.
LDAP name: objectclass
Description: The list of classes from which this class is derived.
LDAP name: operatingsystem
Description: The Operating System name, for example, Windows 10.
LDAP name: operatingsystemservicepack
Description: The operating system service pack ID string (for example, SP3).
LDAP name: operatingsystemversion
Description: The operating system version string, for example, 4.0.
Description: Gets this entry's parent in the Active Directory Domain Services hierarchy. Return parent name if it is a container.
Description: Gets this entry's parent name in the Active Directory Domain Services hierarchy.
Description: Gets this entry's parent in the Active Directory Domain Services hierarchy. Return parent name if it is an organizational unit.
LDAP name: useraccountcontrol
Description: The user password has expired. This flag is created by the system using data from the Pwd-Last-Set attribute and the domain policy.
LDAP name: pwdlastset
Description: The date and time that the password for this account was last changed.
LDAP name: useraccountcontrol
Description: The password for this account will never expire.
LDAP name: useraccountcontrol
Description: No password is required.
LDAP name: primarygroupid
Description: Contains the relative identifier (RID) for the primary group of the user. By default, this is the RID for the Domain Users group.
Description: Is object protected from accidental deletion. It is calculated from access control entry (ACE) - deny Delete + DeleteTree. Can take some time to calculate that is why advised to use other filters to narrow down record count.
LDAP name: ridsetreferences
Description: List of references to RID-Set objects that manage Relative Identifier (RID) allocation.
LDAP name: memberof
Description: This attribute specifies the distinguished names of the groups to which this object belongs.
LDAP name: objectsid
Description: A binary value that specifies the security identifier (SID) of the user. The SID is a unique value used to identify the user as a security principal.
LDAP name: serverreferencebl
Description: Found in the domain-naming context. The distinguished name of a computer under the sites folder.
LDAP name: useraccountcontrol
Description: This is a computer account for a system backup domain controller that is a member of this domain.
LDAP name: msds-supportedencryptiontypes
Description: The encryption algorithms supported by user, computer or trust accounts.
LDAP name: useraccountcontrol
Description: The service account (user or computer account), under which a service runs, is trusted for Kerberos delegation. Any such service can impersonate a client requesting the service.
LDAP name: useraccountcontrol
Description: (Windows 2000/Windows Server 2003) The account is enabled for delegation. This is a security-sensitive setting; accounts with this option enabled should be strictly controlled. This setting enables a service running under the account to assume a client identity and authenticate as that user to other remote servers on the network.
LDAP name: memberof
Description: This attribute specifies the distinguished names of the groups to which this object belongs.
LDAP name: useraccountcontrol
Description: Restrict this principal to use only Data Encryption Standard (DES) encryption types for keys.
LDAP name: useraccountcontrol
Description: This is a computer account for a computer that is a member of this domain.
LDAP name: samaccounttype
Description: This attribute contains information about every account type object.
LDAP name: adminDescription
Description: Description displayed on admin screens.
LDAP name: adminDisplayName
Description: Name to be displayed on admin screens.
LDAP name: canonicalName
Description: Name of the object in canonical format, e.g. me.domain.com.
LDAP name: cn
Description: The name that represents an object.
Description: Contains Member from External Domain.
LDAP name: whencreated
Description: The date when this object was created.
LDAP name: isDeleted
Description: If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system.
LDAP name: description
Description: Contains the description to display for an object.
LDAP name: distinguishedname
Description: The LDAP API references an LDAP object by its distinguished name (DN). A DN is a sequence of relative distinguished names (RDN) connected by commas.
Description: All group members.
Description: Direct group members.
Description: Inherited group members.
LDAP name: memberof
Description: This attribute specifies the distinguished names of the groups to which this object belongs.
LDAP name: memberof
Description: This attribute specifies the distinguished names of the groups to which this object belongs.
LDAP name: memberof
Description: This attribute specifies the distinguished names of the groups to which this object belongs.
LDAP name: grouptype
Description: Contains a set of flags that define the type and scope of a group object.
LDAP name: grouptype
Description: Contains a set of flags that define the type and scope of a group object.
LDAP name: memberof
Description: Whether the group is a member of any group except the primary group.
LDAP name: iscriticalsystemobject
Description: If TRUE, the object hosting this attribute must be replicated during installation of a new replica.
