JDBC Driver for Microsoft Active Directory

Build 22.0.8462

DomainDNS

Windows NT domain with DNS-based (DC=) naming.

Columns

Name Type ReadOnly References DataFormat Description
Id [KEY] String True

Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow.

DN String True

The full distinguished name.

RDN String False

The relative distinguished name.

BaseDN String True

The base distinguished name.

CACertificate String False DelimitedData

Certificates of trusted Certification Authorities.

Dc String False DelimitedData

The naming attribute for Domain and DNS objects. Usually displayed as dc=DomainName.

InstanceType String False DelimitedData

A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync.

NTSecurityDescriptor String False DelimitedData

The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object.

ObjectCategory String False DelimitedData

An object class name used to group objects of this or derived classes.

ObjectClass String False DelimitedData

The list of classes from which this class is derived.

AdminDescription String False DelimitedData

The description displayed on admin screens.

AdminDisplayName String False DelimitedData

The name to be displayed on admin screens.

AllowedAttributes String False DelimitedData

Attributes that will be permitted to be assigned to a class.

AllowedAttributesEffective String False DelimitedData

A list of attributes that can be modified on the object.

AllowedChildClasses String False DelimitedData

Classes that can be contained by a class.

AllowedChildClassesEffective String False DelimitedData

A list of classes that can be modified.

AuditingPolicy String False DelimitedData

Auditing policy for the local policy.

BridgeheadServerListBL String False DelimitedData

The list of servers that are bridgeheads for replication.

BuiltinCreationTime String False DelimitedData

The Builtin-Creation-Time attribute is used to support replication to Windows NT 4.0 domains.

BuiltinModifiedCount String False DelimitedData

The Builtin-Modified-Count attribute is used to support replication to Windows NT 4.0 domains.

CanonicalName String False DelimitedData

The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...).

Cn String False DelimitedData

The name that represents an object. Used to perform searches.

ControlAccessRights String False DelimitedData

Used by DS Security to determine which users can perform specific operations on the host object.

CreateTimeStamp String False DelimitedData

The date when this object was created. This value is replicated.

CreationTime String False DelimitedData

The date and time that the object was created.

DefaultLocalPolicyObject String False DelimitedData

A reference to a Policy object that defines the local policy for the host object.

Description String False DelimitedData

Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks.

DesktopProfile String False DelimitedData

The location of the desktop profile for a user or group of users. Not used.

DisplayName String False DelimitedData

The display name for an object. This is usually the combination of the users first name, middle initial, and last name.

DisplayNamePrintable String False DelimitedData

The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name.

DomainPolicyObject String False DelimitedData

Reference to the policy object that defines the Local Security Authority policy for the host domain.

DSASignature String False DelimitedData

The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object.

DSCorePropagationData String False DelimitedData

The DS-Core-Propagation-Data attribute is for internal use only.

EFSPolicy String False DelimitedData

The Encrypting File System Policy.

ExtensionName String False DelimitedData

The name of a property page used to extend the UI of a directory object.

Flags String False DelimitedData

To be used by the object to store bit information.

FromEntry String False DelimitedData

This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance.

FrsComputerReferenceBL String False DelimitedData

Reference to replica sets to which this computer belongs.

FRSMemberReferenceBL String False DelimitedData

Reference to subscriber objects for this member.

FSMORoleOwner String False DelimitedData

Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified.

GPLink String False DelimitedData

A sorted list of Group Policy options. Each option is a DWORD. Use of the UNICODE string is a convenience.

GPOptions String False DelimitedData

Options that affect all group policies associated with the object hosting this property.

IsCriticalSystemObject String False DelimitedData

If TRUE, the object hosting this attribute must be replicated during installation of a new replica.

IsDeleted String False DelimitedData

If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system.

MemberOf String False DelimitedData

The distinguished name of the groups to which this object belongs.

IsPrivilegeHolder String False DelimitedData

Backward link to privileges held by a given principal.

LastKnownParent String False DelimitedData

The Distinguished Name (DN) of the last known parent of an orphaned object.

LockoutDuration String False DelimitedData

The amount of time that an account is locked due to the Lockout-Threshold being exceeded. This value is stored as a large integer that represents the negative of the number of 100-nanosecond intervals from the time the Lockout-Threshold is exceeded that must elapse before the account is unlocked.

LockOutObservationWindow String False DelimitedData

The range of time, in 100-nanosecond intervals, in which the system increments the incorrect logon count.

LockoutThreshold String False DelimitedData

The number of invalid logon attempts that are permitted before the account is locked out.

LSACreationTime String False DelimitedData

The LSA-Creation-Time attribute is used to support replication to Windows NT 4.0 domains.

LSAModifiedCount String False DelimitedData

The LSA-Modified-Count attribute is used to support replication to Windows NT 4.0 domains.

ManagedBy String False DelimitedData

The distinguished name of the user that is assigned to manage this object.

ManagedObjects String False DelimitedData

Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object.

MasteredBy String False DelimitedData

Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects.

MaxPwdAge String False DelimitedData

The maximum amount of time, in 100-nanosecond intervals, a password is valid. This value is stored as a large integer that represents the number of 100-nanosecond intervals from the time the password was set before the password expires.

