DSCResources/MSFT_xADUser/MSFT_xADUser.schema.mof
[ClassVersion("1.0.0.0"), FriendlyName("xADUser")]
class MSFT_xADUser : OMI_BaseResource { [Key, Description("Name of the domain where the user account is located (only used if password is managed)")] String DomainName; [Key, Description("Specifies the Security Account Manager (SAM) account name of the user (ldapDisplayName 'sAMAccountName')")] String UserName; [Write, Description("Specifies a new password value for the account"), EmbeddedInstance("MSFT_Credential")] String Password; [Write, Description("Specifies whether the user account is created or deleted"), ValueMap{"Present", "Absent"},Values{"Present", "Absent"}] String Ensure; [Write, Description("Specifies the common nane assigned to the user account (ldapDisplayName 'cn')")] String CommonName; [Write, Description("Specifies the UPN assigned to the user account (ldapDisplayName 'userPrincipalName')")] String UserPrincipalName; [Write, Description("Specifies the display name of the object (ldapDisplayName 'displayName')")] String DisplayName; [Write, Description("Specifies the X.500 path of the Organizational Unit (OU) or container where the new object is created")] String Path; [Write, Description("Specifies the user's given name (ldapDisplayName 'givenName')")] String GivenName; [Write, Description("Specifies the initials that represent part of a user's name (ldapDisplayName 'initials')")] String Initials; [Write, Description("Specifies the user's last name or surname (ldapDisplayName 'sn')")] String Surname; [Write, Description("Specifies a description of the object (ldapDisplayName 'description')")] String Description; [Write, Description("Specifies the user's street address (ldapDisplayName 'streetAddress')")] String StreetAddress; [Write, Description("Specifies the user's post office box number (ldapDisplayName 'postOfficeBox')")] String POBox; [Write, Description("Specifies the user's town or city (ldapDisplayName 'l')")] String City; [Write, Description("Specifies the user's or Organizational Unit's state or province (ldapDisplayName 'st')")] String State; [Write, Description("Specifies the user's postal code or zip code (ldapDisplayName 'postalCode')")] String PostalCode; [Write, Description("Specifies the country or region code for the user's language of choice (ldapDisplayName 'c')")] String Country; [Write, Description("Specifies the user's department (ldapDisplayName 'department')")] String Department; [Write, Description("Specifies the user's division (ldapDisplayName 'division')")] String Division; [Write, Description("Specifies the user's company (ldapDisplayName 'company')")] String Company; [Write, Description("Specifies the location of the user's office or place of business (ldapDisplayName 'physicalDeliveryOfficeName')")] String Office; [Write, Description("Specifies the user's title (ldapDisplayName 'title')")] String JobTitle; [Write, Description("Specifies the user's e-mail address (ldapDisplayName 'mail')")] String EmailAddress; [Write, Description("Specifies the user's employee ID (ldapDisplayName 'employeeID')")] String EmployeeID; [Write, Description("Specifies the user's employee number (ldapDisplayName 'employeeNumber')")] String EmployeeNumber; [Write, Description("Specifies a user's home directory path (ldapDisplayName 'homeDirectory')")] String HomeDirectory; [Write, Description("Specifies a drive that is associated with the UNC path defined by the HomeDirectory property (ldapDisplayName 'homeDrive')")] String HomeDrive; [Write, Description("Specifies the URL of the home page of the object (ldapDisplayName 'wWWHomePage')")] String HomePage; [Write, Description("Specifies a path to the user's profile (ldapDisplayName 'profilePath')")] String ProfilePath; [Write, Description("Specifies a path to the user's log on script (ldapDisplayName 'scriptPath')")] String LogonScript; [Write, Description("Specifies the notes attached to the user's accoutn (ldapDisplayName 'info')")] String Notes; [Write, Description("Specifies the user's office telephone number (ldapDisplayName 'telephoneNumber')")] String OfficePhone; [Write, Description("Specifies the user's mobile phone number (ldapDisplayName 'mobile')")] String MobilePhone; [Write, Description("Specifies the user's fax phone number (ldapDisplayName 'facsimileTelephoneNumber')")] String Fax; [Write, Description("Specifies the user's home telephone number (ldapDisplayName 'homePhone')")] String HomePhone; [Write, Description("Specifies the user's pager number (ldapDisplayName 'pager')")] String Pager; [Write, Description("Specifies the