LDAP name: lastKnownParent
Description: The Distinguished Name (DN) of the last known parent of an orphaned object.
LDAP name: samaccountname
Description: The username (the logon name used to support clients and servers running earlier versions of the operating system.)
Description: Managed Accounts.
Description: Managed Accounts Count.
LDAP name: manager
Description: Contains the distinguished name of the user who is the user's manager. The manager's user object contains a directReports property that contains references to all user objects that have their manager properties set to this distinguished name.
LDAP name: manager
Description: Contains the distinguished name of the user who is the user's manager. The manager's user object contains a directReports property that contains references to all user objects that have their manager properties set to this distinguished name.
LDAP name: manager
Description: Contains the distinguished name of the user who is the user's manager. The manager's user object contains a directReports property that contains references to all user objects that have their manager properties set to this distinguished name.
LDAP name: whenchanged
Description: The date when this object was last changed. This value is not replicated and exists in the global catalog.
LDAP name: name
Description: Object name.
LDAP name: memberof
Description: Count of direct group membership.
Description: Number Of Members (Direct + Inherited).
Description: Number Of Members (Direct)
LDAP name: objectcategory
Description: An object class name used to group objects of this or derived classes.
LDAP name: objectclass
Description: The list of classes from which this class is derived.
Description: Gets this entry's parent in the Active Directory Domain Services hierarchy. Return parent name if it is a container.
Description: Gets this entry's parent name in the Active Directory Domain Services hierarchy.
Description: Gets this entry's parent in the Active Directory Domain Services hierarchy. Return parent name if it is an organizational unit.
Description: Is object protected from accidental deletion. It is calculated from access control entry (ACE) - deny Delete + DeleteTree. Can take some time to calculate that is why advised to use other filters to narrow down record count.
LDAP name: objectsid
Description: A binary value that specifies the security identifier (SID) of the user. The SID is a unique value used to identify the user as a security principal.
LDAP name: systemflags
Description: An integer value that contains flags that define additional properties of the class.
LDAP name: msExchRequireAuthToSendTo
Description: Require That All Senders Are Authenticated.
LDAP name: altRecipient
Description: An alternative recipient to receive e-mail.
LDAP name: cn
Description: The name that represents an object.
LDAP name: isDeleted
Description: If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system.
LDAP name: displayname
Description: The display name for an object.
LDAP name: distinguishedname
Description: The LDAP API references an LDAP object by its distinguished name (DN). A DN is a sequence of relative distinguished names (RDN) connected by commas.
LDAP name: memberof
Description: This attribute specifies the distinguished names of the groups to which this object belongs.
LDAP name: mail
Description: The list of email addresses for a contact.
LDAP name: mailNickname
Description: Email alias.
LDAP name: proxyAddresses
Description: A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists.
LDAP name: targetaddress
Description: External e-mail addresses.
LDAP name: msExchHideFromAddressLists
Description: Determines if the recipient appears in address lists.
LDAP name: msExchHomeServerName
Description: Microsoft Exchange Home Server Name.
LDAP name: homeMDB
Description: Home mailbox database.
LDAP name: homeMTA
Description: Home MTA.
LDAP name: protocolSettings
Description: IMAP4 is an Internet standard protocol used by e-mail clients to retrieve e-mail messages from a mail server.
LDAP name: lastKnownParent
Description: The Distinguished Name (DN) of the last known parent of an orphaned object.
LDAP name: legacyExchangeDN
Description: Legacy Exchange DN.
LDAP name: protocolSettings
Description: MAPI protocol enables access to a Microsoft Exchange mailbox from MAPI client like Microsoft Outlook.
LDAP name: msExchRecipLimit
Description: Maximum Recipient Limit.
LDAP name: name
Description: Object name.
LDAP name: objectcategory
Description: An object class name used to group objects of this or derived classes.
LDAP name: objectclass
Description: The list of classes from which this class is derived.
Description: Object type like user, group or contact.
LDAP name: protocolSettings
Description: Outlook Web App enables access to a Microsoft Exchange mailbox from a Web browser.
Description: Gets this entry's parent in the Active Directory Domain Services hierarchy. Return parent name if it is a container.
Description: Gets this entry's parent name in the Active Directory Domain Services hierarchy.
Description: Gets this entry's parent in the Active Directory Domain Services hierarchy. Return parent name if it is an organizational unit.
