Hi MN,
What is inetOrgPerson?
====================
inetOrgPerson is a class.
Directories other than Microsoft® Active Directory™ use the inetOrgPerson
class to define the user account object, applications that were originally
written to access objects in these directories may implement the
inetOrgPerson class. To make those applications more compatible with Active
Directory and permit the migration of inetOrgPerson objects to Active
Directory, the inetOrgPerson class is being introduced into the base schema
for the Microsoft Windows® 2003 Server operating system. In Windows 2003
Server, the inetOrgPerson class is expected to be a full implementation
that is compatible with the user class.
The inetOrgPerson class is defined in RFC2798; however, the inetOrgPerson
class defined in Windows 2000 deviates from that defined in RFC2798 in two
ways:
In Active Directory, inetOrgPerson is derived from the user class so it can
easily behave as a security principal.
Some of the attributes are defined differently due to legacy issues.
Differences Between inetOrgPerson and the user Class
===================================================
After installing this kit in a Windows 2000 forest, you will notice a
difference in the functionality that is available between the user and
inetOrgPerson classes. Most of the differences in behavior occur in the
Active Directory Users and Computers user interface. As with any class that
is derived from the user class, the UI for the user class is not inherited.
The display specifier file that is supplied with this kit provides some
limited UI capability. Here is a list of known differences in the
inetOrgPerson class:
When creating an inetOrgPerson object, a creation wizard will not be
available.
The inetOrgPerson object will appear as a container object on the Active
Directory Users and Computers UI. This is a bug that will be fixed in
Windows 2003 Server.
User context menus that are normally displayed when you right-click a user
object in the Active Directory Users and Computers UI will not be available
for inetOrgPerson objects. Instead, right-click the inetOrgPerson object to
see the user context menu for a container object.
The password is blank and there is no option available on the user context
menu to set the password. To modify the password, you can write a script
that will set it, or use client tools such as ADSI Edit.
Newly created inetOrgPerson objects will have their account disabled. You
will need to modify the userAccountControl attribute to set the status for
the account.
MN, I did research and found some of the artciles and documents on
inetOrgPerson. Have a look at those articles for more detailed information:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/adschema/ad
schema/c_inetorgperson.asp
To look at the class inetOrgPerson attributes for Windows Server 2003
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/adschema/ad
schema/c_inetorgperson.asp
Thanks,
(e-mail address removed)
This posting is provided "AS IS" with no warranties, and confers no rights.
