API Reference
UserRecord
High-level, task-friendly projection of a user object with commonly needed computed properties for security assessment.
Inheritance
- Object
- UserRecord
Constructors
public UserRecord() #Inherited Methods
Properties
public String DistinguishedName { get; set; } #Distinguished name.
public String SamAccountName { get; set; } #Legacy logon name (DOMAIN\\user).
public String UserPrincipalName { get; set; } #User principal name.
public String EmailAddress { get; set; } #User email address (mail attribute).
public String Manager { get; set; } #Manager distinguished name (manager attribute).
public String Country { get; set; } #Country code (two-letter, from c attribute).
public Nullable<Int32> CountryCode { get; set; } #Country code numeric value (countryCode attribute).
public Nullable<DateTime> WhenCreated { get; set; } #Creation timestamp.
public Nullable<DateTime> LastLogon { get; set; } #Last interactive/network logon time if known.
public Nullable<DateTime> LastLogonTimestamp { get; set; } #Replicated lastLogonTimestamp if known.
public Nullable<DateTime> PasswordLastSet { get; set; } #Password last set timestamp.
public Nullable<Int32> UserAccountControl { get; set; } #userAccountControl raw value.
public Boolean Enabled { get; set; } #True when account is enabled.
public Boolean PasswordNeverExpires { get; set; } #True when the password policy exempts the account from expiration.
public Boolean HasSpn { get; set; } #True when at least one SPN is registered.
public Boolean IsAdmin { get; set; } #True when the user is a member of privileged groups.
public Nullable<Int32> EncryptionTypes { get; set; } #msDS-SupportedEncryptionTypes raw mask.
public Boolean IsProtectedUsersMember { get; set; } #True when the account belongs to the Protected Users group.
public Boolean HasSidHistory { get; set; } #True when sIDHistory entries exist.
public Boolean AdminCount { get; set; } #Reflects the adminCount attribute (AdminSDHolder protection).
public Boolean HasAllowedToDelegateTo { get; set; } #True when constrained delegation targets exist.
public Boolean PasswordNotRequired { get; set; } #True if the account can authenticate without a password.
public Boolean ReversiblePasswordEncryption { get; set; } #True when the directory stores the password in reversible form.
public Boolean SmartcardRequired { get; set; } #True when the account requires smart card logon.
public Nullable<Int32> PrimaryGroupId { get; set; } #primaryGroupID for the user.
public String Sid { get; set; } #Object SID (string form, e.g., S-1-5-21-...).
public Int32 LastLogonDays { get; } #Age in days since most recent logon (or -1 when unknown).
public Int32 PasswordAgeDays { get; } #Age in days since the password was last set (or -1 when unknown).