CData Sync App は、Microsoft Active Directory データをデータベース、データレイク、またはデータウェアハウスに継続的にパイプライン化する簡単な方法を提供し、分析、レポート、AI、および機械学習で簡単に利用できるようにします。
Microsoft Active Directory コネクタはCData Sync アプリケーションから使用可能で、Microsoft Active Directory からデータを取得して、サポートされている任意の同期先に移動できます。
Sync App アプリケーションの接続 ページに移動し、接続の追加 パネルで対応するアイコンを選択して、Microsoft Active Directory への接続を作成します。Microsoft Active Directory アイコンが利用できない場合は、Add More アイコンをクリックしてCData サイトからMicrosoft Active Directory コネクタをダウンロードおよびインストールします。
必須プロパティは[設定]タブにリストされています。[Advanced]タブには、通常は必要ない接続プロパティが表示されます。
基本接続には、Server およびPort を設定します。さらに、次のように接続を微調整できます。
リクエストを認証するには、 User およびPassword プロパティを有効なMicrosoft Active Directory クレデンシャル(例:User をDomain\\BobF またはcn=Bob F,ou=Employees,dc=Domain)に設定します。
Sync App は、デフォルトでプレーンテキスト認証を使用します。これは、Sync App がサーバーとTLS/SSL のネゴシエーションを試みるためです。 AuthMechanism を使って別の認証方法を指定できます。
TLS/SSL コンフィギュレーションについて詳しくは、SSL の設定 を参照してください。
次のプロパティは、返されるデータのスコープを制御します。
Sync App は、Microsoft Active Directory エンティティから最も頻繁に必要とされるカラムを表示します。ただし、その他のデータを使用する必要がある場合は、テーブルを簡単に変更できます。テーブルは、シンプルな形式のスキーマファイルで定義されます。
デフォルトのスキーマを拡張する方法や独自のスキーマを記述する方法については、Active Directory テーブルとの連携 を参照してください。 カスタムスキーマを使用するには、Location プロパティをスキーマファイルを有するフォルダに設定します。
Active Directory オブジェクトクラスへのテーブルスキーマのマッピングを定義する。
このセクションでは、Person.rsd ファイルを使ってCData Sync App において希望するオブジェクトクラスの新テーブルを作成する方法を説明します。Person.rsd は、Sync App のインストールフォルダのdb サブフォルダに格納されています。
カスタムスキーマを使用するには、Location プロパティをスキーマファイルを有するフォルダに設定します。スキーマを.rsd ファイルで定義する。
新しいテーブルを、そのテーブルが表すオブジェクトクラスと同じ名前に定義することは大切です。これにより、Sync App はActive Directory サーバーをクエリする際に、ターゲットのオブジェクトクラスのみを検索します。
rsb:info エレメントでテーブル名を定義する。次の例では、Person.rsd のテーブル名およびカラムの定義について説明します:
<rsb:script xmlns:rsb="http://www.rssbus.com/ns/rsbscript/2"> <rsb:info title="Person" description="Create, update, delete, and query person entries in Active Directory."> <!-- Required Columns --> <attr name="Id" xs:type="string" readonly="true" key="true" desc="The index of the row, when 'splitDataByRow' is set for a column, combined with the full distinguished name." /> ...
まず、オブジェクトクラスに関係なく、すべてのテーブルに含まれるカラムがあります:
<!-- Required Columns --> <attr name="Id" xs:type="string" readonly="true" key="true" desc="The index of the row, when 'splitDataByRow' is set for a column, combined with the full distinguished name." /> <attr name="DN" xs:type="string" readonly="true" required="false" other:ldaptype="OID" desc="The full distinguished name." /> <attr name="RDN" xs:type="string" readonly="true" required="false" other:ldaptype="Directory String" desc="The relative distinguished name."/> <attr name="BaseDN" xs:type="string" readonly="true" required="false" other:ldaptype="OID" desc="The base distinguished name." />
必須カラムに加えて、希望するオブジェクトクラスからのアトリビュートが指定される必要があります。追加で、データがテーブルからどのように返されるかを規定するdataFormat を指定する必要があります。次に例を示します。
<!-- Person Required Attributes --> <attr name="ObjectClass" other:dataFormat="splitDataByRow" xs:type="string" readonly="false" required="false" other:ldaptype="OID" desc="The object class of the entry."/> <attr name="SN" other:dataFormat="delimitedData" xs:type="string" readonly="false" required="false" other:ldaptype="Directory String" desc="The required attribute SN for the user object class."/> <attr name="CN" other:dataFormat="delimitedData" xs:type="string" readonly="false" required="false" other:ldaptype="Directory String" desc="The required attribute CN for the user object class."/> <!-- Person Optional Attributes --> <attr name="UserPassword" other:dataFormat="delimitedData" xs:type="string" readonly="false" required="false" other:ldaptype="Binary" desc="The optional attribute UserPassword for the user object class."/> <attr name="TelephoneNumber" other:dataFormat="delimitedData" xs:type="string" readonly="false" required="false" other:ldaptype="Directory String" desc="The optional attribute TelephoneNumber for the user object class."/> <attr name="SeeAlso" other:dataFormat="delimitedData" xs:type="string" readonly="false" required="false" other:ldaptype="DN" desc="The optional attribute SeeAlso for the user object class."/> <attr name="Description_1" other:dataFormat="splitDataByCol" xs:type="string" readonly="false" required="false" other:ldaptype="Directory String" desc="The optional attribute Description for the user object class."/> <attr name="Description_2" other:dataFormat="splitDataByCol" xs:type="string" readonly="false" required="false" other:ldaptype="Directory String" desc="The optional attribute Description for the user object class."/> <attr name="Description_3" other:dataFormat="splitDataByCol" xs:type="string" readonly="false" required="false" other:ldaptype="Directory String" desc="The optional attribute Description for the user object class."/>
The other: dataFormat には3つのオプションがあります:
delimitedData | Table Setting にて定義された"区切り" により区切られた文字列として、複数のアトリビュートを返します。(デフォルトはセミコロンです。) |
splitDataByRow | 同じDN に対する複数のアトリビュート値は、別々の行として扱われます。他のすべてのカラムはそのままプッシュされ、Id のインデックスは増分されます。(このように複数のカラムをプッシュすることは、結果セットを大きくしてパフォーマンスの問題を引き起こす可能性があります。) |
splitDataByCol | 同じDN に対する複数のアトリビュート値は、カラム名の付属インデックスとともにプッシュされます。複数のカラムを定義して終わりに"_n" を付ける必要があります。例えば、ObjectClass_1、ObjectClass_2、ObjectClass_3 のようにします。このサンプルでは、3つを超える値がある場合、カラムが追加されない限り、テーブルでは残りの値は表示されません。 |
例えば、次のコードはObjectClass アトリビュートの異なる値をそれぞれの行に分割して、Description をそれぞれのカラムにします。カラム定義には、Description アトリビュートの複数のカラムが含まれることに注意してください。<attr> に対する、other dataFormat アトリビュートにも注意してください。
... <attr name="ObjectClass" other:dataFormat="delimitedData" xs:type="string" readonly="false" required="false" other:ldaptype="OID" desc="The object class of the entry."/> <attr name="SN" other:dataFormat="delimitedData" xs:type="string" readonly="false" required="false" other:ldaptype="Directory String" desc="The surname of the person."/> <attr name="CN" other:dataFormat="delimitedData" xs:type="string" readonly="false" required="false" other:ldaptype="Directory String" desc="The common name of the person."/> <attr name="UserPassword" other:dataFormat="delimitedData" xs:type="string" readonly="false" required="false" other:ldaptype="Binary" desc="The user password of the person."/> <attr name="TelephoneNumber" other:dataFormat="delimitedData" xs:type="string" readonly="false" required="false" other:ldaptype="Directory String" desc="The telephone number of the person."/> <attr name="SeeAlso" other:dataFormat="delimitedData" xs:type="string" readonly="false" required="false" other:ldaptype="DN" desc="The see-also distinguished name of the person."/> <attr name="Description_1" other:dataFormat="delimitedData" xs:type="string" readonly="false" required="false" other:ldaptype="Directory String" desc="The description of the person."/> <attr name="Description_2" other:dataFormat="delimitedData" xs:type="string" readonly="false" required="false" other:ldaptype="Directory String" desc="The description of the person."/> <attr name="Description_3" other:dataFormat="delimitedData" xs:type="string" readonly="false" required="false" other:ldaptype="Directory String" desc="The description of the person."/> </rsb:info> <!-- Table Settings --> <rsb:set attr="delimiter" value=";"/> ...サンプルの結果はこのようになります:
Id | DN | ObjectClass | SN | CN | UserPassword | TelephoneNumber | SeeAlso | Description_1 | Description_2 | Description_3 |
1|CN=User1,DC=Test | CN=User1,DC=Test | Top | TestSN | User1 | 555-5555 | A;B;C | Desc1 | Desc2 | Desc3 | |
2|CN=User1,DC=Test | CN=User1,DC=Test | User | TestSN | User1 | 555-5555 | A;B;C | Desc1 | Desc2 | Desc3 |
インプットのデータ形式に加え、エンコードも指定が可能です。現在、UTF8 エンコード、もしくはBASE64 エンコードでのデータの戻りがサポートされています。特定のエンコードでデータを取得したい場合には、'other:encoding' フィールドを、使いたいエンコードのアトリビュートに指定する必要があります。エンコードの指定がない場合、UTF8 がデフォルトです。
アトリビュートのエンコード指定の例:
... <attr name="ObjectClass" other:dataFormat="delimitedData" other:encoding="UTF8" xs:type="string" readonly="false" required="false" other:ldaptype="OID" desc="The object class of the entry."/> <attr name="SN" other:dataFormat="delimitedData" other:encoding="BASE64" xs:type="string" readonly="false" required="false" other:ldaptype="Directory String" desc="The surname of the person."/> ...
区切り記号(Delimiter)は、区切りデータで使われる文字です。区切りデータは、一つのオブジェクトに複数回出現するアトリビュートすべてにおいて返されます(他のdataFormat に指定されている場合を除いて)。
例えば、下のコードは';' 記号を使って、アトリビュートの複数の値をコンカテネイトします。
... </rsb:info> <!-- Table Settings --> <rsb:set attr="delimiter" value=";"/> ...
<!-- Operation definitions -->
<rsb:script method="GET">
<rsb:set attr="action" value="Get" />
<rsb:call op="ldapadoLDAP" >
<rsb:push />
</rsb:call>
</rsb:script>
<rsb:script method="POST">
<rsb:set attr="action" value="Post" />
<rsb:call op="ldapadoLDAP" >
<rsb:push item="toout"/>
</rsb:call>
</rsb:script>
<rsb:script method="MERGE">
<rsb:set attr="action" value="Merge" />
<rsb:call op="ldapadoLDAP" >
<rsb:push />
</rsb:call>
</rsb:script>
<rsb:script method="DELETE">
<rsb:set attr="action" value="Delete" />
<rsb:call op="ldapadoLDAP" >
<rsb:push />
</rsb:call>
</rsb:script>
このセクションでは、Microsoft Active Directory Sync App の高度な機能を厳選して説明します。
Sync App を使用すると、事前設定されたクエリによって内容が決定されるユーザー定義ビューと呼ばれる仮想テーブルを定義できます。 このビューは、ドライバーに発行されるクエリを直接制御できない場合に有効です。 カスタムビューの作成と設定の概要については、ユーザー定義ビュー を参照してください。
SSL の設定 を使用して、Sync App が証明書のネゴシエーションをどのように扱うかを調整します。さまざまな証明書形式を選択できます。 詳しくは、接続文字列オプションにあるSSLServerCert プロパティを参照してください。
Windows プロキシを含むファイアウォールとプロキシ に合致するようSync App を設定します。トンネル接続を設定することもできます。
Sync App は、Microsoft Active Directory にできるだけ多くのSELECT ステートメント処理をオフロードし、残りのクエリをクライアント側のインメモリで処理します。
詳しくはクエリ処理 を参照してください。
CData ログを調整するために使用可能な設定の概要については、ログ を参照してください。基本的なロギングでは、 次の2つの接続プロパティを設定するだけです。LogModules 接続プロパティを使用してログに記録する情報のサブセットを選択できる、 より洗練されたロギングをサポートする多数の機能があります。
デフォルトでは、Sync App はサーバーの証明書をシステムの信頼できる証明書ストアと照合してSSL / TLS のネゴシエーションを試みます。
別の証明書を指定するには、利用可能なフォーマットについてSSLServerCert プロパティを参照してください。
次のプロパティを設定します。
CData Sync App は、Microsoft Active Directory エンティティをリレーショナルテーブルおよびストアドプロシージャにモデル化します。
付属のテーブル は、多くの標準のActive Directory オブジェクトクラスをカバーしています。スキーマを簡単に拡張して、Active Directory クラスにさらに密接にマッピングできます。スキーマはシンプルなコンフィギュレーションファイルで定義されます。
カスタムテーブルおよびカスタムスキーマを使用するには、Location プロパティをスキーマファイルを有するフォルダに設定します。Sync App 付属のスキーマは、インストールディレクトリのdb サブフォルダにあります。
テーブルスキーマをカスタマイズする方法については、Active Directory テーブルとの連携 を参照してください。
Sync App はMicrosoft Active Directory のデータを、標準のSQL ステートメントを使用してクエリできるテーブルのリストにモデル化します。
一般的には、Microsoft Active Directory テーブルのクエリは、リレーショナルデータベースのテーブルのクエリと同じです。時には特別なケースもあります。例えば、テーブルの特定のカラムデータを取得するために特定のカラムをWHERE 句に含める必要がある場合などです。これは通常、特定のカラムを取得するために行ごとに個別のリクエストを行う必要がある場合に必要です。これらの特別な状況は、以下にリンクされているテーブルページの上部に明確に文書化されています。
Name | Description |
Account | The account object class is used to define entries that represent computer accounts. |
ApplicationEntity | X.500 base class for applications: Directory Service only uses subclass MSFT-DSA. |
ApplicationProcess | X.500 base class for applications: Exchange only uses subclass DSA-Application. |
ApplicationSettings | Base class for server-specific application settings. |
ApplicationSiteSettings | Contains all site-specific settings. |
ApplicationVersion | Can be used by application developers to store version information about their application or its schema. |
BuiltinDomain | The container that holds the default groups for a domain. |
CertificationAuthority | Represents a process that issues public key certificates, for example, a Certificate Server. |
Computer | This class represents a computer account in the domain. |
Contact | This class contains information about a person or company that you may need to contact on a regular basis. |
CRLDistributionPoint | The object holding Certificate, Authority, and Delta Revocation lists. |
DHCPClass | Represents a DHCP Server (or set of servers). |
DnsNode | Holds the DNS resource records for a single host. |
DnsZone | The container for DNS Nodes. Holds zone metadata. |
Domain | Contains information about a domain. |
DomainDNS | Windows NT domain with DNS-based (DC=) naming. |
DomainPolicy | Defines the local security authority policy for one or more domains. |
DomainRelatedObject | The domainRelatedObject object class is used to define an entry that represents a series of documents. |
ForeignSecurityPrincipal | The Security Principal from an external source. |
Group | Stores a list of user names. Used to apply security principals on resources. |
GroupOfNames | Used to define entries that represent an unordered set of names that represent individual objects or other groups of names. |
GroupOfUniqueNames | Defines the entries for a group of unique names. In general, used to store account objects. |
GroupPolicyContainer | This represents the Group Policy Object. It is used to define group polices. |
IpHost | Represents an abstraction of a host or other IP device. |
IpNetwork | Represents an abstraction of a network. The distinguished name value of the Common-Name attribute denotes the canonical name of the network. |
Organization | Stores information about a company or organization. |
OrganizationalPerson | This class is used for objects that contain organizational information about a user, such as the employee number, department, manager, title, office address, and so on. |
OrganizationalRole | This class is used for objects that contain information that pertains to a position or role within an organization, such as a system administrator, manager, and so on. It can also be used for a nonhuman identity in an organization. |
OrganizationalUnit | A container for storing users, computers, and other account objects. |
Person | Contains personal information about a user. |
PosixAccount | Represents an abstraction of an account with Portable Operating System Interface (POSIX) attributes. |
PosixGroup | Represents an abstraction of a group of accounts. |
PrintQueue | Contains information about a print queue. |
SecurityObject | This is an auxiliary class that is used to identify security principals. |
SecurityPrincipal | Contains the security information for an object. |
Server | This class represents a server computer in a site. |
Site | A container for storing server objects. Represents a physical location that contains computers. Used to manage replication. |
Top | The top level class from which all classes are derived. |
TrustedDomain | An object that represents a domain trusted by (or trusting) the local domain. |
User | This class is used to store information about an employee or contractor who works for an organization. It is also possible to apply this class to long term visitors. |
The account object class is used to define entries that represent computer accounts.
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
Host | String | False | DelimitedData |
Specifies a host computer. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
L | String | False | DelimitedData |
Represents the name of a locality, such as a town or city. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MsCOM-PartitionSetLink | String | False | DelimitedData |
A link used to associate a COM+ Partition with a COM+ PartitionSet object. | |
MsCOM-UserLink | String | False | DelimitedData |
A link used to associate a COM+ PartitionSet with a User object. | |
MsDS-Approx-Immed-Subordinates | String | False | DelimitedData |
The value returned by this attribute is based on index sizes. This may be off by +/-10% on large containers, and the error is theoretically unbounded, but using this attribute helps the UI display the contents of a container. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
MsDs-masteredBy | String | False | DelimitedData |
Backward link for msDS-hasMasterNCs. | |
MsDS-MembersForAzRoleBL | String | False | DelimitedData |
Backward link from member application group or user to Az-Role objects linking to it. | |
MsDS-NCReplCursors | String | False | DelimitedData |
A list of past and present replication partners, and how current we are with each of them. | |
MsDS-NCReplInboundNeighbors | String | False | DelimitedData |
Replication partners for this partition. This server obtains replication data from these other servers, which act as sources. | |
MsDS-NCReplOutboundNeighbors | String | False | DelimitedData |
Replication partners for this partition. This server sends replication data to these other servers, which act as destinations. This server will notify these other servers when new data is available. | |
MsDS-NonMembersBL | String | False | DelimitedData |
Backward link from non-member group or user to Az groups that link to it (same functionality as Non-Security-Member-BL). | |
MsDS-ObjectReferenceBL | String | False | DelimitedData |
Backward link for ms-DS-Object-Reference. | |
MsDS-OperationsForAzRoleBL | String | False | DelimitedData |
Backward link from Az-Operation to Az-Role objects that link to it. | |
MsDS-OperationsForAzTaskBL | String | False | DelimitedData |
Backward link from Az-Operation to Az-Task objects that link to it. | |
MsDS-ReplAttributeMetaData | String | False | DelimitedData |
A list of metadata for each replicated attribute. The metadata indicates who changed the attribute last. | |
MsDS-ReplValueMetaData | String | False | DelimitedData |
A list of metadata for each value of an attribute. The metadata indicates who changed the value last. | |
MsDS-TasksForAzRoleBL | String | False | DelimitedData |
Backward link from Az-Task to Az-Role objects that link to it. | |
MsDS-TasksForAzTaskBL | String | False | DelimitedData |
Backward link from Az-Task to the Az-Task objects that link to it. | |
OwnerBL | String | False | DelimitedData |
The backward link to the owner attribute. Contains a list of owners for an object. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
Ou | String | False | DelimitedData |
The name of the organizational unit. | |
O | String | False | DelimitedData |
The name of the company or organization. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
SeeAlso | String | False | DelimitedData |
List of distinguished names that are related to an object. | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
StructuralObjectClass | String | False | DelimitedData |
This constructed attribute stores a list of classes contained in a class hierarchy, including abstract classes. This list does contain dynamically linked auxiliary classes. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
Uid | String | False | DelimitedData |
A user ID. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
X.500 base class for applications: Directory Service only uses subclass MSFT-DSA.
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
PresentationAddress | String | False | DelimitedData |
Specifies a presentation address associated with an object that represents an OSI application entity. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
L | String | False | DelimitedData |
Represents the name of a locality, such as a town or city. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
Ou | String | False | DelimitedData |
The name of the organizational unit. | |
O | String | False | DelimitedData |
The name of the company or organization. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
SeeAlso | String | False | DelimitedData |
List of distinguished names that are related to an object. | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SupportedApplicationContext | String | False | DelimitedData |
Specifies the object identifiers of application contexts that an OSI application supports. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
X.500 base class for applications: Exchange only uses subclass DSA-Application.
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
L | String | False | DelimitedData |
Represents the name of a locality, such as a town or city. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
Ou | String | False | DelimitedData |
The name of the organizational unit. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
SeeAlso | String | False | DelimitedData |
List of distinguished names that are related to an object. | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
Base class for server-specific application settings.
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
ApplicationName | String | False | DelimitedData |
The name of the application. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
NotificationList | String | False | DelimitedData |
The Notification-List attribute is not currently used. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
Contains all site-specific settings.
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
ApplicationName | String | False | DelimitedData |
The name of the application. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
NotificationList | String | False | DelimitedData |
The Notification-List attribute is not currently used. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
Can be used by application developers to store version information about their application or its schema.
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
ApplicationName | String | False | DelimitedData |
The name of the application. | |
AppSchemaVersion | String | False | DelimitedData |
This attribute stores the schema version of the class store. It is used to provide correct behavior across schema changes. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
Keywords | String | False | DelimitedData |
A list of keywords that can be used to locate a given connection point. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
ManagedBy | String | False | DelimitedData |
The distinguished name of the user that is assigned to manage this object. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MsCOM-PartitionSetLink | String | False | DelimitedData |
A link used to associate a COM+ Partition with a COM+ PartitionSet object. | |
MsCOM-UserLink | String | False | DelimitedData |
A link used to associate a COM+ PartitionSet with a User object. | |
MsDS-Approx-Immed-Subordinates | String | False | DelimitedData |
The value returned by this attribute is based on index sizes. This may be off by +/-10% on large containers, and the error is theoretically unbounded, but using this attribute helps the UI display the contents of a container. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
MsDs-masteredBy | String | False | DelimitedData |
Backward link for msDS-hasMasterNCs. | |
MsDS-MembersForAzRoleBL | String | False | DelimitedData |
Backward link from member application group or user to Az-Role objects linking to it. | |
MsDS-NCReplCursors | String | False | DelimitedData |
A list of past and present replication partners, and how current we are with each of them. | |
MsDS-NCReplInboundNeighbors | String | False | DelimitedData |
Replication partners for this partition. This server obtains replication data from these other servers, which act as sources. | |
MsDS-NCReplOutboundNeighbors | String | False | DelimitedData |
Replication partners for this partition. This server sends replication data to these other servers, which act as destinations. This server will notify these other servers when new data is available. | |
MsDS-NonMembersBL | String | False | DelimitedData |
Backward link from non-member group or user to Az groups that link to it (same functionality as Non-Security-Member-BL). | |
MsDS-ObjectReferenceBL | String | False | DelimitedData |
Backward link for ms-DS-Object-Reference. | |
MsDS-OperationsForAzRoleBL | String | False | DelimitedData |
Backward link from Az-Operation to Az-Role objects that link to it. | |
MsDS-OperationsForAzTaskBL | String | False | DelimitedData |
Backward link from Az-Operation to Az-Task objects that link to it. | |
MsDS-ReplAttributeMetaData | String | False | DelimitedData |
A list of metadata for each replicated attribute. The metadata indicates who changed the attribute last. | |
MsDS-ReplValueMetaData | String | False | DelimitedData |
A list of metadata for each value of an attribute. The metadata indicates who changed the value last. | |
MsDS-Settings | String | False | DelimitedData |
Used to store settings for an object. Its use is solely determined by the object's owner. We recommend using it to store name/value pairs. For example, color=blue. | |
MsDS-TasksForAzRoleBL | String | False | DelimitedData |
Backward link from Az-Task to Az-Role objects that link to it. | |
MsDS-TasksForAzTaskBL | String | False | DelimitedData |
Backward link from Az-Task to the Az-Task objects that link to it. | |
OwnerBL | String | False | DelimitedData |
The backward link to the owner attribute. Contains a list of owners for an object. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
NotificationList | String | False | DelimitedData |
The Notification-List attribute is not currently used. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
Owner | String | False | DelimitedData |
The distinguished name of an object that has ownership of an object. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
StructuralObjectClass | String | False | DelimitedData |
This constructed attribute stores a list of classes contained in a class hierarchy, including abstract classes. This list does contain dynamically linked auxiliary classes. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
Vendor | String | False | DelimitedData |
This attribute identifies the vendor for an application. | |
VersionNumber | String | False | DelimitedData |
A general purpose version number. | |
VersionNumberHi | String | False | DelimitedData |
A general purpose major version number. | |
VersionNumberLo | String | False | DelimitedData |
A general purpose minor version number. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
The container that holds the default groups for a domain.
