Link between User and posixaccount AD schema classes

This topic contains 2 replies, has 2 voices, and was last updated by  David Zemdegs 1 year, 1 month ago.

  • Author
  • #69309

    David Zemdegs

    Someone asked me to set a value for uidnumber on an AD user account. I ran set-aduser and it didnt fail.
    When I try to list all properties of the account, it does not return uidnumber. Neither does adsiedit.
    I listed all the attributes of the user class (and all parent classes) and uidnumber does not appear.
    I discovered that uidnumber is a member of class posixaccount.
    I cannot find the link between this schema class and the user schema class.
    I've alooked at the systemauxiliaryclasses of the user class (and all its parents) and posixaccount does not appear.
    Does nayone know where the link is and how to retrieve the value for a posixaccount attribute?

  • #69366

    Don Jones

    Well, the thing is, there's no direct link. Technically, a posixAccount can exist without a corresponding user. The best linkage, I'd think, would be NT-Security-Descriptor, which is mandatory.

  • #69433

    David Zemdegs

    I can do 'set-aduser xxx -replace @{uidnumber=219}' and it works. I'm intrigued on how the system determines that this attribute is valid for a user account. I guess we'll never know 🙂

You must be logged in to reply to this topic.