Windows NT/2000 ADSI Scripting for System Administration
Custom WinNT Properties
The following WinNT custom properties are available using the Get and Put methods of the IADs interface.
IADsUser::HomeDirDrive
| Description | Establishes the drive letter used to map the user 's home directory |
| Provider Support | WinNT |
| Data Type | String |
| Read-Only? | No |
IADsUser::ObjectSID
| Description | Establishes the security identifier associated with the user object |
| Provider Support | WinNT |
| Data Type | Octet String |
| Read-Only? | No |
IADsUser::Parameters
| Description | Allows access to custom fields in the parameters field in the SAM. Terminal Server/Citrix profile path and RAS settings are usually stored in this field, along with any other OEM modifications to a user's SAM record. |
| Provider Support | WinNT |
| Data Type | String |
| Read-Only? | No |
IADsUser::PasswordAge
| Description | Returns the password age for the currently bound user object |
| Provider Support | WinNT |
| Data Type | Time |
| Read-Only? | No |
IADsUser::PasswordExpired
| Description | Returns an integer representing whether the account password has expired |
| Provider Support | WinNT |
| Data Type | Long |
| Read-Only? | No |
IADsUser::PrimaryGroupID
| Description | Establishes the primary group identification number for the user object |
| Provider Support | WinNT |
| Data Type | Long |
| Read-Only? | No |
IADsUser::UserFlags
| Description | Establishes various custom configurations for the user account as defined in ADS_USER_FLAG |
| Provider Support | WinNT |
| Data Type | Long |
| Read-Only? | No |
IADsUser::UserFlags Flag Values
| Flag | Value | Description |
|---|---|---|
| ADS_UF_SCRIPT | 0x0001 | Executes logon script |
| ADS_UF_ACCOUNTDISABLE | 0x0002 | Disables account |
| ADS_UF_HOMEDIR_REQUIRED | 0x0003 | Requires home directory |
| ADS_UF_LOCKOUT | 0x0010 | Account locked out |
| ADS_UF_PASSWD_NOTREQD | 0x0020 | Does not require password |
| ADS_UF_PASSWD_CANT_CHANGE | 0x0040 | Disallows user's ability to change password |
| ADS_UF_ENCRYPTED_TEXT_ PASSWORD_ALLOWED | 0x0080 | Allows user to send encrypted password |
| ADS_UF_TEMP_DUPLICATE_ ACCOUNT | 0x0100 | Local user account |
| ADS_UF_NORMAL_ACCOUNT | 0x0200 | Typical user account |
| ADS_UF_INTERDOMAIN_TRUST_ ACCOUNT | 0x0800 | Establishes permit to trust account |
| ADS_UF_WORKSTATION_ TRUST_ACCOUNT | 0x1000 | Computer account |
| ADS_UF_SERVER_TRUST_ACCOUNT | 0x2000 | BDC computer account |
| ADS_UF_DONTEXPIREPASSWORD | 0x10000 | Does not force password to expire |
| ADS_UF_MNS_LOGON_ACCOUNT | 0x20000 | MNS Logon account |
| ADS_UF_SMARTCARD_REQUIRED | 0x40000 | Requires use of a smart card for logon |
| ADS_UF_TRUSTED_FOR_DELEGATION | 0x80000 | Trusts account for Kerberos delegation |
| ADS_UF_NOT_DELEGATED | 0x100000 | Does not allow user security context to be delegated to a service |
| Top |