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
CreationTime | String | False | DelimitedData |
The date and time that the object was created. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DomainReplica | String | False | DelimitedData |
Unicode String Attribute, gives the list of Windows NT 4.0 Replication Domain Controllers. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
ForceLogoff | String | False | DelimitedData |
Used in computing the kick off time in SamIGetAccountRestrictions. Logoff time minus Force Log off equals kick off time. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
LockoutDuration | String | False | DelimitedData |
The amount of time that an account is locked due to the Lockout-Threshold being exceeded. This value is stored as a large integer that represents the negative of the number of 100-nanosecond intervals from the time the Lockout-Threshold is exceeded that must elapse before the account is unlocked. | |
LockOutObservationWindow | String | False | DelimitedData |
The range of time, in 100-nanosecond intervals, in which the system increments the incorrect logon count. | |
LockoutThreshold | String | False | DelimitedData |
The number of invalid logon attempts that are permitted before the account is locked out. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
MaxPwdAge | String | False | DelimitedData |
The maximum amount of time, in 100-nanosecond intervals, a password is valid. This value is stored as a large integer that represents the number of 100-nanosecond intervals from the time the password was set before the password expires. | |
MinPwdAge | String | False | DelimitedData |
The minimum amount of time, in 100-nanosecond intervals, that a password is valid. | |
MinPwdLength | String | False | DelimitedData |
The minimum number of characters that a password must contain. | |
ModifiedCount | String | False | DelimitedData |
Net Logon Change Log serial number. | |
ModifiedCountAtLastProm | String | False | DelimitedData |
The Net Logon Change Log serial number at last promotion. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NextRid | String | False | DelimitedData |
The Next Rid field used by the mixed mode allocator. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectSid | String | False | DelimitedData |
A binary value that specifies the security identifier (SID) of the user. The SID is a unique value used to identify the user as a security principal. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
OEMInformation | String | False | DelimitedData |
For holding OEM information. No longer used. Here for backward compatibility. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
PwdHistoryLength | String | False | DelimitedData |
The number of old passwords to save. | |
PwdProperties | String | False | DelimitedData |
Password Properties. Part of Domain Policy. A bitfield to indicate complexity and storage restrictions. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ServerRole | String | False | DelimitedData |
For compatibility with pre-Windows 2000 Server servers. A computer running Windows NT Server can be a standalone server, a primary domain controller (PDC), or a backup domain controller (BDC). | |
ServerState | String | False | DelimitedData |
Indicates whether the server is enabled or disabled. A value of 1 indicates that the server is enabled. A value of 2 indicates that the server is disabled. All other values are invalid. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
UASCompat | String | False | DelimitedData |
Indicates if the security account manager will enforce data sizes to make Active Directory compatible with the LanManager User Account System (UAS). If this value is 0, no limits are enforced. If this value is 1, the following limits are enforced. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
Represents a process that issues public key certificates, for example, a Certificate Server.
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
AuthorityRevocationList | String | False | DelimitedData |
Cross certificate, Certificate Revocation List. | |
CACertificate | String | False | DelimitedData |
Certificates of trusted Certification Authorities. | |
CertificateRevocationList | String | False | DelimitedData |
Represents a list of certificates that have been revoked. | |
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
CACertificateDN | String | False | DelimitedData |
Full distinguished name from the CA certificate. | |
CAConnect | String | False | DelimitedData |
The connection string for binding to a certification authority. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
CAUsages | String | False | DelimitedData |
List of OID/CSP name concatenations. | |
CAWEBURL | String | False | DelimitedData |
URL for http connection to a certification authority. | |
CertificateTemplates | String | False | DelimitedData |
Contains information for a certificate issued by a Certificate Server. | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
CRLObject | String | False | DelimitedData |
Reference to certificate revocation list object associated with a certification authority. | |
CrossCertificatePair | String | False | DelimitedData |
V3 Cross Certificate. | |
CurrentParentCA | String | False | DelimitedData |
Reference to the certification authorities that issued the current certificates for a certification authority. | |
DeltaRevocationList | String | False | DelimitedData |
List of certificates that have been revoked since the last delta update. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DNSHostName | String | False | DelimitedData |
Name of computer as registered in DNS. | |
DomainID | String | False | DelimitedData |
Reference to a domain that is associated with a certification authority. | |
DomainPolicyObject | String | False | DelimitedData |
Reference to the policy object that defines the Local Security Authority policy for the host domain. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
EnrollmentProviders | String | False | DelimitedData |
PKI - Certificate Templates. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
ParentCA | String | False | DelimitedData |
The distinguished name of a certification authority (CA) object for a parent CA. | |
ParentCACertificateChain | String | False | DelimitedData |
DER-encoded X.509v3 certificate for the parent certification authority. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PendingCACertificates | String | False | DelimitedData |
The certificates that are about to become effective for this certification authority. | |
PendingParentCA | String | False | DelimitedData |
Reference to the certification authorities that issued the pending certificates for this certification authority. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
PreviousCACertificates | String | False | DelimitedData |
Last expired certificate for this certification authority. | |
PreviousParentCA | String | False | DelimitedData |
Reference to the certification authorities that issued the last expired certificate for a certification authority. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
SearchGuide | String | False | DelimitedData |
Specifies information of suggested search criteria, which may be included in some entries that are expected to be a convenient base-object for the search operation, for example, country/region or organization. | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SignatureAlgorithms | String | False | DelimitedData |
This attribute indicates the type of algorithm that must be used to decode a digital signature during the authentication process. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SupportedApplicationContext | String | False | DelimitedData |
Specifies the object identifiers of application contexts that an OSI application supports. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
TeletexTerminalIdentifier | String | False | DelimitedData |
Specifies the Teletex terminal identifier and, optionally, parameters, for a teletex terminal associated with an object. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
This class represents a computer account in the domain.
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
AccountExpires | String | False | DelimitedData |
The date when the account expires. This value represents the number of 100-nanosecond intervals since January 1, 1601 (UTC). A value of 0 or 0x7FFFFFFFFFFFFFFF (9223372036854775807) indicates that the account never expires. | |
ACSPolicyName | String | False | DelimitedData |
String name of an ACS policy that applies to this user. | |
StreetAddress | String | False | DelimitedData |
The user's address. | |
HomePostalAddress | String | False | DelimitedData |
A user's home address. | |
AdminCount | String | False | DelimitedData |
Indicates that a given object has had its ACLs changed to a more secure value by the system because it was a member of one of the administrative groups (directly or transitively). | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
Assistant | String | False | DelimitedData |
The distinguished name of a user's administrative assistant. | |
BadPasswordTime | String | False | DelimitedData |
The last time and date that an attempt to log on to this account was made with a password that is not valid. This value is stored as a large integer that represents the number of 100-nanosecond intervals since January 1, 1601 (UTC). A value of zero means that the last time a incorrect password was used is unknown. | |
BadPwdCount | String | False | DelimitedData |
The number of times the user tried to log on to the account using an incorrect password. A value of 0 indicates that the value is unknown. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Catalogs | String | False | DelimitedData |
The list of catalogs that index storage on a given computer. | |
CodePage | String | False | DelimitedData |
Specifies the code page for the user's language of choice. This value is not used by Windows 2000. | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
Company | String | False | DelimitedData |
The user's company name. | |
ControlAccessRights | String | False | DelimitedData |
Used by DS Security to determine which users can perform specific operations on the host object. | |
CountryCode | String | False | DelimitedData |
Specifies the country/region code for the user's language of choice. This value is not used by Windows 2000. | |
C | String | False | DelimitedData |
The country/region in the address of the user. The country/region is represented as a 2-character code based on ISO-3166. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
DBCSPwd | String | False | DelimitedData |
The account's LAN Manager password. | |
DefaultClassStore | String | False | DelimitedData |
The default Class Store for a given user. | |
DefaultLocalPolicyObject | String | False | DelimitedData |
A reference to a Policy object that defines the local policy for the host object. | |
Department | String | False | DelimitedData |
Contains the name for the department in which the user works. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DesktopProfile | String | False | DelimitedData |
The location of the desktop profile for a user or group of users. Not used. | |
DestinationIndicator | String | False | DelimitedData |
This is part of the X.500 specification and not used by NTDS. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
Division | String | False | DelimitedData |
The user's division. | |
DNSHostName | String | False | DelimitedData |
Name of computer as registered in DNS. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
DynamicLDAPServer | String | False | DelimitedData |
DNS name of server handing dynamic properties for this account. | |
String | False | DelimitedData |
The list of email addresses for a contact. | ||
EmployeeID | String | False | DelimitedData |
The ID of an employee. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
FacsimileTelephoneNumber | String | False | DelimitedData |
Contains telephone number of the user's business fax machine. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
GenerationQualifier | String | False | DelimitedData |
Indicates a person generation. For example, Jr. or II. | |
GivenName | String | False | DelimitedData |
Contains the given name (first name) of the user. | |
GroupMembershipSAM | String | False | DelimitedData |
Windows NT Security. Down level Windows NT support. | |
GroupPriority | String | False | DelimitedData |
The Group-Priority attribute is not currently used. | |
GroupsToIgnore | String | False | DelimitedData |
The Groups-to-Ignore attribute is not currently used. | |
HomeDirectory | String | False | DelimitedData |
The home directory for the account. If homeDrive is set and specifies a drive letter, homeDirectory must be a UNC path. Otherwise, homeDirectory is a fully qualified local path including the drive letter (for example, DriveLetter:\Directory\Folder). This value can be a null string. | |
HomeDrive | String | False | DelimitedData |
Specifies the drive letter to which to map the UNC path specified by homeDirectory. The drive letter must be specified in the form DriveLetter: where DriveLetter is the letter of the drive to map. The DriveLetter must be a single, uppercase letter and the colon (:) is required. | |
Initials | String | False | DelimitedData |
Contains the initials for parts of the user's full name. This may be used as the middle initial in the Windows Address Book. | |
InternationalISDNNumber | String | False | DelimitedData |
Specifies an International ISDN Number associated with an object. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
LastLogoff | String | False | DelimitedData |
This attribute is not used. | |
LastLogon | String | False | DelimitedData |
The last time the user logged on. This value is stored as a large integer that represents the number of 100-nanosecond intervals since January 1, 1601 (UTC). A value of zero means that the last logon time is unknown. | |
LmPwdHistory | String | False | DelimitedData |
The password history of the user in LAN Manager (LM) one-way format (OWF). The LM OWF is used for compatibility with LAN Manager 2.x clients, Windows 95, and Windows 98. | |
LocaleID | String | False | DelimitedData |
This attribute contains a list of locale IDs supported by this application. A locale ID represents a geographic location, such as a country/region, city, county, and so on. | |
L | String | False | DelimitedData |
Represents the name of a locality, such as a town or city. | |
LocalPolicyFlags | String | False | DelimitedData |
Flags that determine where a computer gets its policy. Local-Policy-Reference. | |
Location | String | False | DelimitedData |
The user's location, such as office number. | |
LockoutTime | String | False | DelimitedData |
The date and time (UTC) that this account was locked out. This value is stored as a large integer that represents the number of 100-nanosecond intervals since January 1, 1601 (UTC). A value of zero means that the account is not currently locked out. | |
ThumbnailLogo | String | False | DelimitedData |
BLOB that contains a logo for this object. | |
LogonCount | String | False | DelimitedData |
The number of times the account has successfully logged on. A value of 0 indicates that the value is unknown. | |
LogonHours | String | False | DelimitedData |
The hours that the user is allowed to logon to the domain. | |
LogonWorkstation | String | False | DelimitedData |
This attribute is not used. See the User-Workstations attribute. | |
MachineRole | String | False | DelimitedData |
Role for a machine: DC, Server, or Workstation. | |
ManagedBy | String | False | DelimitedData |
The distinguished name of the user that is assigned to manage this object. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
Manager | String | False | DelimitedData |
Contains the distinguished name of the user who is the user's manager. The manager's user object contains a directReports property that contains references to all user objects that have their manager properties set to this distinguished name. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
MaxStorage | String | False | DelimitedData |
The maximum amount of disk space the user can use. Use the value specified in USER_MAXSTORAGE_UNLIMITED to use all available disk space. | |
MhsORAddress | String | False | DelimitedData |
X.400 address. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
MS-DS-CreatorSID | String | False | DelimitedData |
The security ID of the creator of the object that contains this attribute. | |
MSMQDigests | String | False | DelimitedData |
An array of digests of the corresponding certificates in attribute mSMQ-Sign-Certificates. They are used for mapping a digest into a certificate. | |
MSMQDigestsMig | String | False | DelimitedData |
In MSMQ mixed-mode, contains the previous value of mSMQDigests. | |
MSMQSignCertificates | String | False | DelimitedData |
This attribute contains a number of certificates. A user can generate a certificate per computer. For each certificate we also keep a digest. | |
MSMQSignCertificatesMig | String | False | DelimitedData |
In MSMQ mixed-mode, the attribute contains the previous value of mSMQSignCertificates. MSMQ supports migration from the MSMQ 1.0 DS to the Windows 2000 DS, and mixed mode specifies a state in which some of the DS severs were not upgraded to Windows 2000. | |
MsNPAllowDialin | String | False | DelimitedData |
Indicates whether the account has permission to dial in to the RAS server. Do not modify this value directly. Use the appropriate RAS administration function to modify this value. | |
MsNPCallingStationID | String | False | DelimitedData |
The msNPCallingStationID attribute is used internally. Do not modify this value directly. | |
MsNPSavedCallingStationID | String | False | DelimitedData |
The msNPSavedCallingStationID attribute is used internally. Do not modify this value directly. | |
MsRADIUSCallbackNumber | String | False | DelimitedData |
The msRADIUSCallbackNumber attribute is used internally. Do not modify this value directly. | |
MsRADIUSFramedIPAddress | String | False | DelimitedData |
The msRADIUSFramedIPAddress attribute is used internally. Do not modify this value directly. | |
MsRADIUSFramedRoute | String | False | DelimitedData |
The msRADIUSFramedRoute attribute is used internally. Do not modify this value directly. | |
MsRADIUSServiceType | String | False | DelimitedData |
The msRADIUSServiceType attribute is used internally. Do not modify this value directly. | |
MsRASSavedCallbackNumber | String | False | DelimitedData |
The msRASSavedCallbackNumber attribute is used internally. Do not modify this value directly. | |
MsRASSavedFramedIPAddress | String | False | DelimitedData |
The msRASSavedFramedIPAddress attribute is used internally. Do not modify this value directly. | |
MsRASSavedFramedRoute | String | False | DelimitedData |
The msRASSavedFramedRoute attribute is used internally. Do not modify this value directly. | |
NetbootGUID | String | False | DelimitedData |
Diskless boot: A computer's on-board GUID. Corresponds to the computer's network card MAC address. | |
NetbootInitialization | String | False | DelimitedData |
Default boot path for diskless boot. | |
NetbootMachineFilePath | String | False | DelimitedData |
This attribute specifies the server that answers the client. Beginning with the Windows Server 2003 operating system, it can indicate the Startrom.com that the client gets. | |
NetbootMirrorDataFile | String | False | DelimitedData |
The Netboot-Mirror-Data-File attribute is reserved for internal use. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NetbootSIFFile | String | False | DelimitedData |
The Netboot-SIF-File attribute is reserved for internal use. | |
NetworkAddress | String | False | DelimitedData |
The TCP/IP address for a network segment. Also called the subnet address. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
NtPwdHistory | String | False | DelimitedData |
The password history of the user in Windows NT one-way format (OWF). Windows 2000 uses the Windows NT OWF. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
OperatingSystem | String | False | DelimitedData |
The Operating System name, for example, Windows Vista Enterprise. | |
OperatingSystemHotfix | String | False | DelimitedData |
The hotfix level of the operating system. | |
OperatingSystemServicePack | String | False | DelimitedData |
The operating system service pack ID string (for example, SP3). | |
OperatingSystemVersion | String | False | DelimitedData |
The operating system version string, for example, 4.0. | |
OperatorCount | String | False | DelimitedData |
Operator count. | |
Ou | String | False | DelimitedData |
The name of the organizational unit. | |
O | String | False | DelimitedData |
The name of the company or organization. | |
OtherLoginWorkstations | String | False | DelimitedData |
Non-Windows NT or LAN Manager workstations from which a user can log on. | |
OtherMailbox | String | False | DelimitedData |
Contains other additional mail addresses in a form such as CCMAIL: BruceKeever. | |
MiddleName | String | False | DelimitedData |
Additional names for a user. For example, middle name, patronymic, matronymic, or others. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PersonalTitle | String | False | DelimitedData |
The user's title. | |
OtherFacsimileTelephoneNumber | String | False | DelimitedData |
A list of alternate facsimile numbers. | |
OtherHomePhone | String | False | DelimitedData |
A list of alternate home phone numbers. | |
HomePhone | String | False | DelimitedData |
The user's main home phone number. | |
OtherIpPhone | String | False | DelimitedData |
The list of alternate TCP/IP addresses for the phone. Used by Telephony. | |
IpPhone | String | False | DelimitedData |
The TCP/IP address for the phone. Used by Telephony. | |
PrimaryInternationalISDNNumber | String | False | DelimitedData |
The primary ISDN. | |
OtherMobile | String | False | DelimitedData |
A list of alternate mobile phone numbers. | |
Mobile | String | False | DelimitedData |
The primary mobile phone number. | |
OtherTelephone | String | False | DelimitedData |
A list of alternate office phone numbers. | |
OtherPager | String | False | DelimitedData |
A list of alternate pager numbers. | |
Pager | String | False | DelimitedData |
The primary pager number. | |
PhysicalDeliveryOfficeName | String | False | DelimitedData |
Contains the office location in the user's place of business. | |
PhysicalLocationObject | String | False | DelimitedData |
Used to map a device (for example, a printer, computer, and so on) to a physical location. | |
ThumbnailPhoto | String | False | DelimitedData |
An image of the user. A space-efficient format like JPEG or GIF is recommended. | |
PolicyReplicationFlags | String | False | DelimitedData |
Determines which LSA properties are replicated to clients. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
PostalAddress | String | False | DelimitedData |
The mailing address for the object. | |
PostalCode | String | False | DelimitedData |
The postal or zip code for mail delivery. | |
PostOfficeBox | String | False | DelimitedData |
The post office box number for this object. | |
PreferredDeliveryMethod | String | False | DelimitedData |
The X.500-preferred way to deliver to addressee. | |
PreferredOU | String | False | DelimitedData |
The Organizational Unit to show by default on user' s desktop. | |
PrimaryGroupID | String | False | DelimitedData |
Contains the relative identifier (RID) for the primary group of the user. By default, this is the RID for the Domain Users group. | |
ProfilePath | String | False | DelimitedData |
Specifies a path to the user's profile. This value can be a null string, a local absolute path, or a UNC path. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
PwdLastSet | String | False | DelimitedData |
The date and time that the password for this account was last changed. This value is stored as a large integer that represents the number of 100 nanosecond intervals since January 1, 1601 (UTC). If this value is set to 0 and the User-Account-Control attribute does not contain the UF_DONT_EXPIRE_PASSWD flag, then the user must set the password at the next logon. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
RegisteredAddress | String | False | DelimitedData |
Specifies a mnemonic for an address associated with an object at a particular city location. The mnemonic is registered in the country/region in which the city is located and is used in the provision of the Public Telegram Service. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
RIDSetReferences | String | False | DelimitedData |
List of references to RID-Set objects that manage Relative Identifier (RID) allocation. | |
ScriptPath | String | False | DelimitedData |
This attribute specifies the path for the user's logon script. The string can be null. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
SeeAlso | String | False | DelimitedData |
List of distinguished names that are related to an object. | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ServicePrincipalName | String | False | DelimitedData |
List of principal names used for mutual authentication with an instance of a service on this computer. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SiteGUID | String | False | DelimitedData |
The unique identifier for a site. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
St | String | False | DelimitedData |
The name of a user's state or province. | |
Street | String | False | DelimitedData |
The street address. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
Sn | String | False | DelimitedData |
This attribute contains the family or last name for a user. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
TelephoneNumber | String | False | DelimitedData |
The primary telephone number. | |
TeletexTerminalIdentifier | String | False | DelimitedData |
Specifies the Teletex terminal identifier and, optionally, parameters, for a teletex terminal associated with an object. | |
TelexNumber | String | False | DelimitedData |
A list of alternate telex numbers. | |
PrimaryTelexNumber | String | False | DelimitedData |
The primary telex number. | |
TerminalServer | String | False | DelimitedData |
Opaque data used by the Windows NT terminal server. | |
Co | String | False | DelimitedData |
The country/region in which the user is located. | |
Title | String | False | DelimitedData |
Contains the user's job title. This property is commonly used to indicate the formal job title, such as Senior Programmer, rather than occupational class, such as programmer. It is not typically used for suffix titles such as Esq. or DDS. | |
UnicodePwd | String | False | DelimitedData |
The password of the user in Windows NT one-way format (OWF). Windows 2000 uses the Windows NT OWF. This property is used only by the operating system. Note that you cannot derive the clear password back from the OWF form of the password. | |
UserAccountControl | String | False | DelimitedData |
Flags that control the behavior of the user account. | |
Comment | String | False | DelimitedData |
The user's comments. | |
UserParameters | String | False | DelimitedData |
Parameters of the user. Points to a Unicode string that is set aside for use by applications. This string can be a null string, or it can have any number of characters before the terminating null character. Microsoft products use this member to store user data specific to the individual program. | |
UserPassword | String | False | DelimitedData |
The user's password in UTF-8 format. This is a write-only attribute. | |
UserPrincipalName | String | False | DelimitedData |
This attribute contains the UPN that is an Internet-style login name for a user based on the Internet standard RFC 822. The UPN is shorter than the distinguished name and easier to remember. By convention, this should map to the user email name. The value set for this attribute is equal to the length of the user's ID and the domain name. For more information about this attribute, see User Naming Attributes. | |
UserSharedFolder | String | False | DelimitedData |
Specifies a UNC path to the user's shared documents folder. The path must be a network UNC path of the form \\Server\Share\Directory. This value can be a null string. | |
UserSharedFolderOther | String | False | DelimitedData |
Specifies a UNC path to the user's additional shared documents folder. The path must be a network UNC path of the form \\Server\Share\Directory. This value can be a null string. | |
UserWorkstations | String | False | DelimitedData |
Contains the NetBIOS or DNS names of the computers running Windows NT Workstation or Windows 2000 Professional from which the user can log on. Each NetBIOS name is separated by a comma. Multiple names should be separated by commas. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
VolumeCount | String | False | DelimitedData |
The tracked volume quota for a given computer. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. | |
X121Address | String | False | DelimitedData |
The X.121 address for an object. | |
UserCertificate | String | False | DelimitedData |
Contains the DER-encoded X.509v3 certificates issued to the user. Note that this property contains the public key certificates issued to this user by Microsoft Certificate Service. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
This class contains information about a person or company that you may need to contact on a regular basis.
