Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The userAccountControl bits are bit flags that describe various qualities of a security account. The bit flags are presented below in little-endian byte order.
|
|
|
|
|
|
|
|
|
|
1 |
|
|
|
|
|
|
|
|
|
2 |
|
|
|
|
|
|
|
|
|
3 |
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
X |
X |
X |
L O |
X |
X |
A D |
X |
X |
X |
S T |
W T |
I D |
X |
N A |
D A |
X |
X |
X |
X |
X |
X |
X |
X |
X |
X |
X |
X |
X |
P S |
X |
X |
X: Unused. MUST be zero and ignored.
AD (ADS_UF_ACCOUNTDISABLE, 0x00000002): The account is disabled.
LO (ADS_UF_LOCKOUT, 0x00000010): The account is temporarily locked out.
DA (ADS_UF_TEMP_DUPLICATE_ACCOUNT, 0x00000100): This is an account for a user whose primary account is in another domain.
NA (ADS_UF_NORMAL_ACCOUNT, 0x00000200): The default account type that represents a typical user.
ID (ADS_UF_INTERDOMAIN_TRUST_ACCOUNT, 0x00000800): The account for a domain-to-domain trust.
WT (ADS_UF_WORKSTATION_ACCOUNT, 0x00001000): The computer account for a computer that is a member of this domain.
ST (ADS_UF_SERVER_TRUST_ACCOUNT, 0x00002000): The computer account for a DC.
PS (ADS_UF_PARTIAL_SECRETS_ACCOUNT, 0x04000000): The computer account for an RODC.