LDAP name: protocolSettings
Description: POP3 is an application-layer Internet standard protocol used by local e-mail clients to retrieve e-mail from a remote server.
Description: Is object protected from accidental deletion. It is calculated from access control entry (ACE) - deny Delete + DeleteTree. Can take some time to calculate that is why advised to use other filters to narrow down record count.
LDAP name: delivContLength
Description: Receiving Maximum Message Size (KB)
LDAP name: submissionContLength
Description: Sending Maximum Message Size (in KB).
LDAP name: mDBUseDefaults
Description: Indicates whether the store should use the default quota, rather than the per-mailbox quota.
LDAP name: homePostalAddress
Description: User's home address.
LDAP name: adminDescription
Description: Description displayed on admin screens.
LDAP name: adminDisplayName
Description: Name to be displayed on admin screens.
LDAP name: canonicalName
Description: Name of the object in canonical format, e.g. me.domain.com.
LDAP name: l
Description: City
LDAP name: cn
Description: The name that represents an object.
LDAP name: company
Description: Contact's company name.
LDAP name: co
Description: The country in which the user is located.
LDAP name: countrycode
Description: Specifies the country/region code for the user's language of choice.
LDAP name: whencreated
Description: The date when this object was created.
LDAP name: isDeleted
Description: If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system.
LDAP name: department
Description: Contains the name of the department in which the user works.
LDAP name: description
Description: Contains the description to display for an object.
LDAP name: displayName
Description: Name displayed in the address book for a particular user. This is usually the combination of the user's first name, middle initial and last name.
LDAP name: distinguishedname
Description: The LDAP API references an LDAP object by its distinguished name (DN). A DN is a sequence of relative distinguished names (RDN) connected by commas.
LDAP name: division
Description: Contact's division
LDAP name: mail
Description: Email address.
LDAP name: employeeID
Description: ID of an employee.
LDAP name: facsimileTelephoneNumber
Description: Fax.
LDAP name: givenname
Description: Contains the given name (first name) of the user.
LDAP name: thumbnailPhoto
Description: Has Thumbnail Photo.
LDAP name: houseIdentifier
Description: Specifies a linguistic construct used to identify a particular building, for example, a house number or house name relative to a street, avenue, town, city, and so on.
LDAP name: initials
Description: Contains the initials for parts of the user's full name. This may be used as the middle initial in the Windows Address Book.
LDAP name: ipPhone
Description: IP phone.
LDAP name: lastKnownParent
Description: The Distinguished Name (DN) of the last known parent of an orphaned object.
LDAP name: sn
Description: This attribute contains the family or last name for a user.
LDAP name: l
Description: Contains the locality, such as the town or city, in the user's address.
Description: Managed Accounts.
Description: Managed Accounts Count.
LDAP name: manager
Description: Contains the distinguished name of the user who is the user's manager. The manager's user object contains a directReports property that contains references to all user objects that have their manager properties set to this distinguished name.
LDAP name: manager
Description: Contains the distinguished name of the user who is the user's manager. The manager's user object contains a directReports property that contains references to all user objects that have their manager properties set to this distinguished name.
LDAP name: manager
Description: Contains the distinguished name of the user who is the user's manager. The manager's user object contains a directReports property that contains references to all user objects that have their manager properties set to this distinguished name.
LDAP name: mobile
Description: Mobile.
LDAP name: whenchanged
Description: The date when this object was last changed. This value is not replicated and exists in the global catalog.
LDAP name: name
Description: Object name.
LDAP name: info
Description: Contact's notes.
LDAP name: objectcategory
Description: An object class name used to group objects of this or derived classes.
LDAP name: objectclass
Description: The list of classes from which this class is derived.
LDAP name: physicalDeliveryOfficeName
Description: Office.
LDAP name: postOfficeBox
Description: P.O.Box
LDAP name: pager
Description: Pager.
Description: Gets this entry's parent in the Active Directory Domain Services hierarchy. Return parent name if it is a container.
Description: Gets this entry's parent name in the Active Directory Domain Services hierarchy.
Description: Gets this entry's parent in the Active Directory Domain Services hierarchy. Return parent name if it is an organizational unit.
LDAP name: homePhone
Description: Contact's main home phone number.