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
Notes | String | False | DelimitedData |
Free text for notes on object. | |
StreetAddress | String | False | DelimitedData |
The user's address. | |
HomePostalAddress | String | False | DelimitedData |
A user's home address. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
Assistant | String | False | DelimitedData |
The distinguished name of a user's administrative assistant. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Info | String | False | DelimitedData |
The user's comments. This string can be a null string. | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
Company | String | False | DelimitedData |
The user's company name. | |
CountryCode | String | False | DelimitedData |
Specifies the country/region code for the user's language of choice. This value is not used by Windows 2000. | |
C | String | False | DelimitedData |
The country/region in the address of the user. The country/region is represented as a 2-character code based on ISO-3166. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
Department | String | False | DelimitedData |
Contains the name for the department in which the user works. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DestinationIndicator | String | False | DelimitedData |
This is part of the X.500 specification and not used by NTDS. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
Division | String | False | DelimitedData |
The user's division. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
String | False | DelimitedData |
The list of email addresses for a contact. | ||
EmployeeID | String | False | DelimitedData |
The ID of an employee. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
FacsimileTelephoneNumber | String | False | DelimitedData |
Contains telephone number of the user's business fax machine. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
GarbageCollPeriod | String | False | DelimitedData |
This attribute is located on the CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,... object. It represents the time, in hours, between DS garbage collection runs. | |
GenerationQualifier | String | False | DelimitedData |
Indicates a person generation. For example, Jr. or II. | |
GivenName | String | False | DelimitedData |
Contains the given name (first name) of the user. | |
Initials | String | False | DelimitedData |
Contains the initials for parts of the user's full name. This may be used as the middle initial in the Windows Address Book. | |
InternationalISDNNumber | String | False | DelimitedData |
Specifies an International ISDN Number associated with an object. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
LegacyExchangeDN | String | False | DelimitedData |
The distinguished name previously used by Exchange. | |
L | String | False | DelimitedData |
Represents the name of a locality, such as a town or city. | |
ThumbnailLogo | String | False | DelimitedData |
BLOB that contains a logo for this object. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
Manager | String | False | DelimitedData |
Contains the distinguished name of the user who is the user's manager. The manager's user object contains a directReports property that contains references to all user objects that have their manager properties set to this distinguished name. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
MhsORAddress | String | False | DelimitedData |
X.400 address. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
Ou | String | False | DelimitedData |
The name of the organizational unit. | |
O | String | False | DelimitedData |
The name of the company or organization. | |
OtherMailbox | String | False | DelimitedData |
Contains other additional mail addresses in a form such as CCMAIL: BruceKeever. | |
MiddleName | String | False | DelimitedData |
Additional names for a user. For example, middle name, patronymic, matronymic, or others. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PersonalTitle | String | False | DelimitedData |
The user's title. | |
OtherFacsimileTelephoneNumber | String | False | DelimitedData |
A list of alternate facsimile numbers. | |
OtherHomePhone | String | False | DelimitedData |
A list of alternate home phone numbers. | |
HomePhone | String | False | DelimitedData |
The user's main home phone number. | |
OtherIpPhone | String | False | DelimitedData |
The list of alternate TCP/IP addresses for the phone. Used by Telephony. | |
IpPhone | String | False | DelimitedData |
The TCP/IP address for the phone. Used by Telephony. | |
PrimaryInternationalISDNNumber | String | False | DelimitedData |
The primary ISDN. | |
OtherMobile | String | False | DelimitedData |
A list of alternate mobile phone numbers. | |
Mobile | String | False | DelimitedData |
The primary mobile phone number. | |
OtherTelephone | String | False | DelimitedData |
A list of alternate office phone numbers. | |
OtherPager | String | False | DelimitedData |
A list of alternate pager numbers. | |
Pager | String | False | DelimitedData |
The primary pager number. | |
PhysicalDeliveryOfficeName | String | False | DelimitedData |
Contains the office location in the user's place of business. | |
ThumbnailPhoto | String | False | DelimitedData |
An image of the user. A space-efficient format like JPEG or GIF is recommended. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
PostalAddress | String | False | DelimitedData |
The mailing address for the object. | |
PostalCode | String | False | DelimitedData |
The postal or zip code for mail delivery. | |
PostOfficeBox | String | False | DelimitedData |
The post office box number for this object. | |
PreferredDeliveryMethod | String | False | DelimitedData |
The X.500-preferred way to deliver to addressee. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
RegisteredAddress | String | False | DelimitedData |
Specifies a mnemonic for an address associated with an object at a particular city location. The mnemonic is registered in the country/region in which the city is located and is used in the provision of the Public Telegram Service. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
SeeAlso | String | False | DelimitedData |
List of distinguished names that are related to an object. | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAddressBook | String | False | DelimitedData |
This attribute is used to indicate in which MAPI address books an object will appear. It is usually maintained by the Exchange Recipient Update Service. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
St | String | False | DelimitedData |
The name of a user's state or province. | |
Street | String | False | DelimitedData |
The street address. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
Sn | String | False | DelimitedData |
This attribute contains the family or last name for a user. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
TelephoneNumber | String | False | DelimitedData |
The primary telephone number. | |
TeletexTerminalIdentifier | String | False | DelimitedData |
Specifies the Teletex terminal identifier and, optionally, parameters, for a teletex terminal associated with an object. | |
TelexNumber | String | False | DelimitedData |
A list of alternate telex numbers. | |
PrimaryTelexNumber | String | False | DelimitedData |
The primary telex number. | |
Co | String | False | DelimitedData |
The country/region in which the user is located. | |
TextEncodedORAddress | String | False | DelimitedData |
This attribute is used to support X.400 addresses in a text format. | |
Title | String | False | DelimitedData |
Contains the user's job title. This property is commonly used to indicate the formal job title, such as Senior Programmer, rather than occupational class, such as programmer. It is not typically used for suffix titles such as Esq. or DDS. | |
UserCert | String | False | DelimitedData |
Nortel v1 or DMS certificates. | |
Comment | String | False | DelimitedData |
The user's comments. | |
UserPassword | String | False | DelimitedData |
The user's password in UTF-8 format. This is a write-only attribute. | |
UserSMIMECertificate | String | False | DelimitedData |
Certificate distribution object or tagged certificates. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. | |
X121Address | String | False | DelimitedData |
The X.121 address for an object. | |
UserCertificate | String | False | DelimitedData |
Contains the DER-encoded X.509v3 certificates issued to the user. Note that this property contains the public key certificates issued to this user by Microsoft Certificate Service. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
The object holding Certificate, Authority, and Delta Revocation lists.
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
AuthorityRevocationList | String | False | DelimitedData |
Cross certificate, Certificate Revocation List. | |
CertificateRevocationList | String | False | DelimitedData |
Represents a list of certificates that have been revoked. | |
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
CertificateAuthorityObject | String | False | DelimitedData |
Reference to the certification authority associated with a Certificate Revocation List distribution point. | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
CRLPartitionedRevocationList | String | False | DelimitedData |
Public Key Infrastructure-revocation lists. | |
DeltaRevocationList | String | False | DelimitedData |
List of certificates that have been revoked since the last delta update. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
Represents a DHCP Server (or set of servers).
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
DhcpFlags | String | False | DelimitedData |
The dhcp-Flags attribute is not currently used. | |
DhcpIdentification | String | False | DelimitedData |
The dhcp-Identification attribute is not currently used. | |
DhcpType | String | False | DelimitedData |
The type of DHCP server. This attribute is set on all objects of objectClass dHCPClass. Its value defines the type of object: | |
DhcpUniqueKey | String | False | DelimitedData |
The dhcp-Unique-Key attribute is not currently used. | |
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DhcpClasses | String | False | DelimitedData |
The dhcp-Classes attribute is not currently used. | |
DhcpMask | String | False | DelimitedData |
The dhcp-Mask attribute is not currently used. | |
DhcpMaxKey | String | False | DelimitedData |
The dhcp-MaxKey attribute is not currently used. | |
DhcpObjDescription | String | False | DelimitedData |
The dhcp-Obj-Description attribute is not currently used. | |
DhcpObjName | String | False | DelimitedData |
The dhcp-Obj-Name attribute is not currently used. | |
DhcpOptions | String | False | DelimitedData |
The dhcp-Options attribute is not currently used. | |
DhcpProperties | String | False | DelimitedData |
The dhcp-Properties attribute is not currently used. | |
DhcpRanges | String | False | DelimitedData |
The dhcp-Ranges attribute is not currently used. | |
DhcpReservations | String | False | DelimitedData |
The dhcp-Reservations attribute is not currently used. | |
DhcpServers | String | False | DelimitedData |
Contains a list of servers that are authorized in the enterprise. | |
DhcpSites | String | False | DelimitedData |
The dhcp-Sites attribute is not currently used. | |
DhcpState | String | False | DelimitedData |
The dhcp-State attribute is not currently used. | |
DhcpSubnets | String | False | DelimitedData |
The dhcp-Subnets attribute is not currently used. | |
DhcpUpdateTime | String | False | DelimitedData |
The dhcp-Update-Time attribute is not currently used. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MscopeId | String | False | DelimitedData |
Indicates that there is a multicast scope on the specified DHCP server. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NetworkAddress | String | False | DelimitedData |
The TCP/IP address for a network segment. Also called the subnet address. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
OptionDescription | String | False | DelimitedData |
This attribute contains a description of an option that is set on the DHCP server. | |
OptionsLocation | String | False | DelimitedData |
For DHCP, the options location contains the DN for alternate sites that contain the options information. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SuperScopeDescription | String | False | DelimitedData |
This attribute provides a description for a superscope. | |
SuperScopes | String | False | DelimitedData |
This attribute is used to group together all the different scopes used in the DHCP class into a single entity. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
Holds the DNS resource records for a single host.
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
Dc | String | False | DelimitedData |
The naming attribute for Domain and DNS objects. Usually displayed as dc=DomainName. | |
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DNSProperty | String | False | DelimitedData |
Used to store binary settings (properties) on DNS zone objects. | |
DnsRecord | String | False | DelimitedData |
Used to store binary DNS resource records on DNS objects. | |
DNSTombstoned | String | False | DelimitedData |
True if this object has been tombstoned. This attribute exists to make searching for tombstoned records easier and faster. Tombstoned objects are objects that have been deleted but not yet removed from the directory. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
The container for DNS Nodes. Holds zone metadata.
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
Dc | String | False | DelimitedData |
The naming attribute for Domain and DNS objects. Usually displayed as dc=DomainName. | |
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DnsAllowDynamic | String | False | DelimitedData |
The Dns-Allow-Dynamic attribute is not currently used. | |
DnsAllowXFR | String | False | DelimitedData |
The Dns-Allow-XFR attribute is not currently used. | |
DnsNotifySecondaries | String | False | DelimitedData |
The Dns-Notify-Secondaries attribute is not currently used. | |
DNSProperty | String | False | DelimitedData |
Used to store binary settings (properties) on DNS zone objects. | |
DnsSecureSecondaries | String | False | DelimitedData |
The Dns-Secure-Secondaries attribute is not currently used. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
ManagedBy | String | False | DelimitedData |
The distinguished name of the user that is assigned to manage this object. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
Contains information about a domain.
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
Dc | String | False | DelimitedData |
The naming attribute for Domain and DNS objects. Usually displayed as dc=DomainName. | |
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
Windows NT domain with DNS-based (DC=) naming.
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
CACertificate | String | False | DelimitedData |
Certificates of trusted Certification Authorities. | |
Dc | String | False | DelimitedData |
The naming attribute for Domain and DNS objects. Usually displayed as dc=DomainName. | |
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
AuditingPolicy | String | False | DelimitedData |
Auditing policy for the local policy. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
BuiltinCreationTime | String | False | DelimitedData |
The Builtin-Creation-Time attribute is used to support replication to Windows NT 4.0 domains. | |
BuiltinModifiedCount | String | False | DelimitedData |
The Builtin-Modified-Count attribute is used to support replication to Windows NT 4.0 domains. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
ControlAccessRights | String | False | DelimitedData |
Used by DS Security to determine which users can perform specific operations on the host object. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
CreationTime | String | False | DelimitedData |
The date and time that the object was created. | |
DefaultLocalPolicyObject | String | False | DelimitedData |
A reference to a Policy object that defines the local policy for the host object. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DesktopProfile | String | False | DelimitedData |
The location of the desktop profile for a user or group of users. Not used. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DomainPolicyObject | String | False | DelimitedData |
Reference to the policy object that defines the Local Security Authority policy for the host domain. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
EFSPolicy | String | False | DelimitedData |
The Encrypting File System Policy. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
GPLink | String | False | DelimitedData |
A sorted list of Group Policy options. Each option is a DWORD. Use of the UNICODE string is a convenience. | |
GPOptions | String | False | DelimitedData |
Options that affect all group policies associated with the object hosting this property. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
LockoutDuration | String | False | DelimitedData |
The amount of time that an account is locked due to the Lockout-Threshold being exceeded. This value is stored as a large integer that represents the negative of the number of 100-nanosecond intervals from the time the Lockout-Threshold is exceeded that must elapse before the account is unlocked. | |
LockOutObservationWindow | String | False | DelimitedData |
The range of time, in 100-nanosecond intervals, in which the system increments the incorrect logon count. | |
LockoutThreshold | String | False | DelimitedData |
The number of invalid logon attempts that are permitted before the account is locked out. | |
LSACreationTime | String | False | DelimitedData |
The LSA-Creation-Time attribute is used to support replication to Windows NT 4.0 domains. | |
LSAModifiedCount | String | False | DelimitedData |
The LSA-Modified-Count attribute is used to support replication to Windows NT 4.0 domains. | |
ManagedBy | String | False | DelimitedData |
The distinguished name of the user that is assigned to manage this object. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
MaxPwdAge | String | False | DelimitedData |
The maximum amount of time, in 100-nanosecond intervals, a password is valid. This value is stored as a large integer that represents the number of 100-nanosecond intervals from the time the password was set before the password expires. | |
MinPwdAge | String | False | DelimitedData |
The minimum amount of time, in 100-nanosecond intervals, that a password is valid. | |
MinPwdLength | String | False | DelimitedData |
The minimum number of characters that a password must contain. | |
ModifiedCountAtLastProm | String | False | DelimitedData |
The Net Logon Change Log serial number at last promotion. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
Ms-DS-MachineAccountQuota | String | False | DelimitedData |
The number of computer accounts that a user is allowed to create in a domain. | |
NETBIOSName | String | False | DelimitedData |
The name of the object to be used over NetBIOS. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NextRid | String | False | DelimitedData |
The Next Rid field used by the mixed mode allocator. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
NTMixedDomain | String | False | DelimitedData |
Indicates that the domain is in native mode or mixed mode. This attribute is found in the domainDNS (head) object for the domain. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PekKeyChangeInterval | String | False | DelimitedData |
Password encryption key change interval. | |
PekList | String | False | DelimitedData |
List of password encryption keys. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
PrivateKey | String | False | DelimitedData |
An encrypted private key. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
PwdHistoryLength | String | False | DelimitedData |
The number of old passwords to save. | |
PwdProperties | String | False | DelimitedData |
Password Properties. Part of Domain Policy. A bitfield to indicate complexity and storage restrictions. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
ReplicaSource | String | False | DelimitedData |
This attribute contains the GUID of a replication source. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
RIDManagerReference | String | False | DelimitedData |
The Distinguished Name for the RID Manager of an object. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
TreeName | String | False | DelimitedData |
DNS name of the domain at the root of a tree. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
Defines the local security authority policy for one or more domains.
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
AuthenticationOptions | String | False | DelimitedData |
The authentication options used in ADSI to bind to directory services objects. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
DefaultLocalPolicyObject | String | False | DelimitedData |
A reference to a Policy object that defines the local policy for the host object. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DomainCAs | String | False | DelimitedData |
List of certification authorities for a given domain. | |
DomainPolicyReference | String | False | DelimitedData |
The Distinguished Name of a domain policy object that a policy object copies from. | |
DomainWidePolicy | String | False | DelimitedData |
This is for user extensible policy to be replicated to the clients. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
EFSPolicy | String | False | DelimitedData |
The Encrypting File System Policy. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
ForceLogoff | String | False | DelimitedData |
Used in computing the kick off time in SamIGetAccountRestrictions. Logoff time minus Force Log off equals kick off time. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
IpsecPolicyReference | String | False | DelimitedData |
The distinguished name of the related Internet Protocol security (IPsec) policy. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
LockoutDuration | String | False | DelimitedData |
The amount of time that an account is locked due to the Lockout-Threshold being exceeded. This value is stored as a large integer that represents the negative of the number of 100-nanosecond intervals from the time the Lockout-Threshold is exceeded that must elapse before the account is unlocked. | |
LockOutObservationWindow | String | False | DelimitedData |
The range of time, in 100-nanosecond intervals, in which the system increments the incorrect logon count. | |
LockoutThreshold | String | False | DelimitedData |
The number of invalid logon attempts that are permitted before the account is locked out. | |
ManagedBy | String | False | DelimitedData |
The distinguished name of the user that is assigned to manage this object. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
MaxPwdAge | String | False | DelimitedData |
The maximum amount of time, in 100-nanosecond intervals, a password is valid. This value is stored as a large integer that represents the number of 100-nanosecond intervals from the time the password was set before the password expires. | |
MaxRenewAge | String | False | DelimitedData |
This attribute determines the time period, in days, during which a user's ticket-granting ticket (TGT) can be renewed for purposes of Kerberos authentication. The default setting is 7 days in the Default Domain Group Policy object (GPO). | |
MaxTicketAge | String | False | DelimitedData |
This attribute determines the maximum amount of time, in hours, that a user's ticket-granting ticket (TGT) can be used for the purpose of Kerberos authentication. When a user's TGT expires, a new one must be requested, or the existing one must be renewed. By default, this setting is set to 10 hours in the Default Domain Group Policy object (GPO). | |
MinPwdAge | String | False | DelimitedData |
The minimum amount of time, in 100-nanosecond intervals, that a password is valid. | |
MinPwdLength | String | False | DelimitedData |
The minimum number of characters that a password must contain. | |
MinTicketAge | String | False | DelimitedData |
This attribute determines the minimum time period, in hours, that a user's ticket-granting ticket (TGT) can be used for Kerberos authentication before a request can be made to renew the ticket. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
ProxyLifetime | String | False | DelimitedData |
Contains the lifetime for a proxy object. | |
PublicKeyPolicy | String | False | DelimitedData |
Reference to the Public Key policy for this domain. | |
PwdHistoryLength | String | False | DelimitedData |
The number of old passwords to save. | |
PwdProperties | String | False | DelimitedData |
Password Properties. Part of Domain Policy. A bitfield to indicate complexity and storage restrictions. | |
QualityOfService | String | False | DelimitedData |
Local or domain quality of service bits on policy objects. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
The Security Principal from an external source.
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
ForeignIdentifier | String | False | DelimitedData |
The security properties used by a foreign system. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectSid | String | False | DelimitedData |
A binary value that specifies the security identifier (SID) of the user. The SID is a unique value used to identify the user as a security principal. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
Stores a list of user names. Used to apply security principals on resources.
All columns support server-side processing for the operators =, >= , <=, !=, LIKE, AND, and OR. Other filters are executed client side within the Sync App. For example, the following query is processed by Microsoft Active Directory:
SELECT * FROM Group WHERE GroupType != '-2147483644' AND ObjectClass = 'top;group' LIMIT 5You can turn off client-side execution by setting SupportEnhancedSQL to false in which case any search criteria that refer to any other operators will cause an error.
To add a Group, all fields can be specified except Id, DN, and BaseDN. Required fields that should be provided are RDN and ObjectClass. For example:
INSERT INTO Group (RDN, ObjectClass) VALUES ('CN=Domain Admins', 'group')
All columns except Id, DN, and BaseDN can be updated by providing the Id in the WHERE clause. For example:
UPDATE Group SET Member = 'CN=SUPPORT_388945a0,CN=Users,DC=MyDC' WHERE Id = '1|CN=HelpServicesGroup,CN=Users,DC=MyDC'
Groups can be deleted by providing the Id of the Group in a DELETE statement. For example:
DELETE FROM Group WHERE Id = '1|CN=HelpServicesGroup,CN=Users,DC=MyDC'
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
GroupType | String | False | DelimitedData |
Contains a set of flags that define the type and scope of a group object. For the possible values for this attribute, see Remarks. | |
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
SAMAccountName | String | False | DelimitedData |
The logon name used to support clients and servers running earlier versions of the operating system, such as Windows NT 4.0, Windows 95, Windows 98, and LAN Manager. | |
AccountNameHistory | String | False | DelimitedData |
The length of time that the account has been active. | |
AdminCount | String | False | DelimitedData |
Indicates that a given object has had its ACLs changed to a more secure value by the system because it was a member of one of the administrative groups (directly or transitively). | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
AltSecurityIdentities | String | False | DelimitedData |
Contains mappings for X.509 certificates or external Kerberos user accounts to this user for the purpose of authentication. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Info | String | False | DelimitedData |
The user's comments. This string can be a null string. | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
ControlAccessRights | String | False | DelimitedData |
Used by DS Security to determine which users can perform specific operations on the host object. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DesktopProfile | String | False | DelimitedData |
The location of the desktop profile for a user or group of users. Not used. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
String | False | DelimitedData |
The list of email addresses for a contact. | ||
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
GarbageCollPeriod | String | False | DelimitedData |
This attribute is located on the CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,... object. It represents the time, in hours, between DS garbage collection runs. | |
GroupAttributes | String | False | DelimitedData |
The Group-Attributes attribute is not currently used. | |
GroupMembershipSAM | String | False | DelimitedData |
Windows NT Security. Down level Windows NT support. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
LegacyExchangeDN | String | False | DelimitedData |
The distinguished name previously used by Exchange. | |
ManagedBy | String | False | DelimitedData |
The distinguished name of the user that is assigned to manage this object. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
Member | String | False | DelimitedData |
The list of users that belong to the group. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NonSecurityMember | String | False | DelimitedData |
Nonsecurity members of a group. Used for Exchange distribution lists. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
NTGroupMembers | String | False | DelimitedData |
This attribute is not used. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectSid | String | False | DelimitedData |
A binary value that specifies the security identifier (SID) of the user. The SID is a unique value used to identify the user as a security principal. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
OperatorCount | String | False | DelimitedData |
Operator count. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
PrimaryGroupToken | String | False | DelimitedData |
A computed attribute that is used in retrieving the membership list of a group, such as Domain Users. The complete membership of such groups is not stored explicitly for scaling reasons. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
Rid | String | False | DelimitedData |
The relative Identifier of an object. | |
SAMAccountType | String | False | DelimitedData |
This attribute contains information about every account type object. You can enumerate a list of account types or you can use the Display Information API to create a list. Because computers, normal user accounts, and trust accounts can also be enumerated as user objects, the values for these accounts must be a contiguous range. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
SecurityIdentifier | String | False | DelimitedData |
A unique value of variable length used to identify a user account, group account, or logon session to which an ACE applies. | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAddressBook | String | False | DelimitedData |
This attribute is used to indicate in which MAPI address books an object will appear. It is usually maintained by the Exchange Recipient Update Service. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SIDHistory | String | False | DelimitedData |
Contains previous SIDs used for the object if the object was moved from another domain. Whenever an object is moved from one domain to another, a new SID is created and that new SID becomes the objectSID. The previous SID is added to the sIDHistory property. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SupplementalCredentials | String | False | DelimitedData |
Stored credentials for use in authenticating. The encrypted version of the user's password. This attribute is neither readable nor writable. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
TelephoneNumber | String | False | DelimitedData |
The primary telephone number. | |
TextEncodedORAddress | String | False | DelimitedData |
This attribute is used to support X.400 addresses in a text format. | |
UserCert | String | False | DelimitedData |
Nortel v1 or DMS certificates. | |
UserSMIMECertificate | String | False | DelimitedData |
Certificate distribution object or tagged certificates. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. | |
UserCertificate | String | False | DelimitedData |
Contains the DER-encoded X.509v3 certificates issued to the user. Note that this property contains the public key certificates issued to this user by Microsoft Certificate Service. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
Used to define entries that represent an unordered set of names that represent individual objects or other groups of names.
