Hi everyone, I want to share with you guys, the codes that userAccountControl returns.
The LDAp attribute (useraccountControl) returns different values depending on the configuration of the user account.
The following table will show the bunch of code the could be returned by the active directory
The following table will show the bunch of code the could be returned by the active directory
userAccountControl Code
|
Meaning
|
512
|
Enabled
|
514
|
ACCOUNTDISABLE
|
528
|
Enabled - LOCKOUT
|
530
|
ACCOUNTDISABLE - LOCKOUT
|
544
|
Enabled - PASSWD_NOTREQD
|
546
|
ACCOUNTDISABLE - PASSWD_NOTREQD
|
560
|
Enabled - PASSWD_NOTREQD - LOCKOUT
|
640
|
Enabled - ENCRYPTED_TEXT_PWD_ALLOWED
|
2048
|
INTERDOMAIN_TRUST_ACCOUNT
|
2080
|
INTERDOMAIN_TRUST_ACCOUNT - PASSWD_NOTREQD
|
4096
|
WORKSTATION_TRUST_ACCOUNT
|
8192
|
SERVER_TRUST_ACCOUNT
|
66048
|
Enabled - DONT_EXPIRE_PASSWORD
|
66050
|
ACCOUNTDISABLE - DONT_EXPIRE_PASSWORD
|
66064
|
Enabled - DONT_EXPIRE_PASSWORD - LOCKOUT
|
66066
|
ACCOUNTDISABLE - DONT_EXPIRE_PASSWORD - LOCKOUT
|
66080
|
Enabled - DONT_EXPIRE_PASSWORD - PASSWD_NOTREQD
|
66082
|
ACCOUNTDISABLE - DONT_EXPIRE_PASSWORD - PASSWD_NOTREQD
|
66176
|
Enabled - DONT_EXPIRE_PASSWORD - ENCRYPTED_TEXT_PWD_ALLOWED
|
131584
|
Enabled - MNS_LOGON_ACCOUNT
|
131586
|
ACCOUNTDISABLE - MNS_LOGON_ACCOUNT
|
131600
|
Enabled - MNS_LOGON_ACCOUNT - LOCKOUT
|
197120
|
Enabled - MNS_LOGON_ACCOUNT - DONT_EXPIRE_PASSWORD
|
532480
|
SERVER_TRUST_ACCOUNT - TRUSTED_FOR_DELEGATION (Domain Controller)
|
1049088
|
Enabled - NOT_DELEGATED
|
1049090
|
ACCOUNTDISABLE - NOT_DELEGATED
|
2097664
|
Enabled - USE_DES_KEY_ONLY
|
2687488
|
Enabled - DONT_EXPIRE_PASSWORD - TRUSTED_FOR_DELEGATION - USE_DES_KEY_ONLY
|
4194816
|
Enabled - DONT_REQ_PREAUTH
|
No comments:
Post a Comment