Overview#
This is for Microsoft Active Directory implementations only.
To Determine the Classes Associated With an Entry in Microsoft Active Directory you must inspect the following attributes on the entry:
- objectClass - Identifies the classes included in STRUCTURAL ObjectClass Types, plus any AUXILIARY ObjectClass Types that are Dynamically Linked Auxiliary Classes.
- structuralObjectClass Attribute - Identifies the STRUCTURAL and ABSTRACT ObjectClass Types of which the LDAP Entry is an instance.
Additionally #
You need to inspect each of the objectClass values to determine if there are any Statically Linked Auxiliary Classes associated with any values.For Example, the the SecurityPrincipal AUXILIARY class is Statically Linked Auxiliary Classes with the user class because it is included in the systemAuxiliaryClass values of the user classSchema object; it is not included in either the objectClass or structuralObjectClass attributes of instances of the user class.