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
BusinessCategory | String | False | DelimitedData |
Descriptive text on an Organizational Unit. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
Member | String | False | DelimitedData |
The list of users that belong to the group. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
Ou | String | False | DelimitedData |
The name of the organizational unit. | |
O | String | False | DelimitedData |
The name of the company or organization. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
Owner | String | False | DelimitedData |
The distinguished name of an object that has ownership of an object. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
SeeAlso | String | False | DelimitedData |
List of distinguished names that are related to an object. | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
Defines the entries for a group of unique names. In general, used to store account objects.
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
UniqueMember | String | False | DelimitedData |
The distinguished name for the member of a group. Used by groupOfUniqueNames. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
BusinessCategory | String | False | DelimitedData |
Descriptive text on an Organizational Unit. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MsCOM-PartitionSetLink | String | False | DelimitedData |
A link used to associate a COM+ Partition with a COM+ PartitionSet object. | |
MsCOM-UserLink | String | False | DelimitedData |
A link used to associate a COM+ PartitionSet with a User object. | |
MsDS-Approx-Immed-Subordinates | String | False | DelimitedData |
The value returned by this attribute is based on index sizes. This may be off by +/-10% on large containers, and the error is theoretically unbounded, but using this attribute helps the UI display the contents of a container. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
MsDs-masteredBy | String | False | DelimitedData |
Backward link for msDS-hasMasterNCs. | |
MsDS-MembersForAzRoleBL | String | False | DelimitedData |
Backward link from member application group or user to Az-Role objects linking to it. | |
MsDS-NCReplCursors | String | False | DelimitedData |
A list of past and present replication partners, and how current we are with each of them. | |
MsDS-NCReplInboundNeighbors | String | False | DelimitedData |
Replication partners for this partition. This server obtains replication data from these other servers, which act as sources. | |
MsDS-NCReplOutboundNeighbors | String | False | DelimitedData |
Replication partners for this partition. This server sends replication data to these other servers, which act as destinations. This server will notify these other servers when new data is available. | |
MsDS-NonMembersBL | String | False | DelimitedData |
Backward link from non-member group or user to Az groups that link to it (same functionality as Non-Security-Member-BL). | |
MsDS-ObjectReferenceBL | String | False | DelimitedData |
Backward link for ms-DS-Object-Reference. | |
MsDS-OperationsForAzRoleBL | String | False | DelimitedData |
Backward link from Az-Operation to Az-Role objects that link to it. | |
MsDS-OperationsForAzTaskBL | String | False | DelimitedData |
Backward link from Az-Operation to Az-Task objects that link to it. | |
MsDS-ReplAttributeMetaData | String | False | DelimitedData |
A list of metadata for each replicated attribute. The metadata indicates who changed the attribute last. | |
MsDS-ReplValueMetaData | String | False | DelimitedData |
A list of metadata for each value of an attribute. The metadata indicates who changed the value last. | |
MsDS-TasksForAzRoleBL | String | False | DelimitedData |
Backward link from Az-Task to Az-Role objects that link to it. | |
MsDS-TasksForAzTaskBL | String | False | DelimitedData |
Backward link from Az-Task to the Az-Task objects that link to it. | |
OwnerBL | String | False | DelimitedData |
The backward link to the owner attribute. Contains a list of owners for an object. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
Ou | String | False | DelimitedData |
The name of the organizational unit. | |
O | String | False | DelimitedData |
The name of the company or organization. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
Owner | String | False | DelimitedData |
The distinguished name of an object that has ownership of an object. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
SeeAlso | String | False | DelimitedData |
List of distinguished names that are related to an object. | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
StructuralObjectClass | String | False | DelimitedData |
This constructed attribute stores a list of classes contained in a class hierarchy, including abstract classes. This list does contain dynamically linked auxiliary classes. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
This represents the Group Policy Object. It is used to define group polices.
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
DefaultClassStore | String | False | DelimitedData |
The default Class Store for a given user. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
GPCFileSysPath | String | False | DelimitedData |
True if the object is enabled. | |
GPCFunctionalityVersion | String | False | DelimitedData |
The version of the Group Policy Editor that created this object. | |
GPCMachineExtensionNames | String | False | DelimitedData |
Used by the Group Policy Object for computer policies. | |
GPCUserExtensionNames | String | False | DelimitedData |
Used by the Group Policy Object for user policies. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
SchemaVersion | String | False | DelimitedData |
The version number for the schema. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
VersionNumber | String | False | DelimitedData |
A general purpose version number. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
Represents an abstraction of a host or other IP device.
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
IpHostNumber | String | False | DelimitedData |
Contains the IP address of the host in dotted decimal notation, omitting the leading zeros. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
L | String | False | DelimitedData |
Represents the name of a locality, such as a town or city. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MsCOM-PartitionSetLink | String | False | DelimitedData |
A link used to associate a COM+ Partition with a COM+ PartitionSet object. | |
MsCOM-UserLink | String | False | DelimitedData |
A link used to associate a COM+ PartitionSet with a User object. | |
MsDFSR-ComputerReferenceBL | String | False | DelimitedData |
Contains the backward link for the ms-DFSR-ComputerReference attribute. | |
MsDFSR-MemberReferenceBL | String | False | DelimitedData |
Contains the backward link for the ms-DFSR-MemberReference attribute. | |
MsDS-Approx-Immed-Subordinates | String | False | DelimitedData |
The value returned by this attribute is based on index sizes. This may be off by +/-10% on large containers, and the error is theoretically unbounded, but using this attribute helps the UI display the contents of a container. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
MsDs-masteredBy | String | False | DelimitedData |
Backward link for msDS-hasMasterNCs. | |
MsDS-MembersForAzRoleBL | String | False | DelimitedData |
Backward link from member application group or user to Az-Role objects linking to it. | |
MsDS-NCReplCursors | String | False | DelimitedData |
A list of past and present replication partners, and how current we are with each of them. | |
MsDS-NCReplInboundNeighbors | String | False | DelimitedData |
Replication partners for this partition. This server obtains replication data from these other servers, which act as sources. | |
MsDS-NCReplOutboundNeighbors | String | False | DelimitedData |
Replication partners for this partition. This server sends replication data to these other servers, which act as destinations. This server will notify these other servers when new data is available. | |
MsDS-NonMembersBL | String | False | DelimitedData |
Backward link from non-member group or user to Az groups that link to it (same functionality as Non-Security-Member-BL). | |
MsDS-ObjectReferenceBL | String | False | DelimitedData |
Backward link for ms-DS-Object-Reference. | |
MsDS-OperationsForAzRoleBL | String | False | DelimitedData |
Backward link from Az-Operation to Az-Role objects that link to it. | |
MsDS-OperationsForAzTaskBL | String | False | DelimitedData |
Backward link from Az-Operation to Az-Task objects that link to it. | |
MsDS-ReplAttributeMetaData | String | False | DelimitedData |
A list of metadata for each replicated attribute. The metadata indicates who changed the attribute last. | |
MsDS-ReplValueMetaData | String | False | DelimitedData |
A list of metadata for each value of an attribute. The metadata indicates who changed the value last. | |
MsDS-TasksForAzRoleBL | String | False | DelimitedData |
Backward link from Az-Task to Az-Role objects that link to it. | |
MsDS-TasksForAzTaskBL | String | False | DelimitedData |
Backward link from Az-Task to the Az-Task objects that link to it. | |
OwnerBL | String | False | DelimitedData |
The backward link to the owner attribute. Contains a list of owners for an object. | |
MsSFU30PosixMemberOf | String | False | DelimitedData |
Contains the display names of groups to which this user belongs. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
StructuralObjectClass | String | False | DelimitedData |
This constructed attribute stores a list of classes contained in a class hierarchy, including abstract classes. This list does contain dynamically linked auxiliary classes. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
Uid | String | False | DelimitedData |
A user ID. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
Represents an abstraction of a network. The distinguished name value of the Common-Name attribute denotes the canonical name of the network.
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
IpNetworkNumber | String | False | DelimitedData |
Contains an IP network number in dotted decimal notation, omitting the leading zeros. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
IpNetmaskNumber | String | False | DelimitedData |
Contains the IP netmask in dotted decimal notation, omitting the leading zeros. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
L | String | False | DelimitedData |
Represents the name of a locality, such as a town or city. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MsCOM-PartitionSetLink | String | False | DelimitedData |
A link used to associate a COM+ Partition with a COM+ PartitionSet object. | |
MsCOM-UserLink | String | False | DelimitedData |
A link used to associate a COM+ PartitionSet with a User object. | |
MsDFSR-ComputerReferenceBL | String | False | DelimitedData |
Contains the backward link for the ms-DFSR-ComputerReference attribute. | |
MsDFSR-MemberReferenceBL | String | False | DelimitedData |
Contains the backward link for the ms-DFSR-MemberReference attribute. | |
MsDS-Approx-Immed-Subordinates | String | False | DelimitedData |
The value returned by this attribute is based on index sizes. This may be off by +/-10% on large containers, and the error is theoretically unbounded, but using this attribute helps the UI display the contents of a container. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
MsDs-masteredBy | String | False | DelimitedData |
Backward link for msDS-hasMasterNCs. | |
MsDS-MembersForAzRoleBL | String | False | DelimitedData |
Backward link from member application group or user to Az-Role objects linking to it. | |
MsDS-NCReplCursors | String | False | DelimitedData |
A list of past and present replication partners, and how current we are with each of them. | |
MsDS-NCReplInboundNeighbors | String | False | DelimitedData |
Replication partners for this partition. This server obtains replication data from these other servers, which act as sources. | |
MsDS-NCReplOutboundNeighbors | String | False | DelimitedData |
Replication partners for this partition. This server sends replication data to these other servers, which act as destinations. This server will notify these other servers when new data is available. | |
MsDS-NonMembersBL | String | False | DelimitedData |
Backward link from non-member group or user to Az groups that link to it (same functionality as Non-Security-Member-BL). | |
MsDS-ObjectReferenceBL | String | False | DelimitedData |
Backward link for ms-DS-Object-Reference. | |
MsDS-OperationsForAzRoleBL | String | False | DelimitedData |
Backward link from Az-Operation to Az-Role objects that link to it. | |
MsDS-OperationsForAzTaskBL | String | False | DelimitedData |
Backward link from Az-Operation to Az-Task objects that link to it. | |
MsDS-ReplAttributeMetaData | String | False | DelimitedData |
A list of metadata for each replicated attribute. The metadata indicates who changed the attribute last. | |
MsDS-ReplValueMetaData | String | False | DelimitedData |
A list of metadata for each value of an attribute. The metadata indicates who changed the value last. | |
MsDS-TasksForAzRoleBL | String | False | DelimitedData |
Backward link from Az-Task to Az-Role objects that link to it. | |
MsDS-TasksForAzTaskBL | String | False | DelimitedData |
Backward link from Az-Task to the Az-Task objects that link to it. | |
OwnerBL | String | False | DelimitedData |
The backward link to the owner attribute. Contains a list of owners for an object. | |
MsSFU30Aliases | String | False | DelimitedData |
Contains part of the NIS mail map. | |
MsSFU30Name | String | False | DelimitedData |
Contains the name of a map. | |
MsSFU30NisDomain | String | False | DelimitedData |
Contains the NIS domain. | |
MsSFU30PosixMemberOf | String | False | DelimitedData |
Contains the display names of groups to which this user belongs. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NisMapName | String | False | DelimitedData |
Contains the name of the map to which the object belongs. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
StructuralObjectClass | String | False | DelimitedData |
This constructed attribute stores a list of classes contained in a class hierarchy, including abstract classes. This list does contain dynamically linked auxiliary classes. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
Uid | String | False | DelimitedData |
A user ID. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
Stores information about a company or organization.
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
BusinessCategory | String | False | DelimitedData |
Descriptive text on an Organizational Unit. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DestinationIndicator | String | False | DelimitedData |
This is part of the X.500 specification and not used by NTDS. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
FacsimileTelephoneNumber | String | False | DelimitedData |
Contains telephone number of the user's business fax machine. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
InternationalISDNNumber | String | False | DelimitedData |
Specifies an International ISDN Number associated with an object. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
L | String | False | DelimitedData |
Represents the name of a locality, such as a town or city. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
O | String | False | DelimitedData |
The name of the company or organization. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PhysicalDeliveryOfficeName | String | False | DelimitedData |
Contains the office location in the user's place of business. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
PostalAddress | String | False | DelimitedData |
The mailing address for the object. | |
PostalCode | String | False | DelimitedData |
The postal or zip code for mail delivery. | |
PostOfficeBox | String | False | DelimitedData |
The post office box number for this object. | |
PreferredDeliveryMethod | String | False | DelimitedData |
The X.500-preferred way to deliver to addressee. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
RegisteredAddress | String | False | DelimitedData |
Specifies a mnemonic for an address associated with an object at a particular city location. The mnemonic is registered in the country/region in which the city is located and is used in the provision of the Public Telegram Service. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
SearchGuide | String | False | DelimitedData |
Specifies information of suggested search criteria, which may be included in some entries that are expected to be a convenient base-object for the search operation, for example, country/region or organization. | |
SeeAlso | String | False | DelimitedData |
List of distinguished names that are related to an object. | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
St | String | False | DelimitedData |
The name of a user's state or province. | |
Street | String | False | DelimitedData |
The street address. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
TelephoneNumber | String | False | DelimitedData |
The primary telephone number. | |
TeletexTerminalIdentifier | String | False | DelimitedData |
Specifies the Teletex terminal identifier and, optionally, parameters, for a teletex terminal associated with an object. | |
TelexNumber | String | False | DelimitedData |
A list of alternate telex numbers. | |
UserPassword | String | False | DelimitedData |
The user's password in UTF-8 format. This is a write-only attribute. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. | |
X121Address | String | False | DelimitedData |
The X.121 address for an object. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
This class is used for objects that contain organizational information about a user, such as the employee number, department, manager, title, office address, and so on.
All columns support operators =, >= , <=, !=, LIKE, AND and OR. For example:
SELECT * FROM OrganizationalPerson WHERE CN != 'NewUser' AND BaseDN = 'CN=Users,DC=MyDC' LIMIT 5
To add a OrganizationalPerson, fields can be specified except Id, DN and BaseDN. Required fields that should be provided are RDN and ObjectClass. For example:
INSERT INTO OrganizationalPerson (RDN, ObjectClass) VALUES ('CN=NewUser', 'top;person;organizationalPerson;user;inetOrgPerson')
All columns except Id, DN and BaseDN can be updated by providing the Id in the WHERE clause. For example:
UPDATE OrganizationalPerson SET Description = 'desc' WHERE Id = '1|CN=NewUser,CN=Users,DC=MyDC'
OrganizationalPersons can be deleted by providing the Id of the OrganizationalPerson and issuing a DELETE statement. For example:
DELETE FROM OrganizationalPerson WHERE Id = '1|CN=NewUser,CN=Users,DC=MyDC'
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
StreetAddress | String | False | DelimitedData |
The user's address. | |
HomePostalAddress | String | False | DelimitedData |
A user's home address. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
Assistant | String | False | DelimitedData |
The distinguished name of a user's administrative assistant. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
Company | String | False | DelimitedData |
The user's company name. | |
CountryCode | String | False | DelimitedData |
Specifies the country/region code for the user's language of choice. This value is not used by Windows 2000. | |
C | String | False | DelimitedData |
The country/region in the address of the user. The country/region is represented as a 2-character code based on ISO-3166. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
Department | String | False | DelimitedData |
Contains the name for the department in which the user works. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DestinationIndicator | String | False | DelimitedData |
This is part of the X.500 specification and not used by NTDS. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
Division | String | False | DelimitedData |
The user's division. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
String | False | DelimitedData |
The list of email addresses for a contact. | ||
EmployeeID | String | False | DelimitedData |
The ID of an employee. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
FacsimileTelephoneNumber | String | False | DelimitedData |
Contains telephone number of the user's business fax machine. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
GenerationQualifier | String | False | DelimitedData |
Indicates a person generation. For example, Jr. or II. | |
GivenName | String | False | DelimitedData |
Contains the given name (first name) of the user. | |
Initials | String | False | DelimitedData |
Contains the initials for parts of the user's full name. This may be used as the middle initial in the Windows Address Book. | |
InternationalISDNNumber | String | False | DelimitedData |
Specifies an International ISDN Number associated with an object. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
L | String | False | DelimitedData |
Represents the name of a locality, such as a town or city. | |
ThumbnailLogo | String | False | DelimitedData |
BLOB that contains a logo for this object. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
Manager | String | False | DelimitedData |
Contains the distinguished name of the user who is the user's manager. The manager's user object contains a directReports property that contains references to all user objects that have their manager properties set to this distinguished name. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
MhsORAddress | String | False | DelimitedData |
X.400 address. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
Ou | String | False | DelimitedData |
The name of the organizational unit. | |
O | String | False | DelimitedData |
The name of the company or organization. | |
OtherMailbox | String | False | DelimitedData |
Contains other additional mail addresses in a form such as CCMAIL: BruceKeever. | |
MiddleName | String | False | DelimitedData |
Additional names for a user. For example, middle name, patronymic, matronymic, or others. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PersonalTitle | String | False | DelimitedData |
The user's title. | |
OtherFacsimileTelephoneNumber | String | False | DelimitedData |
A list of alternate facsimile numbers. | |
OtherHomePhone | String | False | DelimitedData |
A list of alternate home phone numbers. | |
HomePhone | String | False | DelimitedData |
The user's main home phone number. | |
OtherIpPhone | String | False | DelimitedData |
The list of alternate TCP/IP addresses for the phone. Used by Telephony. | |
IpPhone | String | False | DelimitedData |
The TCP/IP address for the phone. Used by Telephony. | |
PrimaryInternationalISDNNumber | String | False | DelimitedData |
The primary ISDN. | |
OtherMobile | String | False | DelimitedData |
A list of alternate mobile phone numbers. | |
Mobile | String | False | DelimitedData |
The primary mobile phone number. | |
OtherTelephone | String | False | DelimitedData |
A list of alternate office phone numbers. | |
OtherPager | String | False | DelimitedData |
A list of alternate pager numbers. | |
Pager | String | False | DelimitedData |
The primary pager number. | |
PhysicalDeliveryOfficeName | String | False | DelimitedData |
Contains the office location in the user's place of business. | |
ThumbnailPhoto | String | False | DelimitedData |
An image of the user. A space-efficient format like JPEG or GIF is recommended. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
PostalAddress | String | False | DelimitedData |
The mailing address for the object. | |
PostalCode | String | False | DelimitedData |
The postal or zip code for mail delivery. | |
PostOfficeBox | String | False | DelimitedData |
The post office box number for this object. | |
PreferredDeliveryMethod | String | False | DelimitedData |
The X.500-preferred way to deliver to addressee. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
RegisteredAddress | String | False | DelimitedData |
Specifies a mnemonic for an address associated with an object at a particular city location. The mnemonic is registered in the country/region in which the city is located and is used in the provision of the Public Telegram Service. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
SeeAlso | String | False | DelimitedData |
List of distinguished names that are related to an object. | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
St | String | False | DelimitedData |
The name of a user's state or province. | |
Street | String | False | DelimitedData |
The street address. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
Sn | String | False | DelimitedData |
This attribute contains the family or last name for a user. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
TelephoneNumber | String | False | DelimitedData |
The primary telephone number. | |
TeletexTerminalIdentifier | String | False | DelimitedData |
Specifies the Teletex terminal identifier and, optionally, parameters, for a teletex terminal associated with an object. | |
TelexNumber | String | False | DelimitedData |
A list of alternate telex numbers. | |
PrimaryTelexNumber | String | False | DelimitedData |
The primary telex number. | |
Co | String | False | DelimitedData |
The country/region in which the user is located. | |
Title | String | False | DelimitedData |
Contains the user's job title. This property is commonly used to indicate the formal job title, such as Senior Programmer, rather than occupational class, such as programmer. It is not typically used for suffix titles such as Esq. or DDS. | |
Comment | String | False | DelimitedData |
The user's comments. | |
UserPassword | String | False | DelimitedData |
The user's password in UTF-8 format. This is a write-only attribute. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. | |
X121Address | String | False | DelimitedData |
The X.121 address for an object. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
This class is used for objects that contain information that pertains to a position or role within an organization, such as a system administrator, manager, and so on. It can also be used for a nonhuman identity in an organization.
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DestinationIndicator | String | False | DelimitedData |
This is part of the X.500 specification and not used by NTDS. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
FacsimileTelephoneNumber | String | False | DelimitedData |
Contains telephone number of the user's business fax machine. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
InternationalISDNNumber | String | False | DelimitedData |
Specifies an International ISDN Number associated with an object. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
L | String | False | DelimitedData |
Represents the name of a locality, such as a town or city. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
Ou | String | False | DelimitedData |
The name of the organizational unit. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PhysicalDeliveryOfficeName | String | False | DelimitedData |
Contains the office location in the user's place of business. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
PostalAddress | String | False | DelimitedData |
The mailing address for the object. | |
PostalCode | String | False | DelimitedData |
The postal or zip code for mail delivery. | |
PostOfficeBox | String | False | DelimitedData |
The post office box number for this object. | |
PreferredDeliveryMethod | String | False | DelimitedData |
The X.500-preferred way to deliver to addressee. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
RegisteredAddress | String | False | DelimitedData |
Specifies a mnemonic for an address associated with an object at a particular city location. The mnemonic is registered in the country/region in which the city is located and is used in the provision of the Public Telegram Service. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
RoleOccupant | String | False | DelimitedData |
The distinguished name of an object that fulfills an organizational role. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
SeeAlso | String | False | DelimitedData |
List of distinguished names that are related to an object. | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
St | String | False | DelimitedData |
The name of a user's state or province. | |
Street | String | False | DelimitedData |
The street address. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
TelephoneNumber | String | False | DelimitedData |
The primary telephone number. | |
TeletexTerminalIdentifier | String | False | DelimitedData |
Specifies the Teletex terminal identifier and, optionally, parameters, for a teletex terminal associated with an object. | |
TelexNumber | String | False | DelimitedData |
A list of alternate telex numbers. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. | |
X121Address | String | False | DelimitedData |
The X.121 address for an object. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
A container for storing users, computers, and other account objects.