Description: Is object protected from accidental deletion. It is calculated from access control entry (ACE) - deny Delete + DeleteTree. Can take some time to calculate that is why advised to use other filters to narrow down record count.
LDAP name: st
Description: State/Province.
LDAP name: streetAddress
Description: The Street address.
LDAP name: telephoneNumber
Description: Telephone Number.
LDAP name: title
Description: Title.
LDAP name: wWWHomePage
Description: Web Page.
LDAP name: postalCode
Description: Zip/Postal Code.
LDAP name: adminDescription
Description: Description displayed on admin screens.
LDAP name: adminDisplayName
Description: Name to be displayed on admin screens.
LDAP name: printbinnames
Description: A list of printer bin names.
LDAP name: printcolor
Description: TRUE if a printer can print in color.
LDAP name: canonicalName
Description: Name of the object in canonical format, e.g. me.domain.com.
LDAP name: cn
Description: The name that represents an object.
LDAP name: whencreated
Description: The date when this object was created.
LDAP name: isDeleted
Description: If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system.
LDAP name: distinguishedname
Description: The LDAP API references an LDAP object by its distinguished name (DN). A DN is a sequence of relative distinguished names (RDN) connected by commas.
LDAP name: drivername
Description: The device driver name.
LDAP name: driverversion
Description: The version number of the device driver.
LDAP name: printduplexsupported
Description: Indicates the type of duplex support a printer has.
LDAP name: flags
Description: To be used by the object to store bit information.
LDAP name: lastKnownParent
Description: The Distinguished Name (DN) of the last known parent of an orphaned object.
LDAP name: location
Description: Location
LDAP name: printmemory
Description: The amount of memory installed in a printer.
LDAP name: whenchanged
Description: The date when this object was last changed. This value is not replicated and exists in the global catalog.
LDAP name: name
Description: Object name.
LDAP name: printername
Description: The display name of an attached printer.
LDAP name: objectcategory
Description: An object class name used to group objects of this or derived classes.
LDAP name: objectclass
Description: The list of classes from which this class is derived.
Description: Gets this entry's parent in the Active Directory Domain Services hierarchy. Return parent name if it is a container.
Description: Gets this entry's parent name in the Active Directory Domain Services hierarchy.
Description: Gets this entry's parent in the Active Directory Domain Services hierarchy. Return parent name if it is an organizational unit.
LDAP name: portname
Description: List of port names. For example, for printer ports or COM ports.
LDAP name: printcollate
Description: TRUE if a printer has collating bins.
LDAP name: printendtime
Description: The time a print queue stops servicing jobs.
LDAP name: printkeepprintedjobs
Description: TRUE if printed jobs are kept.
LDAP name: printorientationssupported
Description: The page rotation for landscape printing.
LDAP name: printpagesperminute
Description: Driver-supplied print rate in pages per minute.
LDAP name: printrate
Description: Driver-supplied print rate.
LDAP name: printrateunit
Description: Driver-supplied print rate unit.
LDAP name: printspooling
Description: A string that represents the type of printer spooling. Possible values: PrintDirect, PrintWhileSpooling, PrintAfterSpooled.
LDAP name: printstaplingsupported
Description: TRUE if the printer supports stapling. Supplied by the driver.
LDAP name: printstarttime
Description: The time a print queue begins servicing jobs.
LDAP name: priority
Description: Priority
LDAP name: servername
Description: The name of a server.
LDAP name: printsharename
Description: The printer's share name.
LDAP name: shortservername
Description: Pre-Windows 2000 compatible server name for print servers.
LDAP name: uncname
Description: The universal naming convention name for shared volumes and printers.
LDAP name: url
Description: URL
LDAP name: adminDescription
Description: Description displayed on admin screens.
LDAP name: adminDisplayName
Description: Name to be displayed on admin screens.
LDAP name: canonicalName
Description: Name of the object in canonical format, e.g. me.domain.com.
LDAP name: cn
Description: The name that represents an object.
LDAP name: versionnumber
Description: Computer configuration version number.
LDAP name: whencreated
Description: The date when this object was created.
LDAP name: isDeleted
Description: If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system.
LDAP name: displayname
Description: The display name for an object.
LDAP name: distinguishedname
Description: The LDAP API references an LDAP object by its distinguished name (DN). A DN is a sequence of relative distinguished names (RDN) connected by commas.