user's IP telephony phone number (ldapDisplayName 'ipPhone')")] String IPPhone; [Write, Description("Specifies the user's manager specified as a Distinguished Name (ldapDisplayName 'manager')")] String Manager; [Write, Description("Specifies the computers that the user can access. To specify more than one computer, create a single comma-separated list. You can identify a computer by using the Security Account Manager (SAM) account name (sAMAccountName) or the DNS host name of the computer. The SAM account name is the same as the NetBIOS name of the computer. The LDAP display name (ldapDisplayName) for this property is userWorkStations.")] String LogonWorkstations; [Write, Description("Specifies the user's organization. This parameter sets the Organization property of a user object. The LDAP display name (ldapDisplayName) of this property is o.")] String Organization; [Write, Description("Specifies a name in addition to a user's given name and surname, such as the user's middle name. This parameter sets the OtherName property of a user object. The LDAP display name (ldapDisplayName) of this property is middleName.")] String OtherName; [Write, Description("Specifies if the account is enabled (default True)")] Boolean Enabled; [Write, Description("Specifies whether the account password can be changed")] Boolean CannotChangePassword; [Write, Description("Specifies whether the account password must be changed during the next logon attempt. This cannot be set to true if the PasswordNeverExpires property is also set to true")] Boolean ChangePasswordAtLogon; [Write, Description("Specifies whether the password of an account can expire")] Boolean PasswordNeverExpires; [Write, Description("Specifies the Active Directory Domain Services instance to use to perform the task.")] String DomainController; [Write, Description("Specifies the user account credentials to use to perform this task"), EmbeddedInstance("MSFT_Credential")] String DomainAdministratorCredential; [Write, Description("Specifies the authentication context type used when testing passwords"), ValueMap{"Default","Negotiate"},Values{"Default","Negotiate"}] String PasswordAuthentication; [Write, Description("Specifies whether existing user's password should be reset (default $false)")] Boolean PasswordNeverResets; [Write, Description("Specifies whether an account is trusted for Kerberos delegation (default $false)")] Boolean TrustedForDelegation; [Write, Description("Try to restore the user object from the recycle bin before creating a new one.")] Boolean RestoreFromRecycleBin; [Write, Description("Specifies the service principal names for the user account.")] String ServicePrincipalNames[]; [Write, Description("Specifies the proxy addresses for the user account.")] String ProxyAddresses[]; [Write, Description("Indicates whether the security context of the user is delegated to a service. When this parameter is set to true, the security context of the account is not delegated to a service even when the service account is set as trusted for Kerberos delegation. This parameter sets the AccountNotDelegated property for an Active Directory account. This parameter also sets the ADS_UF_NOT_DELEGATED flag of the Active Directory User Account Control (UAC) attribute.")] Boolean AccountNotDelegated; [Write, Description("Indicates whether reversible password encryption is allowed for the account. This parameter sets the AllowReversiblePasswordEncryption property of the account. This parameter also sets the ADS_UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED flag of the Active Directory User Account Control (UAC) attribute.")] Boolean AllowReversiblePasswordEncryption; [Write, Description("Specifies whether an account supports Kerberos service tickets which includes the authorization data for the user's device. This value sets the compound identity supported flag of the Active Directory msDS-SupportedEncryptionTypes attribute.")] Boolean CompoundIdentitySupported; [Write, Description("Specifies whether the account requires a password. A password is not required for a new account. This parameter sets the PasswordNotRequired property of an account object.")] Boolean PasswordNotRequired; [Write, Description("Specifies whether a smart card is required to logon. This parameter sets the SmartCardLoginRequired property for a user object. This parameter also sets the ADS_UF_SMARTCARD_REQUIRED flag of the Active Directory User Account Control attribute.")] Boolean SmartcardLogonRequired; [Read, Description("Returns the X.500 path of the object")] String DistinguishedName; }; |