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
BusinessCategory | String | False | DelimitedData |
Descriptive text on an Organizational Unit. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
CountryCode | String | False | DelimitedData |
Specifies the country/region code for the user's language of choice. This value is not used by Windows 2000. | |
C | String | False | DelimitedData |
The country/region in the address of the user. The country/region is represented as a 2-character code based on ISO-3166. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
DefaultGroup | String | False | DelimitedData |
The group to which this object is assigned when it is created. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DesktopProfile | String | False | DelimitedData |
The location of the desktop profile for a user or group of users. Not used. | |
DestinationIndicator | String | False | DelimitedData |
This is part of the X.500 specification and not used by NTDS. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
FacsimileTelephoneNumber | String | False | DelimitedData |
Contains telephone number of the user's business fax machine. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
GPLink | String | False | DelimitedData |
A sorted list of Group Policy options. Each option is a DWORD. Use of the UNICODE string is a convenience. | |
GPOptions | String | False | DelimitedData |
Options that affect all group policies associated with the object hosting this property. | |
InternationalISDNNumber | String | False | DelimitedData |
Specifies an International ISDN Number associated with an object. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
L | String | False | DelimitedData |
Represents the name of a locality, such as a town or city. | |
ThumbnailLogo | String | False | DelimitedData |
BLOB that contains a logo for this object. | |
ManagedBy | String | False | DelimitedData |
The distinguished name of the user that is assigned to manage this object. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
Ou | String | False | DelimitedData |
The name of the organizational unit. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PhysicalDeliveryOfficeName | String | False | DelimitedData |
Contains the office location in the user's place of business. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
PostalAddress | String | False | DelimitedData |
The mailing address for the object. | |
PostalCode | String | False | DelimitedData |
The postal or zip code for mail delivery. | |
PostOfficeBox | String | False | DelimitedData |
The post office box number for this object. | |
PreferredDeliveryMethod | String | False | DelimitedData |
The X.500-preferred way to deliver to addressee. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
RegisteredAddress | String | False | DelimitedData |
Specifies a mnemonic for an address associated with an object at a particular city location. The mnemonic is registered in the country/region in which the city is located and is used in the provision of the Public Telegram Service. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
SearchGuide | String | False | DelimitedData |
Specifies information of suggested search criteria, which may be included in some entries that are expected to be a convenient base-object for the search operation, for example, country/region or organization. | |
SeeAlso | String | False | DelimitedData |
List of distinguished names that are related to an object. | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
St | String | False | DelimitedData |
The name of a user's state or province. | |
Street | String | False | DelimitedData |
The street address. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
TelephoneNumber | String | False | DelimitedData |
The primary telephone number. | |
TeletexTerminalIdentifier | String | False | DelimitedData |
Specifies the Teletex terminal identifier and, optionally, parameters, for a teletex terminal associated with an object. | |
TelexNumber | String | False | DelimitedData |
A list of alternate telex numbers. | |
Co | String | False | DelimitedData |
The country/region in which the user is located. | |
UPNSuffixes | String | False | DelimitedData |
The list of User-Principal-Name suffixes for a domain. | |
UserPassword | String | False | DelimitedData |
The user's password in UTF-8 format. This is a write-only attribute. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. | |
X121Address | String | False | DelimitedData |
The X.121 address for an object. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
Contains personal information about a user.
All columns support operators =, >= , <=, !=, LIKE, AND and OR. For example:
SELECT * FROM Person WHERE ObjectClass = 'top' AND CN LIKE '%NewUser%' LIMIT 5
To add a Person, fields can be specified except Id, DN and BaseDN. Required fields that should be provided are RDN and ObjectClass. For example:
INSERT INTO Person (RDN, ObjectClass) VALUES ('CN=Domain Admins', 'Person')
All columns except Id, DN and BaseDN can be updated by providing the Id in the WHERE clause. For example:
UPDATE Person SET Description = 'desc' WHERE Id = '1|CN=NewUser,CN=Users,DC=MyDC'
Persons can be deleted by providing the Id of the Person and issuing a DELETE statement. For example:
DELETE FROM Person WHERE Id = '1|CN=NewUser,CN=Users,DC=MyDC'
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
SeeAlso | String | False | DelimitedData |
List of distinguished names that are related to an object. | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
Sn | String | False | DelimitedData |
This attribute contains the family or last name for a user. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
TelephoneNumber | String | False | DelimitedData |
The primary telephone number. | |
UserPassword | String | False | DelimitedData |
The user's password in UTF-8 format. This is a write-only attribute. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
Represents an abstraction of an account with Portable Operating System Interface (POSIX) attributes.
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
Gecos | String | False | DelimitedData |
Contains the information that is stored in the GECOS field. | |
GidNumber | String | False | DelimitedData |
Contains an integer value that uniquely identifies a group in an administrative domain. | |
HomeDirectory | String | False | DelimitedData |
The home directory for the account. If homeDrive is set and specifies a drive letter, homeDirectory must be a UNC path. Otherwise, homeDirectory is a fully qualified local path including the drive letter (for example, DriveLetter:\Directory\Folder). This value can be a null string. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
LoginShell | String | False | DelimitedData |
Contains the path to the login shell. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MsCOM-PartitionSetLink | String | False | DelimitedData |
A link used to associate a COM+ Partition with a COM+ PartitionSet object. | |
MsCOM-UserLink | String | False | DelimitedData |
A link used to associate a COM+ PartitionSet with a User object. | |
MsDFSR-ComputerReferenceBL | String | False | DelimitedData |
Contains the backward link for the ms-DFSR-ComputerReference attribute. | |
MsDFSR-MemberReferenceBL | String | False | DelimitedData |
Contains the backward link for the ms-DFSR-MemberReference attribute. | |
MsDS-Approx-Immed-Subordinates | String | False | DelimitedData |
The value returned by this attribute is based on index sizes. This may be off by +/-10% on large containers, and the error is theoretically unbounded, but using this attribute helps the UI display the contents of a container. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
MsDs-masteredBy | String | False | DelimitedData |
Backward link for msDS-hasMasterNCs. | |
MsDS-MembersForAzRoleBL | String | False | DelimitedData |
Backward link from member application group or user to Az-Role objects linking to it. | |
MsDS-NCReplCursors | String | False | DelimitedData |
A list of past and present replication partners, and how current we are with each of them. | |
MsDS-NCReplInboundNeighbors | String | False | DelimitedData |
Replication partners for this partition. This server obtains replication data from these other servers, which act as sources. | |
MsDS-NCReplOutboundNeighbors | String | False | DelimitedData |
Replication partners for this partition. This server sends replication data to these other servers, which act as destinations. This server will notify these other servers when new data is available. | |
MsDS-NonMembersBL | String | False | DelimitedData |
Backward link from non-member group or user to Az groups that link to it (same functionality as Non-Security-Member-BL). | |
MsDS-ObjectReferenceBL | String | False | DelimitedData |
Backward link for ms-DS-Object-Reference. | |
MsDS-OperationsForAzRoleBL | String | False | DelimitedData |
Backward link from Az-Operation to Az-Role objects that link to it. | |
MsDS-OperationsForAzTaskBL | String | False | DelimitedData |
Backward link from Az-Operation to Az-Task objects that link to it. | |
MsDS-ReplAttributeMetaData | String | False | DelimitedData |
A list of metadata for each replicated attribute. The metadata indicates who changed the attribute last. | |
MsDS-ReplValueMetaData | String | False | DelimitedData |
A list of metadata for each value of an attribute. The metadata indicates who changed the value last. | |
MsDS-TasksForAzRoleBL | String | False | DelimitedData |
Backward link from Az-Task to Az-Role objects that link to it. | |
MsDS-TasksForAzTaskBL | String | False | DelimitedData |
Backward link from Az-Task to the Az-Task objects that link to it. | |
OwnerBL | String | False | DelimitedData |
The backward link to the owner attribute. Contains a list of owners for an object. | |
MsSFU30PosixMemberOf | String | False | DelimitedData |
Contains the display names of groups to which this user belongs. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
StructuralObjectClass | String | False | DelimitedData |
This constructed attribute stores a list of classes contained in a class hierarchy, including abstract classes. This list does contain dynamically linked auxiliary classes. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
Uid | String | False | DelimitedData |
A user ID. | |
UidNumber | String | False | DelimitedData |
Contains an integer that uniquely identifies a user in an administrative domain. | |
UnixHomeDirectory | String | False | DelimitedData |
Contains the absolute path to the home directory. | |
UnixUserPassword | String | False | DelimitedData |
Contains a user password that is compatible with a UNIX system. | |
UserPassword | String | False | DelimitedData |
The user's password in UTF-8 format. This is a write-only attribute. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
Represents an abstraction of a group of accounts.
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
GidNumber | String | False | DelimitedData |
Contains an integer value that uniquely identifies a group in an administrative domain. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
MemberUid | String | False | DelimitedData |
Contains the login names of the members of a group. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MsCOM-PartitionSetLink | String | False | DelimitedData |
A link used to associate a COM+ Partition with a COM+ PartitionSet object. | |
MsCOM-UserLink | String | False | DelimitedData |
A link used to associate a COM+ PartitionSet with a User object. | |
MsDFSR-ComputerReferenceBL | String | False | DelimitedData |
Contains the backward link for the ms-DFSR-ComputerReference attribute. | |
MsDFSR-MemberReferenceBL | String | False | DelimitedData |
Contains the backward link for the ms-DFSR-MemberReference attribute. | |
MsDS-Approx-Immed-Subordinates | String | False | DelimitedData |
The value returned by this attribute is based on index sizes. This may be off by +/-10% on large containers, and the error is theoretically unbounded, but using this attribute helps the UI display the contents of a container. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
MsDs-masteredBy | String | False | DelimitedData |
Backward link for msDS-hasMasterNCs. | |
MsDS-MembersForAzRoleBL | String | False | DelimitedData |
Backward link from member application group or user to Az-Role objects linking to it. | |
MsDS-NCReplCursors | String | False | DelimitedData |
A list of past and present replication partners, and how current we are with each of them. | |
MsDS-NCReplInboundNeighbors | String | False | DelimitedData |
Replication partners for this partition. This server obtains replication data from these other servers, which act as sources. | |
MsDS-NCReplOutboundNeighbors | String | False | DelimitedData |
Replication partners for this partition. This server sends replication data to these other servers, which act as destinations. This server will notify these other servers when new data is available. | |
MsDS-NonMembersBL | String | False | DelimitedData |
Backward link from non-member group or user to Az groups that link to it (same functionality as Non-Security-Member-BL). | |
MsDS-ObjectReferenceBL | String | False | DelimitedData |
Backward link for ms-DS-Object-Reference. | |
MsDS-OperationsForAzRoleBL | String | False | DelimitedData |
Backward link from Az-Operation to Az-Role objects that link to it. | |
MsDS-OperationsForAzTaskBL | String | False | DelimitedData |
Backward link from Az-Operation to Az-Task objects that link to it. | |
MsDS-ReplAttributeMetaData | String | False | DelimitedData |
A list of metadata for each replicated attribute. The metadata indicates who changed the attribute last. | |
MsDS-ReplValueMetaData | String | False | DelimitedData |
A list of metadata for each value of an attribute. The metadata indicates who changed the value last. | |
MsDS-TasksForAzRoleBL | String | False | DelimitedData |
Backward link from Az-Task to Az-Role objects that link to it. | |
MsDS-TasksForAzTaskBL | String | False | DelimitedData |
Backward link from Az-Task to the Az-Task objects that link to it. | |
OwnerBL | String | False | DelimitedData |
The backward link to the owner attribute. Contains a list of owners for an object. | |
MsSFU30PosixMemberOf | String | False | DelimitedData |
Contains the display names of groups to which this user belongs. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
StructuralObjectClass | String | False | DelimitedData |
This constructed attribute stores a list of classes contained in a class hierarchy, including abstract classes. This list does contain dynamically linked auxiliary classes. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
UnixUserPassword | String | False | DelimitedData |
Contains a user password that is compatible with a UNIX system. | |
UserPassword | String | False | DelimitedData |
The user's password in UTF-8 format. This is a write-only attribute. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
Contains information about a print queue.
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
PrinterName | String | False | DelimitedData |
The display name of an attached printer. | |
ServerName | String | False | DelimitedData |
The name of a server. | |
ShortServerName | String | False | DelimitedData |
Pre-Windows 2000 compatible server name for print servers. | |
UNCName | String | False | DelimitedData |
The universal naming convention name for shared volumes and printers. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
AssetNumber | String | False | DelimitedData |
The tracking number for the object. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
BytesPerMinute | String | False | DelimitedData |
Printer data transfer rate. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
DefaultPriority | String | False | DelimitedData |
The default priority (of a process, print job, and so on). | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DriverName | String | False | DelimitedData |
The device driver name. | |
DriverVersion | String | False | DelimitedData |
The Version number of device driver. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
Keywords | String | False | DelimitedData |
A list of keywords that can be used to locate a given connection point. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
Location | String | False | DelimitedData |
The user's location, such as office number. | |
ManagedBy | String | False | DelimitedData |
The distinguished name of the user that is assigned to manage this object. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
OperatingSystem | String | False | DelimitedData |
The Operating System name, for example, Windows Vista Enterprise. | |
OperatingSystemHotfix | String | False | DelimitedData |
The hotfix level of the operating system. | |
OperatingSystemServicePack | String | False | DelimitedData |
The operating system service pack ID string (for example, SP3). | |
OperatingSystemVersion | String | False | DelimitedData |
The operating system version string, for example, 4.0. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PhysicalLocationObject | String | False | DelimitedData |
Used to map a device (for example, a printer, computer, and so on) to a physical location. | |
PortName | String | False | DelimitedData |
List of port names. For example, for printer ports or comm ports. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
PrintAttributes | String | False | DelimitedData |
A bitmask of printer attributes. | |
PrintBinNames | String | False | DelimitedData |
A list of printer bin names. | |
PrintCollate | String | False | DelimitedData |
TRUE if a printer has collating bins. | |
PrintColor | String | False | DelimitedData |
TRUE if a printer can print in color. | |
PrintDuplexSupported | String | False | DelimitedData |
Indicates the type of duplex support a printer has. | |
PrintEndTime | String | False | DelimitedData |
The time a print queue stops servicing jobs. | |
PrintFormName | String | False | DelimitedData |
The name of the currently loaded form. | |
PrintKeepPrintedJobs | String | False | DelimitedData |
TRUE if printed jobs are kept. | |
PrintLanguage | String | False | DelimitedData |
The supported page description language (for example, PostScript, PCL). | |
PrintMACAddress | String | False | DelimitedData |
The user-supplied MAC address. | |
PrintMaxCopies | String | False | DelimitedData |
The maximum number of copies a device can print. | |
PrintMaxResolutionSupported | String | False | DelimitedData |
The maximum printer resolution. | |
PrintMaxXExtent | String | False | DelimitedData |
The maximum horizontal print region. | |
PrintMaxYExtent | String | False | DelimitedData |
The maximum vertical print region. | |
PrintMediaReady | String | False | DelimitedData |
A list of available media for a printer. | |
PrintMediaSupported | String | False | DelimitedData |
A list of media supported by a printer. | |
PrintMemory | String | False | DelimitedData |
The amount of memory installed in a printer. | |
PrintMinXExtent | String | False | DelimitedData |
The minimum horizontal print region. | |
PrintMinYExtent | String | False | DelimitedData |
The minimum vertical print region. | |
PrintNetworkAddress | String | False | DelimitedData |
The user-supplied network address. | |
PrintNotify | String | False | DelimitedData |
A user-supplied string that specifies the notification contact. | |
PrintNumberUp | String | False | DelimitedData |
The number of page images per sheet. | |
PrintOrientationsSupported | String | False | DelimitedData |
The page rotation for landscape printing. | |
PrintOwner | String | False | DelimitedData |
A user-supplied owner string. | |
PrintPagesPerMinute | String | False | DelimitedData |
Driver-supplied print rate in pages per minute. | |
PrintRate | String | False | DelimitedData |
Driver-supplied print rate. | |
PrintRateUnit | String | False | DelimitedData |
Driver-supplied print rate unit. | |
PrintSeparatorFile | String | False | DelimitedData |
The file path of the printer separator page. | |
PrintShareName | String | False | DelimitedData |
The printer's share name. | |
PrintSpooling | String | False | DelimitedData |
A string that represents the type of printer spooling. | |
PrintStaplingSupported | String | False | DelimitedData |
TRUE if the printer supports stapling. Supplied by the driver. | |
PrintStartTime | String | False | DelimitedData |
The time a print queue begins servicing jobs. | |
PrintStatus | String | False | DelimitedData |
Status from the print spooler. Currently unused. | |
Priority | String | False | DelimitedData |
The current priority (of a process, print job, and so on). | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
VersionNumber | String | False | DelimitedData |
A general purpose version number. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
This is an auxiliary class that is used to identify security principals.
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
Contains the security information for an object.
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
SAMAccountName | String | False | DelimitedData |
The logon name used to support clients and servers running earlier versions of the operating system, such as Windows NT 4.0, Windows 95, Windows 98, and LAN Manager. | |
AccountNameHistory | String | False | DelimitedData |
The length of time that the account has been active. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
AltSecurityIdentities | String | False | DelimitedData |
Contains mappings for X.509 certificates or external Kerberos user accounts to this user for the purpose of authentication. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectSid | String | False | DelimitedData |
A binary value that specifies the security identifier (SID) of the user. The SID is a unique value used to identify the user as a security principal. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
Rid | String | False | DelimitedData |
The relative Identifier of an object. | |
SAMAccountType | String | False | DelimitedData |
This attribute contains information about every account type object. You can enumerate a list of account types or you can use the Display Information API to create a list. Because computers, normal user accounts, and trust accounts can also be enumerated as user objects, the values for these accounts must be a contiguous range. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
SecurityIdentifier | String | False | DelimitedData |
A unique value of variable length used to identify a user account, group account, or logon session to which an ACE applies. | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SIDHistory | String | False | DelimitedData |
Contains previous SIDs used for the object if the object was moved from another domain. Whenever an object is moved from one domain to another, a new SID is created and that new SID becomes the objectSID. The previous SID is added to the sIDHistory property. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SupplementalCredentials | String | False | DelimitedData |
Stored credentials for use in authenticating. The encrypted version of the user's password. This attribute is neither readable nor writable. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
This class represents a server computer in a site.
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
BridgeheadTransportList | String | False | DelimitedData |
Transports for which this server is a bridgehead. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DNSHostName | String | False | DelimitedData |
Name of computer as registered in DNS. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
ManagedBy | String | False | DelimitedData |
The distinguished name of the user that is assigned to manage this object. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
SerialNumber | String | False | DelimitedData |
Part of X.500 specification. Not used by Active Directory. | |
ServerReference | String | False | DelimitedData |
Found in a site computer object. Contains the distinguished name of the domain controller in the domain naming context. | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
MailAddress | String | False | DelimitedData |
Generic mail address attribute. Used in the box as an optional attribute of server objects, where it is consumed by mail-based DS replication (if the computers are so configured). | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
A container for storing server objects. Represents a physical location that contains computers. Used to manage replication.
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
GPLink | String | False | DelimitedData |
A sorted list of Group Policy options. Each option is a DWORD. Use of the UNICODE string is a convenience. | |
GPOptions | String | False | DelimitedData |
Options that affect all group policies associated with the object hosting this property. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
Location | String | False | DelimitedData |
The user's location, such as office number. | |
ManagedBy | String | False | DelimitedData |
The distinguished name of the user that is assigned to manage this object. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
MSMQInterval1 | String | False | DelimitedData |
In MSMQ mixed-mode, default replication time within a site. | |
MSMQInterval2 | String | False | DelimitedData |
In MSMQ mixed-mode, default replication time between sites. | |
MSMQNt4Stub | String | False | DelimitedData |
The MSMQ-Nt4-Stub attribute contains MSMQ mixed-mode information. | |
MSMQSiteForeign | String | False | DelimitedData |
A Boolean value that indicates whether it is a foreign MSMQ site. | |
MSMQSiteID | String | False | DelimitedData |
The MSMQ-Site-ID attribute contains MSMQ mixed-mode information. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
NotificationList | String | False | DelimitedData |
The Notification-List attribute is not currently used. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
The top level class from which all classes are derived.
All columns support operators =, >= , <=, !=, LIKE, AND and OR. For example:
SELECT * FROM Top WHERE CN != 'NewUser' AND BaseDN = 'CN=Users,DC=MyDC' LIMIT 5
To add a Top, fields can be specified except Id, DN and BaseDN. Required fields that should be provided are RDN and ObjectClass. For example:
INSERT INTO Top (RDN, ObjectClass) VALUES ('CN=NewUser', 'top;person;organizationalPerson;user;inetOrgPerson')
All columns except Id, DN and BaseDN can be updated by providing the Id in the WHERE clause. For example:
UPDATE Top SET Description = 'test' WHERE Id = '1|CN=NewUser,CN=Users,DC=MyDC'
Tops can be deleted by providing the Id of the Top and issuing a DELETE statement. For example:
DELETE FROM Top WHERE Id = '1|CN=NewUser,CN=Users,DC=MyDC'
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
An object that represents a domain trusted by (or trusting) the local domain.
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
AdditionalTrustedServiceNames | String | False | DelimitedData |
A list of services in the domain that can be trusted. Not used by AD. | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DomainCrossRef | String | False | DelimitedData |
This is a reference from a trusted domain object to the cross reference object of the trusted domain. | |
DomainIdentifier | String | False | DelimitedData |
Domain Sid that identifies the domain. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FlatName | String | False | DelimitedData |
For Windows NT domains, the flat name is the NetBIOS name. For links with non-Windows NT domains, the flat name is the identifying name of that domain, or it is NULL. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
InitialAuthIncoming | String | False | DelimitedData |
Contains information about an initial incoming authentication request by a client to this server. This request is then sent by this server to the authentication server for the domain. | |
InitialAuthOutgoing | String | False | DelimitedData |
Contains information about an initial outgoing authentication sent by the authentication server for this domain to the client that requested authentication. The server that uses this attribute receives the authorization from the authentication server and sends it to the client. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | False | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | False | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
SecurityIdentifier | String | False | DelimitedData |
A unique value of variable length used to identify a user account, group account, or logon session to which an ACE applies. | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
TrustAttributes | String | False | DelimitedData |
This attribute stores the trust attributes for a trusted domain. Possible attribute values are as follows: | |
TrustAuthIncoming | String | False | DelimitedData |
Authentication information for the incoming portion of a trust. | |
TrustAuthOutgoing | String | False | DelimitedData |
Authentication information for the outgoing portion of a trust. | |
TrustDirection | String | False | DelimitedData |
The direction of a trust. | |
TrustPartner | String | False | DelimitedData |
The name of the domain with which a trust exists. | |
TrustPosixOffset | String | False | DelimitedData |
The Portable Operating System Interface (POSIX) offset for the trusted domain. | |
TrustType | String | False | DelimitedData |
The type of trust, for example, Windows NT or MIT. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
This class is used to store information about an employee or contractor who works for an organization. It is also possible to apply this class to long term visitors.
