Compartir a través de


3.1.5.14.11 User Field to Attribute Name Mapping

This table specifies the field-to-database-attribute mapping, where the field is a field in a user-related structure such as SAMPR_USER_ALL_INFORMATION (section 2.2.6.6) and the database attribute is an attribute defined on a user object. These attributes are from the data model specified in section 3.1.1.

Field name

Database attribute

LastLogon

lastLogon

LastLogoff

lastLogoff

PasswordLastSet

pwdLastSet

AccountExpires

accountExpires

PasswordCanChange

See section 3.1.5.14.3 for message processing.

PasswordMustChange

See section 3.1.5.14.4 for message processing.

UserName

sAMAccountName

FullName

displayName

HomeDirectory

homeDirectory

HomeDirectoryDrive

homeDrive

ScriptPath

scriptPath

ProfilePath

profilePath

AdminComment

description

WorkStations

userWorkstations

UserComment

comment

Parameters

userParameters

UserId

RID of objectSid

PrimaryGroupId

primaryGroupId

UserAccountControl*

userAccountControl

LogonHours

logonHours

BadPasswordCount

badPwdCount

LogonCount

logonCount

CountryCode

countryCode

CodePage

codePage

NtOwfPassword**

unicodePwd

LmOwfPassword**

dBCSPwd

NtPasswordPresent**

Not persisted as a database attribute

LmPasswordPresent**

Not persisted as a database attribute

PrivateData**

Not persisted as a database attribute

PasswordExpired**

Not persisted as a database attribute

SecurityDescriptor**

ntSecurityDescriptor

*On read of UserAccountControl, the database attribute value MUST be:

  1. Augmented with the UF_LOCKOUT bit if the lockoutTime attribute value on the target object is nonzero and if its value plus the Effective-LockoutDuration attribute value (section 3.1.1.5) is less than the current time.

  2. Augmented with UF_PASSWORD_EXPIRED if PasswordMustChange is less than the current time.

  3. Translated according to the table in section 3.1.5.14.2.

**NtOwfPassword, NtPasswordPresent, LmOwfPassword, LmPasswordPresent, PrivateData, PasswordExpired, and SecurityDescriptor cannot be returned by the SAM Remote Protocol, as indicated by the processing instructions specified in sections 3.1.5.5.6 and 3.1.5.5.5