Link between User and posixaccount AD schema classes

Tagged: 

This topic contains 2 replies, has 2 voices, and was last updated by Profile photo of David Zemdegs David Zemdegs 4 weeks ago.

  • Author
    Posts
  • #69309
    Profile photo of David Zemdegs
    David Zemdegs
    Participant

    Hi,
    Someone asked me to set a value for uidnumber on an AD user account. I ran set-aduser and it didnt fail.
    When I try to list all properties of the account, it does not return uidnumber. Neither does adsiedit.
    I listed all the attributes of the user class (and all parent classes) and uidnumber does not appear.
    I discovered that uidnumber is a member of class posixaccount.
    I cannot find the link between this schema class and the user schema class.
    I've alooked at the systemauxiliaryclasses of the user class (and all its parents) and posixaccount does not appear.
    Does nayone know where the link is and how to retrieve the value for a posixaccount attribute?
    Thanks
    David

  • #69366
    Profile photo of Don Jones
    Don Jones
    Keymaster

    Well, the thing is, there's no direct link. Technically, a posixAccount can exist without a corresponding user. The best linkage, I'd think, would be NT-Security-Descriptor, which is mandatory.

  • #69433
    Profile photo of David Zemdegs
    David Zemdegs
    Participant

    I can do 'set-aduser xxx -replace @{uidnumber=219}' and it works. I'm intrigued on how the system determines that this attribute is valid for a user account. I guess we'll never know 🙂
    Thanks
    David

You must be logged in to reply to this topic.