All columns support operators =, >= , <=, !=, LIKE, AND and OR. For example:
SELECT * FROM User WHERE Title Like '%abc%' AND AdminCount != '1' LIMIT 5
To add a User, fields can be specified except Id, DN and BaseDN. Required fields that should be provided are RDN and ObjectClass. For example:
INSERT INTO [User] (RDN, ObjectClass) VALUES ('CN=TestUser', 'Top; Person; OrganizationalPerson; User')
All columns except Id, DN and BaseDN can be updated by providing the Id in the WHERE clause. For example:
UPDATE User SET PostalCode = '94042' WHERE Id = '1|CN=NewUser,CN=Users,DC=MyDC'
Users can be deleted by providing the Id of the User and issuing a DELETE statement. For example:
DELETE FROM User WHERE Id = '1|CN=NewUser,CN=Users,DC=MyDC'
Name | Type | ReadOnly | References | DataFormat | Description |
Id [KEY] | String | True |
Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | ||
DN | String | True |
The full distinguished name. | ||
RDN | String | False |
The relative distinguished name. | ||
BaseDN | String | True |
The base distinguished name. | ||
InstanceType | String | False | DelimitedData |
A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | False | DelimitedData |
The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | False | DelimitedData |
An object class name used to group objects of this or derived classes. | |
ObjectClass | String | False | DelimitedData |
The list of classes from which this class is derived. | |
SAMAccountName | String | False | DelimitedData |
The logon name used to support clients and servers running earlier versions of the operating system, such as Windows NT 4.0, Windows 95, Windows 98, and LAN Manager. | |
AccountExpires | String | False | DelimitedData |
The date when the account expires. This value represents the number of 100-nanosecond intervals since January 1, 1601 (UTC). A value of 0 or 0x7FFFFFFFFFFFFFFF (9223372036854775807) indicates that the account never expires. | |
AccountNameHistory | String | False | DelimitedData |
The length of time that the account has been active. | |
ACSPolicyName | String | False | DelimitedData |
String name of an ACS policy that applies to this user. | |
StreetAddress | String | False | DelimitedData |
The user's address. | |
HomePostalAddress | String | False | DelimitedData |
A user's home address. | |
AdminCount | String | False | DelimitedData |
Indicates that a given object has had its ACLs changed to a more secure value by the system because it was a member of one of the administrative groups (directly or transitively). | |
AdminDescription | String | False | DelimitedData |
The description displayed on admin screens. | |
AdminDisplayName | String | False | DelimitedData |
The name to be displayed on admin screens. | |
AllowedAttributes | String | False | DelimitedData |
Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | False | DelimitedData |
A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | False | DelimitedData |
Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | False | DelimitedData |
A list of classes that can be modified. | |
AltSecurityIdentities | String | False | DelimitedData |
Contains mappings for X.509 certificates or external Kerberos user accounts to this user for the purpose of authentication. | |
Assistant | String | False | DelimitedData |
The distinguished name of a user's administrative assistant. | |
BadPasswordTime | String | False | DelimitedData |
The last time and date that an attempt to log on to this account was made with a password that is not valid. This value is stored as a large integer that represents the number of 100-nanosecond intervals since January 1, 1601 (UTC). A value of zero means that the last time a incorrect password was used is unknown. | |
BadPwdCount | String | False | DelimitedData |
The number of times the user tried to log on to the account using an incorrect password. A value of 0 indicates that the value is unknown. | |
BridgeheadServerListBL | String | False | DelimitedData |
The list of servers that are bridgeheads for replication. | |
CanonicalName | String | False | DelimitedData |
The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
CodePage | String | False | DelimitedData |
Specifies the code page for the user's language of choice. This value is not used by Windows 2000. | |
Info | String | False | DelimitedData |
The user's comments. This string can be a null string. | |
Cn | String | False | DelimitedData |
The name that represents an object. Used to perform searches. | |
Company | String | False | DelimitedData |
The user's company name. | |
ControlAccessRights | String | False | DelimitedData |
Used by DS Security to determine which users can perform specific operations on the host object. | |
CountryCode | String | False | DelimitedData |
Specifies the country/region code for the user's language of choice. This value is not used by Windows 2000. | |
C | String | False | DelimitedData |
The country/region in the address of the user. The country/region is represented as a 2-character code based on ISO-3166. | |
CreateTimeStamp | String | False | DelimitedData |
The date when this object was created. This value is replicated. | |
DBCSPwd | String | False | DelimitedData |
The account's LAN Manager password. | |
DefaultClassStore | String | False | DelimitedData |
The default Class Store for a given user. | |
Department | String | False | DelimitedData |
Contains the name for the department in which the user works. | |
Description | String | False | DelimitedData |
Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DesktopProfile | String | False | DelimitedData |
The location of the desktop profile for a user or group of users. Not used. | |
DestinationIndicator | String | False | DelimitedData |
This is part of the X.500 specification and not used by NTDS. | |
DisplayName | String | False | DelimitedData |
The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | False | DelimitedData |
The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
Division | String | False | DelimitedData |
The user's division. | |
DSASignature | String | False | DelimitedData |
The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | False | DelimitedData |
The DS-Core-Propagation-Data attribute is for internal use only. | |
DynamicLDAPServer | String | False | DelimitedData |
DNS name of server handing dynamic properties for this account. | |
String | False | DelimitedData |
The list of email addresses for a contact. | ||
EmployeeID | String | False | DelimitedData |
The ID of an employee. | |
EmployeeNumber | String | False | DelimitedData |
The number for an employee. | |
EmployeeType | String | False | DelimitedData |
The job category for an employee. | |
ExtensionName | String | False | DelimitedData |
The name of a property page used to extend the UI of a directory object. | |
FacsimileTelephoneNumber | String | False | DelimitedData |
Contains telephone number of the user's business fax machine. | |
Flags | String | False | DelimitedData |
To be used by the object to store bit information. | |
FromEntry | String | False | DelimitedData |
This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | False | DelimitedData |
Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | False | DelimitedData |
Reference to subscriber objects for this member. | |
FSMORoleOwner | String | False | DelimitedData |
Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
GarbageCollPeriod | String | False | DelimitedData |
This attribute is located on the CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,... object. It represents the time, in hours, between DS garbage collection runs. | |
GenerationQualifier | String | False | DelimitedData |
Indicates a person generation. For example, Jr. or II. | |
GivenName | String | False | DelimitedData |
Contains the given name (first name) of the user. | |
GroupMembershipSAM | String | False | DelimitedData |
Windows NT Security. Down level Windows NT support. | |
GroupPriority | String | False | DelimitedData |
The Group-Priority attribute is not currently used. | |
GroupsToIgnore | String | False | DelimitedData |
The Groups-to-Ignore attribute is not currently used. | |
HomeDirectory | String | False | DelimitedData |
The home directory for the account. If homeDrive is set and specifies a drive letter, homeDirectory must be a UNC path. Otherwise, homeDirectory is a fully qualified local path including the drive letter (for example, DriveLetter:\Directory\Folder). This value can be a null string. | |
HomeDrive | String | False | DelimitedData |
Specifies the drive letter to which to map the UNC path specified by homeDirectory. The drive letter must be specified in the form DriveLetter: where DriveLetter is the letter of the drive to map. The DriveLetter must be a single, uppercase letter and the colon (:) is required. | |
Initials | String | False | DelimitedData |
Contains the initials for parts of the user's full name. This may be used as the middle initial in the Windows Address Book. | |
InternationalISDNNumber | String | False | DelimitedData |
Specifies an International ISDN Number associated with an object. | |
IsCriticalSystemObject | String | False | DelimitedData |
If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | False | DelimitedData |
If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | True | DelimitedData |
The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | False | DelimitedData |
Backward link to privileges held by a given principal. | |
LastKnownParent | String | False | DelimitedData |
The Distinguished Name (DN) of the last known parent of an orphaned object. | |
LastLogoff | String | False | DelimitedData |
This attribute is not used. | |
LastLogon | String | False | DelimitedData |
The last time the user logged on. This value is stored as a large integer that represents the number of 100-nanosecond intervals since January 1, 1601 (UTC). A value of zero means that the last logon time is unknown. | |
LegacyExchangeDN | String | False | DelimitedData |
The distinguished name previously used by Exchange. | |
LmPwdHistory | String | False | DelimitedData |
The password history of the user in LAN Manager (LM) one-way format (OWF). The LM OWF is used for compatibility with LAN Manager 2.x clients, Windows 95, and Windows 98. | |
LocaleID | String | False | DelimitedData |
This attribute contains a list of locale IDs supported by this application. A locale ID represents a geographic location, such as a country/region, city, county, and so on. | |
L | String | False | DelimitedData |
Represents the name of a locality, such as a town or city. | |
LockoutTime | String | False | DelimitedData |
The date and time (UTC) that this account was locked out. This value is stored as a large integer that represents the number of 100-nanosecond intervals since January 1, 1601 (UTC). A value of zero means that the account is not currently locked out. | |
ThumbnailLogo | String | False | DelimitedData |
BLOB that contains a logo for this object. | |
LogonCount | String | False | DelimitedData |
The number of times the account has successfully logged on. A value of 0 indicates that the value is unknown. | |
LogonHours | String | False | DelimitedData |
The hours that the user is allowed to logon to the domain. | |
LogonWorkstation | String | False | DelimitedData |
This attribute is not used. See the User-Workstations attribute. | |
ManagedObjects | String | False | DelimitedData |
Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
Manager | String | False | DelimitedData |
Contains the distinguished name of the user who is the user's manager. The manager's user object contains a directReports property that contains references to all user objects that have their manager properties set to this distinguished name. | |
MasteredBy | String | False | DelimitedData |
Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
MaxStorage | String | False | DelimitedData |
The maximum amount of disk space the user can use. Use the value specified in USER_MAXSTORAGE_UNLIMITED to use all available disk space. | |
MhsORAddress | String | False | DelimitedData |
X.400 address. | |
ModifyTimeStamp | String | False | DelimitedData |
A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MS-DS-ConsistencyChildCount | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | False | DelimitedData |
This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
MS-DS-CreatorSID | String | False | DelimitedData |
The security ID of the creator of the object that contains this attribute. | |
MSMQDigests | String | False | DelimitedData |
An array of digests of the corresponding certificates in attribute mSMQ-Sign-Certificates. They are used for mapping a digest into a certificate. | |
MSMQDigestsMig | String | False | DelimitedData |
In MSMQ mixed-mode, contains the previous value of mSMQDigests. | |
MSMQSignCertificates | String | False | DelimitedData |
This attribute contains a number of certificates. A user can generate a certificate per computer. For each certificate we also keep a digest. | |
MSMQSignCertificatesMig | String | False | DelimitedData |
In MSMQ mixed-mode, the attribute contains the previous value of mSMQSignCertificates. MSMQ supports migration from the MSMQ 1.0 DS to the Windows 2000 DS, and mixed mode specifies a state in which some of the DS severs were not upgraded to Windows 2000. | |
MsNPAllowDialin | String | False | DelimitedData |
Indicates whether the account has permission to dial in to the RAS server. Do not modify this value directly. Use the appropriate RAS administration function to modify this value. | |
MsNPCallingStationID | String | False | DelimitedData |
The msNPCallingStationID attribute is used internally. Do not modify this value directly. | |
MsNPSavedCallingStationID | String | False | DelimitedData |
The msNPSavedCallingStationID attribute is used internally. Do not modify this value directly. | |
MsRADIUSCallbackNumber | String | False | DelimitedData |
The msRADIUSCallbackNumber attribute is used internally. Do not modify this value directly. | |
MsRADIUSFramedIPAddress | String | False | DelimitedData |
The msRADIUSFramedIPAddress attribute is used internally. Do not modify this value directly. | |
MsRADIUSFramedRoute | String | False | DelimitedData |
The msRADIUSFramedRoute attribute is used internally. Do not modify this value directly. | |
MsRADIUSServiceType | String | False | DelimitedData |
The msRADIUSServiceType attribute is used internally. Do not modify this value directly. | |
MsRASSavedCallbackNumber | String | False | DelimitedData |
The msRASSavedCallbackNumber attribute is used internally. Do not modify this value directly. | |
MsRASSavedFramedIPAddress | String | False | DelimitedData |
The msRASSavedFramedIPAddress attribute is used internally. Do not modify this value directly. | |
MsRASSavedFramedRoute | String | False | DelimitedData |
The msRASSavedFramedRoute attribute is used internally. Do not modify this value directly. | |
NetbootSCPBL | String | False | DelimitedData |
A list of service connection points that reference this NetBoot server. | |
NetworkAddress | String | False | DelimitedData |
The TCP/IP address for a network segment. Also called the subnet address. | |
NonSecurityMemberBL | String | False | DelimitedData |
List of nonsecurity-members for an Exchange distribution list. | |
NtPwdHistory | String | False | DelimitedData |
The password history of the user in Windows NT one-way format (OWF). Windows 2000 uses the Windows NT OWF. | |
DistinguishedName | String | False | DelimitedData |
Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | False | DelimitedData |
The unique identifier for an object. | |
ObjectSid | String | False | DelimitedData |
A binary value that specifies the security identifier (SID) of the user. The SID is a unique value used to identify the user as a security principal. | |
ObjectVersion | String | False | DelimitedData |
This can be used to store a version number for the object. | |
OperatorCount | String | False | DelimitedData |
Operator count. | |
Ou | String | False | DelimitedData |
The name of the organizational unit. | |
O | String | False | DelimitedData |
The name of the company or organization. | |
OtherLoginWorkstations | String | False | DelimitedData |
Non-Windows NT or LAN Manager workstations from which a user can log on. | |
OtherMailbox | String | False | DelimitedData |
Contains other additional mail addresses in a form such as CCMAIL: BruceKeever. | |
MiddleName | String | False | DelimitedData |
Additional names for a user. For example, middle name, patronymic, matronymic, or others. | |
OtherWellKnownObjects | String | False | DelimitedData |
Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | False | DelimitedData |
Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PersonalTitle | String | False | DelimitedData |
The user's title. | |
OtherFacsimileTelephoneNumber | String | False | DelimitedData |
A list of alternate facsimile numbers. | |
OtherHomePhone | String | False | DelimitedData |
A list of alternate home phone numbers. | |
HomePhone | String | False | DelimitedData |
The user's main home phone number. | |
OtherIpPhone | String | False | DelimitedData |
The list of alternate TCP/IP addresses for the phone. Used by Telephony. | |
IpPhone | String | False | DelimitedData |
The TCP/IP address for the phone. Used by Telephony. | |
PrimaryInternationalISDNNumber | String | False | DelimitedData |
The primary ISDN. | |
OtherMobile | String | False | DelimitedData |
A list of alternate mobile phone numbers. | |
Mobile | String | False | DelimitedData |
The primary mobile phone number. | |
OtherTelephone | String | False | DelimitedData |
A list of alternate office phone numbers. | |
OtherPager | String | False | DelimitedData |
A list of alternate pager numbers. | |
Pager | String | False | DelimitedData |
The primary pager number. | |
PhysicalDeliveryOfficeName | String | False | DelimitedData |
Contains the office location in the user's place of business. | |
ThumbnailPhoto | String | False | DelimitedData |
An image of the user. A space-efficient format like JPEG or GIF is recommended. | |
PossibleInferiors | String | False | DelimitedData |
The list of objects that this object can contain. | |
PostalAddress | String | False | DelimitedData |
The mailing address for the object. | |
PostalCode | String | False | DelimitedData |
The postal or zip code for mail delivery. | |
PostOfficeBox | String | False | DelimitedData |
The post office box number for this object. | |
PreferredDeliveryMethod | String | False | DelimitedData |
The X.500-preferred way to deliver to addressee. | |
PreferredOU | String | False | DelimitedData |
The Organizational Unit to show by default on user' s desktop. | |
PrimaryGroupID | String | False | DelimitedData |
Contains the relative identifier (RID) for the primary group of the user. By default, this is the RID for the Domain Users group. | |
ProfilePath | String | False | DelimitedData |
Specifies a path to the user's profile. This value can be a null string, a local absolute path, or a UNC path. | |
ProxiedObjectName | String | False | DelimitedData |
This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | False | DelimitedData |
A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
PwdLastSet | String | False | DelimitedData |
The date and time that the password for this account was last changed. This value is stored as a large integer that represents the number of 100 nanosecond intervals since January 1, 1601 (UTC). If this value is set to 0 and the User-Account-Control attribute does not contain the UF_DONT_EXPIRE_PASSWD flag, then the user must set the password at the next logon. | |
QueryPolicyBL | String | False | DelimitedData |
List of all objects holding references to a given Query-Policy. | |
Name | String | True | DelimitedData |
The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
RegisteredAddress | String | False | DelimitedData |
Specifies a mnemonic for an address associated with an object at a particular city location. The mnemonic is registered in the country/region in which the city is located and is used in the provision of the Public Telegram Service. | |
ReplPropertyMetaData | String | False | DelimitedData |
Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | False | DelimitedData |
Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | False | DelimitedData |
Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | False | DelimitedData |
Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | False | DelimitedData |
Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | False | DelimitedData |
The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
Rid | String | False | DelimitedData |
The relative Identifier of an object. | |
SAMAccountType | String | False | DelimitedData |
This attribute contains information about every account type object. You can enumerate a list of account types or you can use the Display Information API to create a list. Because computers, normal user accounts, and trust accounts can also be enumerated as user objects, the values for these accounts must be a contiguous range. | |
ScriptPath | String | False | DelimitedData |
This attribute specifies the path for the user's logon script. The string can be null. | |
SDRightsEffective | String | False | DelimitedData |
This constructed attribute returns a single DWORD value that can have up to three bits set: | |
SecurityIdentifier | String | False | DelimitedData |
A unique value of variable length used to identify a user account, group account, or logon session to which an ACE applies. | |
SeeAlso | String | False | DelimitedData |
List of distinguished names that are related to an object. | |
ServerReferenceBL | String | False | DelimitedData |
Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ServicePrincipalName | String | False | DelimitedData |
List of principal names used for mutual authentication with an instance of a service on this computer. | |
ShowInAddressBook | String | False | DelimitedData |
This attribute is used to indicate in which MAPI address books an object will appear. It is usually maintained by the Exchange Recipient Update Service. | |
ShowInAdvancedViewOnly | String | False | DelimitedData |
TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SIDHistory | String | False | DelimitedData |
Contains previous SIDs used for the object if the object was moved from another domain. Whenever an object is moved from one domain to another, a new SID is created and that new SID becomes the objectSID. The previous SID is added to the sIDHistory property. | |
SiteObjectBL | String | False | DelimitedData |
The list of distinguished names for subnets that belong to this site. | |
St | String | False | DelimitedData |
The name of a user's state or province. | |
Street | String | False | DelimitedData |
The street address. | |
SubRefs | String | False | DelimitedData |
List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | False | DelimitedData |
The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SupplementalCredentials | String | False | DelimitedData |
Stored credentials for use in authenticating. The encrypted version of the user's password. This attribute is neither readable nor writable. | |
Sn | String | False | DelimitedData |
This attribute contains the family or last name for a user. | |
SystemFlags | String | False | DelimitedData |
An integer value that contains flags that define additional properties of the class. See Remarks. | |
TelephoneNumber | String | False | DelimitedData |
The primary telephone number. | |
TeletexTerminalIdentifier | String | False | DelimitedData |
Specifies the Teletex terminal identifier and, optionally, parameters, for a teletex terminal associated with an object. | |
TelexNumber | String | False | DelimitedData |
A list of alternate telex numbers. | |
PrimaryTelexNumber | String | False | DelimitedData |
The primary telex number. | |
TerminalServer | String | False | DelimitedData |
Opaque data used by the Windows NT terminal server. | |
Co | String | False | DelimitedData |
The country/region in which the user is located. | |
TextEncodedORAddress | String | False | DelimitedData |
This attribute is used to support X.400 addresses in a text format. | |
Title | String | False | DelimitedData |
Contains the user's job title. This property is commonly used to indicate the formal job title, such as Senior Programmer, rather than occupational class, such as programmer. It is not typically used for suffix titles such as Esq. or DDS. | |
UnicodePwd | String | False | DelimitedData |
The password of the user in Windows NT one-way format (OWF). Windows 2000 uses the Windows NT OWF. This property is used only by the operating system. Note that you cannot derive the clear password back from the OWF form of the password. | |
UserAccountControl | String | False | DelimitedData |
Flags that control the behavior of the user account. | |
UserCert | String | False | DelimitedData |
Nortel v1 or DMS certificates. | |
Comment | String | False | DelimitedData |
The user's comments. | |
UserParameters | String | False | DelimitedData |
Parameters of the user. Points to a Unicode string that is set aside for use by applications. This string can be a null string, or it can have any number of characters before the terminating null character. Microsoft products use this member to store user data specific to the individual program. | |
UserPassword | String | False | DelimitedData |
The user's password in UTF-8 format. This is a write-only attribute. | |
UserPrincipalName | String | False | DelimitedData |
This attribute contains the UPN that is an Internet-style login name for a user based on the Internet standard RFC 822. The UPN is shorter than the distinguished name and easier to remember. By convention, this should map to the user email name. The value set for this attribute is equal to the length of the user's ID and the domain name. For more information about this attribute, see User Naming Attributes. | |
UserSharedFolder | String | False | DelimitedData |
Specifies a UNC path to the user's shared documents folder. The path must be a network UNC path of the form \\Server\Share\Directory. This value can be a null string. | |
UserSharedFolderOther | String | False | DelimitedData |
Specifies a UNC path to the user's additional shared documents folder. The path must be a network UNC path of the form \\Server\Share\Directory. This value can be a null string. | |
UserSMIMECertificate | String | False | DelimitedData |
Certificate distribution object or tagged certificates. | |
UserWorkstations | String | False | DelimitedData |
Contains the NetBIOS or DNS names of the computers running Windows NT Workstation or Windows 2000 Professional from which the user can log on. Each NetBIOS name is separated by a comma. Multiple names should be separated by commas. | |
USNChanged | String | False | DelimitedData |
The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | False | DelimitedData |
The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | False | DelimitedData |
Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | False | DelimitedData |
The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | False | DelimitedData |
Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | False | DelimitedData |
Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | False | DelimitedData |
References to objects in other ADSI namespaces. | |
WellKnownObjects | String | False | DelimitedData |
This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | False | DelimitedData |
The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | False | DelimitedData |
The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | False | DelimitedData |
A web page that is the primary landing page of a website. | |
Url | String | False | DelimitedData |
A list of alternate webpages. | |
X121Address | String | False | DelimitedData |
The X.121 address for an object. | |
UserCertificate | String | False | DelimitedData |
Contains the DER-encoded X.509v3 certificates issued to the user. Note that this property contains the public key certificates issued to this user by Microsoft Certificate Service. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description |
Filter | String |
Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
ビューは、カラムと疑似カラムで構成されます。ビューは、データを示すという点でテーブルに似ていますが、ビューでは更新はサポートされません。通常、ビューとして表されるエンティティは、読み取り専用のエンティティです。多くの場合、これらのデータはストアドプロシージャを使用することで更新できます(その機能がデータソースに適用できる場合)。
ビューに対しては、通常のテーブルと同じようにクエリを実行でき、このときに返されるデータも同様です。
ビューとして公開されるクエリなどの動的ビューや、project_team ワークアイテムの特定の組み合わせを検索するためのビューがサポートされています。
Name | Description |
Group_Membership | Stores a list of user names. Used to apply security principals on resources. This view returns one row for each Member of the Group. |
User_Membership | This class is used to store information about an employee or contractor who works for an organization. It is also possible to apply this class to long term visitors. This view returns one row for each Group the User is a member of. |
Stores a list of user names. Used to apply security principals on resources. This view returns one row for each Member of the Group.