LDAP name: gpcfunctionalityversion
Description: The version of the Group Policy Editor that created this object.
LDAP name: gpcmachineextensionnames
Description: Used by the Group Policy Object for computer policies.
LDAP name: iscriticalsystemobject
Description: If TRUE, the object hosting this attribute must be replicated during installation of a new replica.
LDAP name: lastKnownParent
Description: The Distinguished Name (DN) of the last known parent of an orphaned object.
LDAP name: distinguishedname
Description: Get all domains that have link to this GPO.
LDAP name: distinguishedname
Description: Get all objects that have link to this GPO.
LDAP name: distinguishedname
Description: Get all organizational units that have link to this GPO.
LDAP name: distinguishedname
Description: Get all sites that have link to this GPO.
LDAP name: whenchanged
Description: The date when this object was last changed. This value is not replicated and exists in the global catalog.
LDAP name: name
Description: Object name.
LDAP name: objectcategory
Description: An object class name used to group objects of this or derived classes.
LDAP name: objectclass
Description: The list of classes from which this class is derived.
Description: Gets this entry's parent in the Active Directory Domain Services hierarchy. Return parent name if it is a container.
Description: Gets this entry's parent name in the Active Directory Domain Services hierarchy.
Description: Gets this entry's parent in the Active Directory Domain Services hierarchy. Return parent name if it is an organizational unit.
LDAP name: showinadvancedviewonly
Description: TRUE if this attribute is to be visible in the Advanced mode of the UI.
LDAP name: flags
Description: Stores the state of the GPO.
LDAP name: systemflags
Description: An integer value that contains flags that define additional properties of the class.
LDAP name: gpcfilesyspath
Description: This attribute specifies the Universal Naming Convention (UNC) path to the Group Policy Object template located in the system volume (SYSVOL).
LDAP name: versionnumber
Description: User configuration version number.
LDAP name: adminDescription
Description: Description displayed on admin screens.
LDAP name: adminDisplayName
Description: Name to be displayed on admin screens.
LDAP name: canonicalName
Description: Name of the object in canonical format, e.g. me.domain.com.
Description: Child Object Count.
Description: Child Object Count (Computer).
Description: Child Object Count (Group).
Description: Child Object Count (User).
LDAP name: whencreated
Description: The date when this object was created.
LDAP name: isDeleted
Description: If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system.
LDAP name: description
Description: Contains the description to display for an object.
LDAP name: distinguishedname
Description: The LDAP API references an LDAP object by its distinguished name (DN). A DN is a sequence of relative distinguished names (RDN) connected by commas.
LDAP name: gPLink
Description: Is there any Group Policy options linked to this object.
LDAP name: iscriticalsystemobject
Description: If TRUE, the object hosting this attribute must be replicated during installation of a new replica.
LDAP name: lastKnownParent
Description: The Distinguished Name (DN) of the last known parent of an orphaned object.
LDAP name: gPLink
Description: A sorted list of Group Policy options. Each option is a DWORD. Use of the UNICODE string is a convenience.
LDAP name: manager
Description: The distinguished name of the user that is assigned to manage this object.
LDAP name: manager
Description: The distinguished name of the user that is assigned to manage this object.
LDAP name: manager
Description: The distinguished name of the user that is assigned to manage this object.
LDAP name: whenchanged
Description: The date when this object was last changed. This value is not replicated and exists in the global catalog.
LDAP name: name
Description: Object name.
LDAP name: objectcategory
Description: An object class name used to group objects of this or derived classes.
LDAP name: objectclass
Description: The list of classes from which this class is derived.
LDAP name: ou
Description: The name of the organizational unit.
Description: Gets this entry's parent in the Active Directory Domain Services hierarchy. Return parent name if it is a container.
Description: Gets this entry's parent name in the Active Directory Domain Services hierarchy.
Description: Gets this entry's parent in the Active Directory Domain Services hierarchy. Return parent name if it is an organizational unit.
Description: Is object protected from accidental deletion. It is calculated from access control entry (ACE) - deny Delete + DeleteTree. Can take some time to calculate that is why advised to use other filters to narrow down record count.
LDAP name: showinadvancedviewonly
Description: TRUE if this attribute is to be visible in the Advanced mode of the UI.
LDAP name: systemflags
Description: An integer value that contains flags that define additional properties of the class.