MinPwdAge String False DelimitedData

The minimum amount of time, in 100-nanosecond intervals, that a password is valid.

MinPwdLength String False DelimitedData

The minimum number of characters that a password must contain.

ModifiedCountAtLastProm String False DelimitedData

The Net Logon Change Log serial number at last promotion.

ModifyTimeStamp String False DelimitedData

A computed attribute that represents the date when this object was last changed. This value is not replicated.

MS-DS-ConsistencyChildCount String False DelimitedData

This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects.

MS-DS-ConsistencyGuid String False DelimitedData

This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs.

Ms-DS-MachineAccountQuota String False DelimitedData

The number of computer accounts that a user is allowed to create in a domain.

NETBIOSName String False DelimitedData

The name of the object to be used over NetBIOS.

NetbootSCPBL String False DelimitedData

A list of service connection points that reference this NetBoot server.

NextRid String False DelimitedData

The Next Rid field used by the mixed mode allocator.

NonSecurityMemberBL String False DelimitedData

List of nonsecurity-members for an Exchange distribution list.

NTMixedDomain String False DelimitedData

Indicates that the domain is in native mode or mixed mode. This attribute is found in the domainDNS (head) object for the domain.

DistinguishedName String False DelimitedData

Same as the Distinguished Name for an object. Used by Exchange.

ObjectGUID String False DelimitedData

The unique identifier for an object.

ObjectVersion String False DelimitedData

This can be used to store a version number for the object.

OtherWellKnownObjects String False DelimitedData

Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name.

PartialAttributeDeletionList String False DelimitedData

Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs.

PartialAttributeSet String False DelimitedData

Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC.

PekKeyChangeInterval String False DelimitedData

Password encryption key change interval.

PekList String False DelimitedData

List of password encryption keys.

PossibleInferiors String False DelimitedData

The list of objects that this object can contain.

PrivateKey String False DelimitedData

An encrypted private key.

ProxiedObjectName String False DelimitedData

This attribute is used internally by Active Directory to help track interdomain moves.

ProxyAddresses String False DelimitedData

A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists.

PwdHistoryLength String False DelimitedData

The number of old passwords to save.

PwdProperties String False DelimitedData

Password Properties. Part of Domain Policy. A bitfield to indicate complexity and storage restrictions.

QueryPolicyBL String False DelimitedData

List of all objects holding references to a given Query-Policy.

Name String False DelimitedData

The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object.

ReplicaSource String False DelimitedData

This attribute contains the GUID of a replication source.

ReplPropertyMetaData String False DelimitedData

Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects.

ReplUpToDateVector String False DelimitedData

Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects.

DirectReports String False DelimitedData

Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user.

RepsFrom String False DelimitedData

Lists the servers from which the directory will accept changes for the defined naming context.

RepsTo String False DelimitedData

Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context.

Revision String False DelimitedData

The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects.

RIDManagerReference String False DelimitedData

The Distinguished Name for the RID Manager of an object.

SDRightsEffective String False DelimitedData

This constructed attribute returns a single DWORD value that can have up to three bits set:

ServerReferenceBL String False DelimitedData

Found in the domain naming context. The distinguished name of a computer under the sites folder.

ShowInAdvancedViewOnly String False DelimitedData

TRUE if this attribute is to be visible in the Advanced mode of the UI.

SiteObjectBL String False DelimitedData

The list of distinguished names for subnets that belong to this site.

SubRefs String False DelimitedData

List of subordinate references of a Naming Context.

SubSchemaSubEntry String False DelimitedData

The distinguished name for the location of the subschema object where a class or attribute is defined.

SystemFlags String False DelimitedData

An integer value that contains flags that define additional properties of the class. See Remarks.

TreeName String False DelimitedData

DNS name of the domain at the root of a tree.

USNChanged String False DelimitedData

The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created.

USNCreated String False DelimitedData

The update sequence number (USN) assigned at object creation. See also, USN-Changed.

USNDSALastObjRemoved String False DelimitedData

Contains the update sequence number (USN) for the last system object that was removed from a server.

USNIntersite String False DelimitedData

The update sequence number (USN) for inter-site replication.

USNLastObjRem String False DelimitedData

Contains the update sequence number (USN) for the last non-system object that was removed from a server.

USNSource String False DelimitedData

Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server.

WbemPath String False DelimitedData

References to objects in other ADSI namespaces.

WellKnownObjects String False DelimitedData

This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h):

WhenChanged String False DelimitedData

The date when this object was last changed. This value is not replicated and exists in the global catalog.

WhenCreated String False DelimitedData

The date when this object was created. This value is replicated and is in the global catalog.

WWWHomePage String False DelimitedData

A web page that is the primary landing page of a website.

Url String False DelimitedData

A list of alternate webpages.

Pseudo-Columns

Pseudo column fields are used in the WHERE clause of SELECT statements and offer a more granular control over the tuples that are returned from the data source.

Name Type Description
Filter String

Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause.

Copyright (c) 2023 CData Software, Inc. - All rights reserved.
Build 22.0.8462