Name | Type | References | Description |
Id [KEY] | String | Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | |
DN | String | The full distinguished name. | |
RDN | String | The relative distinguished name. | |
BaseDN | String | The base distinguished name. | |
GroupType | String | Contains a set of flags that define the type and scope of a group object. For the possible values for this attribute, see Remarks. | |
InstanceType | String | A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | An object class name used to group objects of this or derived classes. | |
ObjectClass | String | The list of classes from which this class is derived. | |
SAMAccountName | String | The logon name used to support clients and servers running earlier versions of the operating system, such as Windows NT 4.0, Windows 95, Windows 98, and LAN Manager. | |
AccountNameHistory | String | The length of time that the account has been active. | |
AdminCount | String | Indicates that a given object has had its ACLs changed to a more secure value by the system because it was a member of one of the administrative groups (directly or transitively). | |
AdminDescription | String | The description displayed on admin screens. | |
AdminDisplayName | String | The name to be displayed on admin screens. | |
AllowedAttributes | String | Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | A list of classes that can be modified. | |
AltSecurityIdentities | String | Contains mappings for X.509 certificates or external Kerberos user accounts to this user for the purpose of authentication. | |
BridgeheadServerListBL | String | The list of servers that are bridgeheads for replication. | |
CanonicalName | String | The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
Info | String | The user's comments. This string can be a null string. | |
Cn | String | The name that represents an object. Used to perform searches. | |
ControlAccessRights | String | Used by DS Security to determine which users can perform specific operations on the host object. | |
CreateTimeStamp | String | The date when this object was created. This value is replicated. | |
Description | String | Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DesktopProfile | String | The location of the desktop profile for a user or group of users. Not used. | |
DisplayName | String | The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
DSASignature | String | The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | The DS-Core-Propagation-Data attribute is for internal use only. | |
String | The list of email addresses for a contact. | ||
ExtensionName | String | The name of a property page used to extend the UI of a directory object. | |
Flags | String | To be used by the object to store bit information. | |
FromEntry | String | This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | Reference to subscriber objects for this member. | |
FSMORoleOwner | String | Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
GarbageCollPeriod | String | This attribute is located on the CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,... object. It represents the time, in hours, between DS garbage collection runs. | |
GroupAttributes | String | The Group-Attributes attribute is not currently used. | |
GroupMembershipSAM | String | Windows NT Security. Down level Windows NT support. | |
IsCriticalSystemObject | String | If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | Backward link to privileges held by a given principal. | |
LastKnownParent | String | The Distinguished Name (DN) of the last known parent of an orphaned object. | |
LegacyExchangeDN | String | The distinguished name previously used by Exchange. | |
ManagedBy | String | The distinguished name of the user that is assigned to manage this object. | |
ManagedObjects | String | Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
MasteredBy | String | Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
Member | String | The list of users that belong to the group. | |
ModifyTimeStamp | String | A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MS-DS-ConsistencyChildCount | String | This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
NetbootSCPBL | String | A list of service connection points that reference this NetBoot server. | |
NonSecurityMember | String | Nonsecurity members of a group. Used for Exchange distribution lists. | |
NonSecurityMemberBL | String | List of nonsecurity-members for an Exchange distribution list. | |
NTGroupMembers | String | This attribute is not used. | |
DistinguishedName | String | Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | The unique identifier for an object. | |
ObjectSid | String | A binary value that specifies the security identifier (SID) of the user. The SID is a unique value used to identify the user as a security principal. | |
ObjectVersion | String | This can be used to store a version number for the object. | |
OperatorCount | String | Operator count. | |
OtherWellKnownObjects | String | Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PossibleInferiors | String | The list of objects that this object can contain. | |
PrimaryGroupToken | String | A computed attribute that is used in retrieving the membership list of a group, such as Domain Users. The complete membership of such groups is not stored explicitly for scaling reasons. | |
ProxiedObjectName | String | This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
QueryPolicyBL | String | List of all objects holding references to a given Query-Policy. | |
Name | String | The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
ReplPropertyMetaData | String | Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
Rid | String | The relative Identifier of an object. | |
SAMAccountType | String | This attribute contains information about every account type object. You can enumerate a list of account types or you can use the Display Information API to create a list. Because computers, normal user accounts, and trust accounts can also be enumerated as user objects, the values for these accounts must be a contiguous range. | |
SDRightsEffective | String | This constructed attribute returns a single DWORD value that can have up to three bits set: | |
SecurityIdentifier | String | A unique value of variable length used to identify a user account, group account, or logon session to which an ACE applies. | |
ServerReferenceBL | String | Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ShowInAddressBook | String | This attribute is used to indicate in which MAPI address books an object will appear. It is usually maintained by the Exchange Recipient Update Service. | |
ShowInAdvancedViewOnly | String | TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SIDHistory | String | Contains previous SIDs used for the object if the object was moved from another domain. Whenever an object is moved from one domain to another, a new SID is created and that new SID becomes the objectSID. The previous SID is added to the sIDHistory property. | |
SiteObjectBL | String | The list of distinguished names for subnets that belong to this site. | |
SubRefs | String | List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SupplementalCredentials | String | Stored credentials for use in authenticating. The encrypted version of the user's password. This attribute is neither readable nor writable. | |
SystemFlags | String | An integer value that contains flags that define additional properties of the class. See Remarks. | |
TelephoneNumber | String | The primary telephone number. | |
TextEncodedORAddress | String | This attribute is used to support X.400 addresses in a text format. | |
UserCert | String | Nortel v1 or DMS certificates. | |
UserSMIMECertificate | String | Certificate distribution object or tagged certificates. | |
USNChanged | String | The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | References to objects in other ADSI namespaces. | |
WellKnownObjects | String | This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | A web page that is the primary landing page of a website. | |
Url | String | A list of alternate webpages. | |
UserCertificate | String | Contains the DER-encoded X.509v3 certificates issued to the user. Note that this property contains the public key certificates issued to this user by Microsoft Certificate Service. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description | |
Filter | String | Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
This class is used to store information about an employee or contractor who works for an organization. It is also possible to apply this class to long term visitors. This view returns one row for each Group the User is a member of.
Name | Type | References | Description |
Id [KEY] | String | Combined index and DN. Multiple indices are only possible when a column is set to SplitDataByRow. | |
DN | String | The full distinguished name. | |
RDN | String | The relative distinguished name. | |
BaseDN | String | The base distinguished name. | |
InstanceType | String | A bitfield that dictates how the object is instantiated on a particular server. The value of this attribute can differ on different replicas even if the replicas are in sync. | |
NTSecurityDescriptor | String | The Windows NT security descriptor for the schema object. A security descriptor is a data structure that contains security information about an object, such as the ownership and permissions of the object. | |
ObjectCategory | String | An object class name used to group objects of this or derived classes. | |
ObjectClass | String | The list of classes from which this class is derived. | |
SAMAccountName | String | The logon name used to support clients and servers running earlier versions of the operating system, such as Windows NT 4.0, Windows 95, Windows 98, and LAN Manager. | |
AccountExpires | String | The date when the account expires. This value represents the number of 100-nanosecond intervals since January 1, 1601 (UTC). A value of 0 or 0x7FFFFFFFFFFFFFFF (9223372036854775807) indicates that the account never expires. | |
AccountNameHistory | String | The length of time that the account has been active. | |
ACSPolicyName | String | String name of an ACS policy that applies to this user. | |
StreetAddress | String | The user's address. | |
HomePostalAddress | String | A user's home address. | |
AdminCount | String | Indicates that a given object has had its ACLs changed to a more secure value by the system because it was a member of one of the administrative groups (directly or transitively). | |
AdminDescription | String | The description displayed on admin screens. | |
AdminDisplayName | String | The name to be displayed on admin screens. | |
AllowedAttributes | String | Attributes that will be permitted to be assigned to a class. | |
AllowedAttributesEffective | String | A list of attributes that can be modified on the object. | |
AllowedChildClasses | String | Classes that can be contained by a class. | |
AllowedChildClassesEffective | String | A list of classes that can be modified. | |
AltSecurityIdentities | String | Contains mappings for X.509 certificates or external Kerberos user accounts to this user for the purpose of authentication. | |
Assistant | String | The distinguished name of a user's administrative assistant. | |
BadPasswordTime | String | The last time and date that an attempt to log on to this account was made with a password that is not valid. This value is stored as a large integer that represents the number of 100-nanosecond intervals since January 1, 1601 (UTC). A value of zero means that the last time a incorrect password was used is unknown. | |
BadPwdCount | String | The number of times the user tried to log on to the account using an incorrect password. A value of 0 indicates that the value is unknown. | |
BridgeheadServerListBL | String | The list of servers that are bridgeheads for replication. | |
CanonicalName | String | The name of the object in canonical format. myserver2.fabrikam.com/users/jeffsmith is an example of a distinguished name in canonical format. This is a constructed attribute. The results returned are identical to those returned by the following Active Directory function: DsCrackNames(NULL, DS_NAME_FLAG_SYNTACTICAL_ONLY, DS_FQDN_1779_NAME, DS_CANONICAL_NAME, ...). | |
CodePage | String | Specifies the code page for the user's language of choice. This value is not used by Windows 2000. | |
Info | String | The user's comments. This string can be a null string. | |
Cn | String | The name that represents an object. Used to perform searches. | |
Company | String | The user's company name. | |
ControlAccessRights | String | Used by DS Security to determine which users can perform specific operations on the host object. | |
CountryCode | String | Specifies the country/region code for the user's language of choice. This value is not used by Windows 2000. | |
C | String | The country/region in the address of the user. The country/region is represented as a 2-character code based on ISO-3166. | |
CreateTimeStamp | String | The date when this object was created. This value is replicated. | |
DBCSPwd | String | The account's LAN Manager password. | |
DefaultClassStore | String | The default Class Store for a given user. | |
Department | String | Contains the name for the department in which the user works. | |
Description | String | Contains the description to display for an object. This value is restricted as single-valued for backward compatibility in some cases but is allowed to be multi-valued in others. See Remarks. | |
DesktopProfile | String | The location of the desktop profile for a user or group of users. Not used. | |
DestinationIndicator | String | This is part of the X.500 specification and not used by NTDS. | |
DisplayName | String | The display name for an object. This is usually the combination of the users first name, middle initial, and last name. | |
DisplayNamePrintable | String | The printable display name for an object. The printable display name is usually the combination of the user's first name, middle initial, and last name. | |
Division | String | The user's division. | |
DSASignature | String | The DSA-Signature of an object is the Invocation-ID of the last directory to modify the object. | |
DSCorePropagationData | String | The DS-Core-Propagation-Data attribute is for internal use only. | |
DynamicLDAPServer | String | DNS name of server handing dynamic properties for this account. | |
String | The list of email addresses for a contact. | ||
EmployeeID | String | The ID of an employee. | |
EmployeeNumber | String | The number for an employee. | |
EmployeeType | String | The job category for an employee. | |
ExtensionName | String | The name of a property page used to extend the UI of a directory object. | |
FacsimileTelephoneNumber | String | Contains telephone number of the user's business fax machine. | |
Flags | String | To be used by the object to store bit information. | |
FromEntry | String | This is a constructed attribute that is TRUE if the object is writable and FALSE if it is read-only, for example, a GC replica instance. | |
FrsComputerReferenceBL | String | Reference to replica sets to which this computer belongs. | |
FRSMemberReferenceBL | String | Reference to subscriber objects for this member. | |
FSMORoleOwner | String | Flexible Single-Master Operation: The distinguished name of the DC where the schema can be modified. | |
GarbageCollPeriod | String | This attribute is located on the CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,... object. It represents the time, in hours, between DS garbage collection runs. | |
GenerationQualifier | String | Indicates a person generation. For example, Jr. or II. | |
GivenName | String | Contains the given name (first name) of the user. | |
GroupMembershipSAM | String | Windows NT Security. Down level Windows NT support. | |
GroupPriority | String | The Group-Priority attribute is not currently used. | |
GroupsToIgnore | String | The Groups-to-Ignore attribute is not currently used. | |
HomeDirectory | String | The home directory for the account. If homeDrive is set and specifies a drive letter, homeDirectory must be a UNC path. Otherwise, homeDirectory is a fully qualified local path including the drive letter (for example, DriveLetter:\Directory\Folder). This value can be a null string. | |
HomeDrive | String | Specifies the drive letter to which to map the UNC path specified by homeDirectory. The drive letter must be specified in the form DriveLetter: where DriveLetter is the letter of the drive to map. The DriveLetter must be a single, uppercase letter and the colon (:) is required. | |
Initials | String | Contains the initials for parts of the user's full name. This may be used as the middle initial in the Windows Address Book. | |
InternationalISDNNumber | String | Specifies an International ISDN Number associated with an object. | |
IsCriticalSystemObject | String | If TRUE, the object hosting this attribute must be replicated during installation of a new replica. | |
IsDeleted | String | If TRUE, this object has been marked for deletion and cannot be instantiated. After the tombstone period has expired, it will be removed from the system. | |
MemberOf | String | The distinguished name of the groups to which this object belongs. | |
IsPrivilegeHolder | String | Backward link to privileges held by a given principal. | |
LastKnownParent | String | The Distinguished Name (DN) of the last known parent of an orphaned object. | |
LastLogoff | String | This attribute is not used. | |
LastLogon | String | The last time the user logged on. This value is stored as a large integer that represents the number of 100-nanosecond intervals since January 1, 1601 (UTC). A value of zero means that the last logon time is unknown. | |
LegacyExchangeDN | String | The distinguished name previously used by Exchange. | |
LmPwdHistory | String | The password history of the user in LAN Manager (LM) one-way format (OWF). The LM OWF is used for compatibility with LAN Manager 2.x clients, Windows 95, and Windows 98. | |
LocaleID | String | This attribute contains a list of locale IDs supported by this application. A locale ID represents a geographic location, such as a country/region, city, county, and so on. | |
L | String | Represents the name of a locality, such as a town or city. | |
LockoutTime | String | The date and time (UTC) that this account was locked out. This value is stored as a large integer that represents the number of 100-nanosecond intervals since January 1, 1601 (UTC). A value of zero means that the account is not currently locked out. | |
ThumbnailLogo | String | BLOB that contains a logo for this object. | |
LogonCount | String | The number of times the account has successfully logged on. A value of 0 indicates that the value is unknown. | |
LogonHours | String | The hours that the user is allowed to logon to the domain. | |
LogonWorkstation | String | This attribute is not used. See the User-Workstations attribute. | |
ManagedObjects | String | Contains the list of objects that are managed by the user. The objects listed are those that have the property managedBy property set to this user. Each item in the list is a linked reference to the managed object. | |
Manager | String | Contains the distinguished name of the user who is the user's manager. The manager's user object contains a directReports property that contains references to all user objects that have their manager properties set to this distinguished name. | |
MasteredBy | String | Backward link for Has-Master-NCs attribute. The distinguished name for its NTDS Settings objects. | |
MaxStorage | String | The maximum amount of disk space the user can use. Use the value specified in USER_MAXSTORAGE_UNLIMITED to use all available disk space. | |
MhsORAddress | String | X.400 address. | |
ModifyTimeStamp | String | A computed attribute that represents the date when this object was last changed. This value is not replicated. | |
MS-DS-ConsistencyChildCount | String | This attribute is used to check consistency between the directory and another object, database, or application, by comparing a count of child objects. | |
MS-DS-ConsistencyGuid | String | This attribute is used to check consistency between the directory and another object, database, or application, by comparing GUIDs. | |
MS-DS-CreatorSID | String | The security ID of the creator of the object that contains this attribute. | |
MSMQDigests | String | An array of digests of the corresponding certificates in attribute mSMQ-Sign-Certificates. They are used for mapping a digest into a certificate. | |
MSMQDigestsMig | String | In MSMQ mixed-mode, contains the previous value of mSMQDigests. | |
MSMQSignCertificates | String | This attribute contains a number of certificates. A user can generate a certificate per computer. For each certificate we also keep a digest. | |
MSMQSignCertificatesMig | String | In MSMQ mixed-mode, the attribute contains the previous value of mSMQSignCertificates. MSMQ supports migration from the MSMQ 1.0 DS to the Windows 2000 DS, and mixed mode specifies a state in which some of the DS severs were not upgraded to Windows 2000. | |
MsNPAllowDialin | String | Indicates whether the account has permission to dial in to the RAS server. Do not modify this value directly. Use the appropriate RAS administration function to modify this value. | |
MsNPCallingStationID | String | The msNPCallingStationID attribute is used internally. Do not modify this value directly. | |
MsNPSavedCallingStationID | String | The msNPSavedCallingStationID attribute is used internally. Do not modify this value directly. | |
MsRADIUSCallbackNumber | String | The msRADIUSCallbackNumber attribute is used internally. Do not modify this value directly. | |
MsRADIUSFramedIPAddress | String | The msRADIUSFramedIPAddress attribute is used internally. Do not modify this value directly. | |
MsRADIUSFramedRoute | String | The msRADIUSFramedRoute attribute is used internally. Do not modify this value directly. | |
MsRADIUSServiceType | String | The msRADIUSServiceType attribute is used internally. Do not modify this value directly. | |
MsRASSavedCallbackNumber | String | The msRASSavedCallbackNumber attribute is used internally. Do not modify this value directly. | |
MsRASSavedFramedIPAddress | String | The msRASSavedFramedIPAddress attribute is used internally. Do not modify this value directly. | |
MsRASSavedFramedRoute | String | The msRASSavedFramedRoute attribute is used internally. Do not modify this value directly. | |
NetbootSCPBL | String | A list of service connection points that reference this NetBoot server. | |
NetworkAddress | String | The TCP/IP address for a network segment. Also called the subnet address. | |
NonSecurityMemberBL | String | List of nonsecurity-members for an Exchange distribution list. | |
NtPwdHistory | String | The password history of the user in Windows NT one-way format (OWF). Windows 2000 uses the Windows NT OWF. | |
DistinguishedName | String | Same as the Distinguished Name for an object. Used by Exchange. | |
ObjectGUID | String | The unique identifier for an object. | |
ObjectSid | String | A binary value that specifies the security identifier (SID) of the user. The SID is a unique value used to identify the user as a security principal. | |
ObjectVersion | String | This can be used to store a version number for the object. | |
OperatorCount | String | Operator count. | |
Ou | String | The name of the organizational unit. | |
O | String | The name of the company or organization. | |
OtherLoginWorkstations | String | Non-Windows NT or LAN Manager workstations from which a user can log on. | |
OtherMailbox | String | Contains other additional mail addresses in a form such as CCMAIL: BruceKeever. | |
MiddleName | String | Additional names for a user. For example, middle name, patronymic, matronymic, or others. | |
OtherWellKnownObjects | String | Contains a list of containers by GUID and Distinguished Name. This permits retrieving an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name. | |
PartialAttributeDeletionList | String | Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Used when the GC is in the process of removing attributes from the objects in its partial replica NCs. | |
PartialAttributeSet | String | Tracks the internal replication state of partial replicas (that is, on GCs). Attribute of the partial replica NC object. Defines the set of attributes present on a particular partial replica NC. | |
PersonalTitle | String | The user's title. | |
OtherFacsimileTelephoneNumber | String | A list of alternate facsimile numbers. | |
OtherHomePhone | String | A list of alternate home phone numbers. | |
HomePhone | String | The user's main home phone number. | |
OtherIpPhone | String | The list of alternate TCP/IP addresses for the phone. Used by Telephony. | |
IpPhone | String | The TCP/IP address for the phone. Used by Telephony. | |
PrimaryInternationalISDNNumber | String | The primary ISDN. | |
OtherMobile | String | A list of alternate mobile phone numbers. | |
Mobile | String | The primary mobile phone number. | |
OtherTelephone | String | A list of alternate office phone numbers. | |
OtherPager | String | A list of alternate pager numbers. | |
Pager | String | The primary pager number. | |
PhysicalDeliveryOfficeName | String | Contains the office location in the user's place of business. | |
ThumbnailPhoto | String | An image of the user. A space-efficient format like JPEG or GIF is recommended. | |
PossibleInferiors | String | The list of objects that this object can contain. | |
PostalAddress | String | The mailing address for the object. | |
PostalCode | String | The postal or zip code for mail delivery. | |
PostOfficeBox | String | The post office box number for this object. | |
PreferredDeliveryMethod | String | The X.500-preferred way to deliver to addressee. | |
PreferredOU | String | The Organizational Unit to show by default on user' s desktop. | |
PrimaryGroupID | String | Contains the relative identifier (RID) for the primary group of the user. By default, this is the RID for the Domain Users group. | |
ProfilePath | String | Specifies a path to the user's profile. This value can be a null string, a local absolute path, or a UNC path. | |
ProxiedObjectName | String | This attribute is used internally by Active Directory to help track interdomain moves. | |
ProxyAddresses | String | A proxy address is the address by which a Microsoft Exchange Server recipient object is recognized in a foreign mail system. Proxy addresses are required for all recipient objects, such as custom recipients and distribution lists. | |
PwdLastSet | String | The date and time that the password for this account was last changed. This value is stored as a large integer that represents the number of 100 nanosecond intervals since January 1, 1601 (UTC). If this value is set to 0 and the User-Account-Control attribute does not contain the UF_DONT_EXPIRE_PASSWD flag, then the user must set the password at the next logon. | |
QueryPolicyBL | String | List of all objects holding references to a given Query-Policy. | |
Name | String | The Relative Distinguished Name (RDN) of an object. An RDN is the relative portion of a distinguished name (DN), which uniquely identifies an LDAP object. | |
RegisteredAddress | String | Specifies a mnemonic for an address associated with an object at a particular city location. The mnemonic is registered in the country/region in which the city is located and is used in the provision of the Public Telegram Service. | |
ReplPropertyMetaData | String | Tracks internal replication state information for DS objects. Information here can be extracted in public form through the public API DsReplicaGetInfo(). Present on all DS objects. | |
ReplUpToDateVector | String | Tracks internal replication state information for an entire NC. Information here can be extracted in public form through the API DsReplicaGetInfo(). Present on all NC root objects. | |
DirectReports | String | Contains the list of users that directly report to the user. The users listed as reports are those that have the property manager property set to this user. Each item in the list is a linked reference to the object that represents the user. | |
RepsFrom | String | Lists the servers from which the directory will accept changes for the defined naming context. | |
RepsTo | String | Lists the servers that the directory will notify of changes and servers to which the directory will send changes on Request for the defined naming context. | |
Revision | String | The revision level for a security descriptor or other change. Only used in the sam-server and ds-ui-settings objects. | |
Rid | String | The relative Identifier of an object. | |
SAMAccountType | String | This attribute contains information about every account type object. You can enumerate a list of account types or you can use the Display Information API to create a list. Because computers, normal user accounts, and trust accounts can also be enumerated as user objects, the values for these accounts must be a contiguous range. | |
ScriptPath | String | This attribute specifies the path for the user's logon script. The string can be null. | |
SDRightsEffective | String | This constructed attribute returns a single DWORD value that can have up to three bits set: | |
SecurityIdentifier | String | A unique value of variable length used to identify a user account, group account, or logon session to which an ACE applies. | |
SeeAlso | String | List of distinguished names that are related to an object. | |
ServerReferenceBL | String | Found in the domain naming context. The distinguished name of a computer under the sites folder. | |
ServicePrincipalName | String | List of principal names used for mutual authentication with an instance of a service on this computer. | |
ShowInAddressBook | String | This attribute is used to indicate in which MAPI address books an object will appear. It is usually maintained by the Exchange Recipient Update Service. | |
ShowInAdvancedViewOnly | String | TRUE if this attribute is to be visible in the Advanced mode of the UI. | |
SIDHistory | String | Contains previous SIDs used for the object if the object was moved from another domain. Whenever an object is moved from one domain to another, a new SID is created and that new SID becomes the objectSID. The previous SID is added to the sIDHistory property. | |
SiteObjectBL | String | The list of distinguished names for subnets that belong to this site. | |
St | String | The name of a user's state or province. | |
Street | String | The street address. | |
SubRefs | String | List of subordinate references of a Naming Context. | |
SubSchemaSubEntry | String | The distinguished name for the location of the subschema object where a class or attribute is defined. | |
SupplementalCredentials | String | Stored credentials for use in authenticating. The encrypted version of the user's password. This attribute is neither readable nor writable. | |
Sn | String | This attribute contains the family or last name for a user. | |
SystemFlags | String | An integer value that contains flags that define additional properties of the class. See Remarks. | |
TelephoneNumber | String | The primary telephone number. | |
TeletexTerminalIdentifier | String | Specifies the Teletex terminal identifier and, optionally, parameters, for a teletex terminal associated with an object. | |
TelexNumber | String | A list of alternate telex numbers. | |
PrimaryTelexNumber | String | The primary telex number. | |
TerminalServer | String | Opaque data used by the Windows NT terminal server. | |
Co | String | The country/region in which the user is located. | |
TextEncodedORAddress | String | This attribute is used to support X.400 addresses in a text format. | |
Title | String | Contains the user's job title. This property is commonly used to indicate the formal job title, such as Senior Programmer, rather than occupational class, such as programmer. It is not typically used for suffix titles such as Esq. or DDS. | |
UnicodePwd | String | The password of the user in Windows NT one-way format (OWF). Windows 2000 uses the Windows NT OWF. This property is used only by the operating system. Note that you cannot derive the clear password back from the OWF form of the password. | |
UserAccountControl | String | Flags that control the behavior of the user account. | |
UserCert | String | Nortel v1 or DMS certificates. | |
Comment | String | The user's comments. | |
UserParameters | String | Parameters of the user. Points to a Unicode string that is set aside for use by applications. This string can be a null string, or it can have any number of characters before the terminating null character. Microsoft products use this member to store user data specific to the individual program. | |
UserPassword | String | The user's password in UTF-8 format. This is a write-only attribute. | |
UserPrincipalName | String | This attribute contains the UPN that is an Internet-style login name for a user based on the Internet standard RFC 822. The UPN is shorter than the distinguished name and easier to remember. By convention, this should map to the user email name. The value set for this attribute is equal to the length of the user's ID and the domain name. For more information about this attribute, see User Naming Attributes. | |
UserSharedFolder | String | Specifies a UNC path to the user's shared documents folder. The path must be a network UNC path of the form \\Server\Share\Directory. This value can be a null string. | |
UserSharedFolderOther | String | Specifies a UNC path to the user's additional shared documents folder. The path must be a network UNC path of the form \\Server\Share\Directory. This value can be a null string. | |
UserSMIMECertificate | String | Certificate distribution object or tagged certificates. | |
UserWorkstations | String | Contains the NetBIOS or DNS names of the computers running Windows NT Workstation or Windows 2000 Professional from which the user can log on. Each NetBIOS name is separated by a comma. Multiple names should be separated by commas. | |
USNChanged | String | The update sequence number (USN) assigned by the local directory for the latest change, including creation. See also , USN-Created. | |
USNCreated | String | The update sequence number (USN) assigned at object creation. See also, USN-Changed. | |
USNDSALastObjRemoved | String | Contains the update sequence number (USN) for the last system object that was removed from a server. | |
USNIntersite | String | The update sequence number (USN) for inter-site replication. | |
USNLastObjRem | String | Contains the update sequence number (USN) for the last non-system object that was removed from a server. | |
USNSource | String | Value of the USN-Changed attribute of the object from the remote directory that replicated the change to the local server. | |
WbemPath | String | References to objects in other ADSI namespaces. | |
WellKnownObjects | String | This attribute contains a list of well-known object containers by GUID and distinguished name. The well-known objects are system containers. This information is used to retrieve an object after it has been moved by using just the GUID and the domain name. Whenever the object is moved, the system automatically updates the Distinguished Name portion of the Well-Known-Objects values that referred to the object. The file Ntdsapi.h contains the following definitions, which can be used to retrieve an object (the GUIDs that are associated to these objects are contained in Ntdsapi.h): | |
WhenChanged | String | The date when this object was last changed. This value is not replicated and exists in the global catalog. | |
WhenCreated | String | The date when this object was created. This value is replicated and is in the global catalog. | |
WWWHomePage | String | A web page that is the primary landing page of a website. | |
Url | String | A list of alternate webpages. | |
X121Address | String | The X.121 address for an object. | |
UserCertificate | String | Contains the DER-encoded X.509v3 certificates issued to the user. Note that this property contains the public key certificates issued to this user by Microsoft Certificate Service. |
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
Name | Type | Description | |
Filter | String | Defines the LDAP filter explicitly, overriding any other values set in the WHERE clause. |
プロパティ | 説明 |
Server | Active Directory サーバーのドメイン名、もしくはIP。 |
Port | Active Directory サーバーが起動しているポート。 |
User | ユーザーの識別名。 |
Password | 指定されたユーザーの識別名のパスワード。 |
UseSSL | Whether or not to use SSL to connect to the server. |
BaseDN | 結果を指定されたサブツリーに限定する、識別名のベース部分。 |
AuthMechanism | Active Directory サーバーに接続する際の認証メカニズム。 |
Scope | 検索の範囲を、サブツリー全体(BaseDN およびすべての下の階層)、単一のレベル(BaseDN および、直接の子階層)、もしくはベースオブジェクト(BaseDN のみ)、制限します。 |
IntegratedSecurity | Whether or not to use the user's current context when logging in. |
LDAPVersion | サーバーに接続し、交信する際に使われるLDAP バージョン。 |
プロパティ | 説明 |
SSLServerCert | TLS/SSL を使用して接続するときに、サーバーが受け入れ可能な証明書。 |
プロパティ | 説明 |
FirewallType | プロキシベースのファイアウォールで使われるプロトコル。 |
FirewallServer | プロキシベースのファイアウォールの名前もしくはIP アドレス。 |
FirewallPort | プロキシベースのファイアウォールのTCP ポート。 |
FirewallUser | プロキシベースのファイアウォールに認証するために使うユーザー名。 |
FirewallPassword | プロキシベースのファイアウォールへの認証に使われるパスワード。 |
プロパティ | 説明 |
LogModules | ログファイルに含めるコアモジュール。 |
プロパティ | 説明 |
Location | テーブル、ビュー、およびストアドプロシージャを定義するスキーマファイルを格納するディレクトリへのパス。 |
BrowsableSchemas | このプロパティは、使用可能なスキーマのサブセットにレポートされるスキーマを制限します。例えば、BrowsableSchemas=SchemaA,SchemaB,SchemaC です。 |
Tables | このプロパティは、使用可能なテーブルのサブセットにレポートされるテーブルを制限します。例えば、Tables=TableA,TableB,TableC です。 |
Views | 使用可能なテーブルのサブセットにレポートされるビューを制限します。例えば、Views=ViewA,ViewB,ViewC です。 |
プロパティ | 説明 |
FollowReferrals | Active Directory サーバーにより返されるリファーラルに従うかどうか。 |
FriendlyGUID | Whether to return GUID attribute values in a human readable format. |
FriendlySID | Whether to return SID attribute values in a human readable format. |
MaxRows | クエリで集計またはグループ化を使用しない場合に返される行数を制限します。これにより、設計時にパフォーマンスの問題を回避できます。 |
Other | これらの隠しプロパティは特定のユースケースでのみ使用されます。 |
PseudoColumns | このプロパティは、テーブルのカラムとして疑似カラムが含まれているかどうかを示します。 |
Timeout | タイムアウトエラーがスローされ、処理をキャンセルするまでの秒数。 |
UserDefinedViews | カスタムビューを含むJSON コンフィギュレーションファイルを指すファイルパス。 |
このセクションでは、本プロバイダーの接続文字列で設定可能なAuthentication プロパティの全リストを提供します。
プロパティ | 説明 |
Server | Active Directory サーバーのドメイン名、もしくはIP。 |
Port | Active Directory サーバーが起動しているポート。 |
User | ユーザーの識別名。 |
Password | 指定されたユーザーの識別名のパスワード。 |
UseSSL | Whether or not to use SSL to connect to the server. |
BaseDN | 結果を指定されたサブツリーに限定する、識別名のベース部分。 |
AuthMechanism | Active Directory サーバーに接続する際の認証メカニズム。 |
Scope | 検索の範囲を、サブツリー全体(BaseDN およびすべての下の階層)、単一のレベル(BaseDN および、直接の子階層)、もしくはベースオブジェクト(BaseDN のみ)、制限します。 |
IntegratedSecurity | Whether or not to use the user's current context when logging in. |
LDAPVersion | サーバーに接続し、交信する際に使われるLDAP バージョン。 |
Active Directory サーバーのドメイン名、もしくはIP。
Note:これは、LDAP:\\ portion を含む必要がありません。サーバーのドメイン名、およびIP だけで十分です。
Active Directory サーバーが起動しているポート。
Active Directory サーバーが起動しているポート。このプロパティは、Server とともに、Active Directory サーバーを指定するために使われます。
Whether or not to use SSL to connect to the server.
Whether or not to use SSL to connect to the server. Note that a port of 636 will always use SSL.
結果を指定されたサブツリーに限定する、識別名のベース部分。
ベースDN の指定は、調べられるエントリー数を限定することにより、大きなサーバーのエントリーの結果を返す際にパフォーマンスを大きく向上させます。
Active Directory サーバーに接続する際の認証メカニズム。
デフォルトで、AuthMechanism はSIMPLE に設定されていて、サーバーへのログインには、デフォルトのプレーンテキストでの認証が使われます。 AuthMechanism がDIGESTMD5 に設定されている場合、よりセキュアなDIGEEST-MD5 認証が使われます。AuthMechanism がNEGOTIATE に設定されている場合、NTLM/Negotiate 認証が使われます。
検索の範囲を、サブツリー全体(BaseDN およびすべての下の階層)、単一のレベル(BaseDN および、直接の子階層)、もしくはベースオブジェクト(BaseDN のみ)、制限します。
検索の範囲を、サブツリー全体(BaseDN およびすべての下の階層)、単一のレベル(BaseDN および、直接の子階層)、もしくはベースオブジェクト(BaseDN のみ)、制限します。 範囲を限定することで、検索パフォーマンスを大幅に向上させられます。
Whether or not to use the user's current context when logging in.
By default, the Sync App will use the provided User and Password when authenticating. If this option is enabled, then the Sync App will ignore the current User and Password values and login using the current user's context instead. (Only available when running on Windows)
サーバーに接続し、交信する際に使われるLDAP バージョン。
有効な次のオプションは、LDAP バージョンの2 と3 を表す、2 と3 です。
このセクションでは、本プロバイダーの接続文字列で設定可能なSSL プロパティの全リストを提供します。
プロパティ | 説明 |
SSLServerCert | TLS/SSL を使用して接続するときに、サーバーが受け入れ可能な証明書。 |
TLS/SSL を使用して接続するときに、サーバーが受け入れ可能な証明書。
TLS/SSL 接続を使用する場合は、このプロパティを使用して、サーバーが受け入れるTLS/SSL 証明書を指定できます。コンピュータによって信頼されていない他の証明書はすべて拒否されます。
このプロパティは、次のフォームを取ります:
説明 | 例 |
フルPEM 証明書(例では省略されています) | -----BEGIN CERTIFICATE----- MIIChTCCAe4CAQAwDQYJKoZIhv......Qw== -----END CERTIFICATE----- |
証明書を保有するローカルファイルへのパス。 | C:\cert.cer |
公開鍵(例では省略されています) | -----BEGIN RSA PUBLIC KEY----- MIGfMA0GCSq......AQAB -----END RSA PUBLIC KEY----- |
MD5 Thumbprint (hex 値はスペースおよびコロン区切り) | ecadbdda5a1529c58a1e9e09828d70e4 |
SHA1 Thumbprint (hex 値はスペースおよびコロン区切り) | 34a929226ae0819f2ec14b4a3d904f801cbb150d |
これを指定しない場合は、マシンが信用するすべての証明書が受け入れられます。
すべての証明書の受け入れを示すには、'*'を使用します。セキュリティ上の理由から、これはお勧めできません。
このセクションでは、本プロバイダーの接続文字列で設定可能なFirewall プロパティの全リストを提供します。
プロパティ | 説明 |
FirewallType | プロキシベースのファイアウォールで使われるプロトコル。 |
FirewallServer | プロキシベースのファイアウォールの名前もしくはIP アドレス。 |
FirewallPort | プロキシベースのファイアウォールのTCP ポート。 |
FirewallUser | プロキシベースのファイアウォールに認証するために使うユーザー名。 |
FirewallPassword | プロキシベースのファイアウォールへの認証に使われるパスワード。 |
プロキシベースのファイアウォールで使われるプロトコル。
このプロパティは、Sync App がFirewallServer プロキシ経由でトンネルトラフィックを使うためのプロトコルを指定します。
タイプ | デフォルトポート | 説明 |
TUNNEL | 80 | これが設定されている場合、Sync App はMicrosoft Active Directory への接続を開き、プロキシを経由して通信が行われます。 |
SOCKS4 | 1080 | これが設定されている場合、Sync App はデータをFirewallServer およびFirewallPort で指定されたSOCS 4 プロキシ経由で送信し、接続リクエストが許容されるかどうかを決定します。 |
SOCKS5 | 1080 | これが設定されている場合、Sync App はデータをFirewallServer およびFirewallPort で指定されたSOCS 5 プロキシ経由で送信します。プロキシに認証が必要な場合には、FirewallUser およびFirewallPassword をプロキシが認識する認証情報に設定します。 |
プロキシベースのファイアウォールの名前もしくはIP アドレス。
ファイアウォールトラバーサルを許容するために設定するIP アドレス、DNS 名、もしくはプロキシホスト名を指定するプロパティです。プロトコルはFirewallType で指定されます。このプロパティとFirewallServer を使って、SOCKS 経由での接続、もしくはトンネリングが可能です。
プロキシベースのファイアウォールのTCP ポート。
ファイアウォールトラバーサルを許容するために設定するプロキシベースのファイアウォールのTCP ポート。名前もしくはIP アドレスを指定するには、FirewallServer を使います。FirewallType でプロトコルを指定します。
プロキシベースのファイアウォールに認証するために使うユーザー名。
FirewallUser およびFirewallPassword プロパティは、FirewallType により指定された認証方式に則り、FirewallServer、およびFirewallPort で指定されたプロキシに対しての認証に使われます。
プロキシベースのファイアウォールへの認証に使われるパスワード。
このプロパティは、FirewallType により指定された認証メソッドに則り、FirewallServer およびFirewallPort で指定されたプロキシに渡されます。
ログファイルに含めるコアモジュール。
指定された(';' で区切られた)モジュールのみがログファイルに含まれます。デフォルトではすべてのモジュールが含まれます。
概要はログ ページを参照してください。
このセクションでは、本プロバイダーの接続文字列で設定可能なSchema プロパティの全リストを提供します。
プロパティ | 説明 |
Location | テーブル、ビュー、およびストアドプロシージャを定義するスキーマファイルを格納するディレクトリへのパス。 |
BrowsableSchemas | このプロパティは、使用可能なスキーマのサブセットにレポートされるスキーマを制限します。例えば、BrowsableSchemas=SchemaA,SchemaB,SchemaC です。 |
Tables | このプロパティは、使用可能なテーブルのサブセットにレポートされるテーブルを制限します。例えば、Tables=TableA,TableB,TableC です。 |
Views | 使用可能なテーブルのサブセットにレポートされるビューを制限します。例えば、Views=ViewA,ViewB,ViewC です。 |
テーブル、ビュー、およびストアドプロシージャを定義するスキーマファイルを格納するディレクトリへのパス。
Sync App のスキーマファイル(テーブルとビューの場合は.rsd ファイル、ストアドプロシージャの場合は.rsb ファイル)を含むディレクトリへのパス。このフォルダの場所は、実行ファイルの場所からの相対パスにすることができます。Location プロパティは、定義をカスタマイズしたり(例えば、カラム名を変更する、カラムを無視するなど)、新しいテーブル、ビュー、またはストアドプロシージャでデータモデルを拡張する場合にのみ必要です。
指定しない場合、デフォルトの場所は"%APPDATA%\\CData\\ActiveDirectory Data Provider\\Schema" となり、%APPDATA% はユーザーのコンフィギュレーションディレクトリに設定されます:
このプロパティは、使用可能なスキーマのサブセットにレポートされるスキーマを制限します。例えば、BrowsableSchemas=SchemaA,SchemaB,SchemaC です。
スキーマをデータベースからリストすると、負荷がかかる可能性があります。接続文字列でスキーマのリストを提供すると、 パフォーマンスが向上します。
このプロパティは、使用可能なテーブルのサブセットにレポートされるテーブルを制限します。例えば、Tables=TableA,TableB,TableC です。
テーブルを複数のデータベースからリストすると、負荷がかかる可能性があります。接続文字列でテーブルのリストを提供すると、Sync App のパフォーマンスが向上します。
このプロパティは、作業したいビューがすでにわかっていて、ビューが多すぎる場合に、ビューを自動的にリストする代わりに使用することもできます。
カンマ区切りのリストで使用したいテーブルを指定します。各テーブルは、角かっこ、二重引用符、またはバッククオートを使用してエスケープされた特殊文字列を含む有効なSQL 識別子である必要があります。 例えば、Tables=TableA,[TableB/WithSlash],WithCatalog.WithSchema.`TableC With Space` です。
複数のスキーマまたはカタログを持つデータソースに接続する場合は、複数のカタログやスキーマに存在するテーブル間の曖昧さを避けるため、最後の例のように、このプロパティにテーブルの完全修飾名を指定する必要があることに注意してください。
使用可能なテーブルのサブセットにレポートされるビューを制限します。例えば、Views=ViewA,ViewB,ViewC です。
ビューを複数のデータベースからリストすると、負荷がかかる可能性があります。接続文字列でビューのリストを提供すると、Sync App のパフォーマンスが向上します。
このプロパティは、作業したいビューがすでにわかっていて、ビューが多すぎる場合に、ビューを自動的にリストする代わりに使用することもできます。
カンマ区切りのリストで使用したいビューを指定します。各ビューは、角かっこ、二重引用符、またはバッククオートを使用してエスケープされた特殊文字列を含む有効なSQL 識別子である必要があります。 例えば、Views=ViewA,[ViewB/WithSlash],WithCatalog.WithSchema.`ViewC With Space` です。
複数のスキーマまたはカタログを持つデータソースに接続する場合は、複数のカタログやスキーマに存在するテーブル間の曖昧さを避けるため、最後の例のように、このプロパティにテーブルの完全修飾名を指定する必要があることに注意してください。
このセクションでは、本プロバイダーの接続文字列で設定可能なMiscellaneous プロパティの全リストを提供します。
プロパティ | 説明 |
FollowReferrals | Active Directory サーバーにより返されるリファーラルに従うかどうか。 |
FriendlyGUID | Whether to return GUID attribute values in a human readable format. |
FriendlySID | Whether to return SID attribute values in a human readable format. |
MaxRows | クエリで集計またはグループ化を使用しない場合に返される行数を制限します。これにより、設計時にパフォーマンスの問題を回避できます。 |
Other | これらの隠しプロパティは特定のユースケースでのみ使用されます。 |
PseudoColumns | このプロパティは、テーブルのカラムとして疑似カラムが含まれているかどうかを示します。 |
Timeout | タイムアウトエラーがスローされ、処理をキャンセルするまでの秒数。 |
UserDefinedViews | カスタムビューを含むJSON コンフィギュレーションファイルを指すファイルパス。 |
Active Directory サーバーにより返されるリファーラルに従うかどうか。
リファーラルに従う場合、リファーラルサーバーからのデータのみが返されます。サーバーに直接接続するように接続文字列を変更しない限り、追加、更新、削除はできません。
Whether to return GUID attribute values in a human readable format.
When inspecting object attributes this setting determines whether GUID attributes such as "objectGUID" are returned as binary objects or converted into a human readable string such as "708d9374-d64a-49b2-97ea-489ddc717703". When set to True a friendly string value is returned. When set to False (default) a base 64 encoded string of the binary object is returned.
Whether to return SID attribute values in a human readable format.
When inspecting object attributes this setting determines whether SID attributes such as "objectSid" are returned as binary objects or converted into a human readable string such as "S-1-5-21-4272240814-246508344-1325542772-12464". When set to True a friendly string value is returned. When set to False (default) a base 64 encoded string of the binary object is returned.
クエリで集計またはグループ化を使用しない場合に返される行数を制限します。これにより、設計時にパフォーマンスの問題を回避できます。
クエリで集計またはグループ化を使用しない場合に返される行数を制限します。これにより、設計時にパフォーマンスの問題を回避できます。
これらの隠しプロパティは特定のユースケースでのみ使用されます。
以下にリストされているプロパティは、特定のユースケースで使用可能です。通常のドライバーのユースケースおよび機能では、これらのプロパティは必要ありません。
複数のプロパティをセミコロン区切りリストで指定します。
DefaultColumnSize | データソースがメタデータにカラムの長さを提供しない場合に、文字列フィールドのデフォルトの長さを設定します。デフォルト値は2000です。 |
ConvertDateTimeToGMT | 日時の値を、マシンのローカルタイムではなくGMT グリニッジ標準時に変換するかどうかを決定します。 |
RecordToFile=filename | 基底のソケットデータ転送を指定のファイルに記録します。 |
このプロパティは、テーブルのカラムとして疑似カラムが含まれているかどうかを示します。
Entity Framework ではテーブルカラムでない疑似カラムに値を設定できないため、この設定はEntity Framework で特に便利です。この接続設定の値は、"Table1=Column1, Table1=Column2, Table2=Column3" の形式です。"*=*" のように"*" 文字を使用して、すべてのテーブルとすべてのカラムを含めることができます。
タイムアウトエラーがスローされ、処理をキャンセルするまでの秒数。
Timeout が0に設定されている場合は、操作がタイムアウトしません。処理が正常に完了するか、エラー状態になるまで実行されます。
Timeout の有効期限が切れても処理が完了していない場合は、Sync App は例外をスローします。
カスタムビューを含むJSON コンフィギュレーションファイルを指すファイルパス。
ユーザー定義ビューは、UserDefinedViews.json というJSON 形式のコンフィギュレーションファイルで定義されています。Sync App は、このファイルで指定されたビューを自動的に検出します。
また、複数のビュー定義を持ち、UserDefinedViews 接続プロパティを使用して制御することも可能です。このプロパティを使用すると、指定されたビューのみがSync App によって検知されます。
このユーザー定義ビューのコンフィギュレーションファイルは、次のようにフォーマットされています。
次に例を示します。
{ "MyView": { "query": "SELECT * FROM User WHERE MyColumn = 'value'" }, "MyView2": { "query": "SELECT * FROM MyTable WHERE Id IN (1,2,3)" } }UserDefinedViews 接続プロパティを使用して、JSON コンフィギュレーションファイルの場所を指定します。次に例を示します。
"UserDefinedViews", "C:\\Users\\yourusername\\Desktop\\tmp\\UserDefinedViews.json"