Overview#

User has several different concepts within several different contexts.

User is often the Customer or end-user.

Personal Entity#

Personal Entity is often referred to as a User

OAuth 2.0 Resource Owner#

Within OAuth 2.0 User is a Resource Owner

Microsoft Active Directory ObjectClass Definition#

The ObjectClass Type is defined as:

• OID: 1.2.840.113556.1.5.9
• ObjectClass-Name: User
• SUP: organizationalPerson
• STRUCTURAL
• MUST:
• MAY:
  • userCertificate
  • networkAddress
  • userAccountControl
  • badPwdCount
  • codePage
  • homeDirectory
  • homeDrive
  • badPasswordTime
  • lastLogoff
  • lastLogon
  • dBCSPwd
  • localeID
  • scriptPath
  • logonHours
  • logonWorkstation
  • maxStorage
  • userWorkstations
  • unicodePwd
  • otherLoginWorkstations
  • ntPwdHistory
  • pwdLastSet
  • preferredOU
  • primaryGroupID
  • userParameters
  • profilePath
  • operatorCount
  • adminCount
  • accountExpires
  • lmPwdHistory
  • groupMembershipSAM
  • logonCount
  • controlAccessRights
  • defaultClassStore
  • groupsToIgnore
  • groupPriority
  • desktopProfile
  • dynamicLDAPServer
  • userPrincipalName
  • lockoutTime
  • userSharedFolder
  • userSharedFolderOther
  • servicePrincipalName
  • aCSPolicyName
  • terminalServer
  • mSMQSignCertificates
  • mSMQDigests
  • mSMQDigestsMig
  • mSMQSignCertificatesMig
  • msNPAllowDialin
  • msNPCallingStationID
  • msNPSavedCallingStationID
  • msRADIUSCallbackNumber
  • msRADIUSFramedIPAddress
  • msRADIUSFramedRoute
  • msRADIUSServiceType
  • msRASSavedCallbackNumber
  • msRASSavedFramedIPAddress
  • msRASSavedFramedRoute
  • mS-DS-CreatorSID!! LDAP eDirectory Attribute Definition

LDAP eDirectory the AttributeTypes is defined as:

• OID of 2.16.840.1.113719.1.1.4.1.111
• NAME: User
• DESC:
• EQUALITY:
• ORDERING:
• SYNTAX: 1.3.6.1.4.1.1466.115.121.1.12
• SINGLE-VALUE (only if present)
• USAGE UserApplications
• Extended Flags:
  • X-NDS_SERVER_READ '1'
  • X-NDS_NONREMOVABLE '1'
• Used as MUST in:
• Used MAY in:

LDAP eDirectory ObjectClass Definition#

The ObjectClass is defined as:

• OID: 2.16.840.1.113730.3.2.2
• ObjectClass-Name: User is aliased to inetOrgPerson!! More Information

There might be more information for this subject on one of the following:

• 1.2.840.113556.1.5.9
• 2.16.840.1.113719.1.1.4.1.111
• 2.16.840.1.113719.1.1.6.1.20
• 2.16.840.1.113719.1.1.6.1.22
• 2.16.840.1.113730.3.2.2
• API Planing
• AWS IAM
• Access Control Engine
• Access Control Policy
• Access Proxy
• Active Directory Group Related Searches
• Active Directory Groups
• App2app
• Authentication intent
• Batch-Auth
• Best Practices For Unique Identifiers
• Best Practices Password
• BeyondCorp
• Blockchain
• Bot
• CachedInteractive
• Certificate Authority
• Client Application
• Credential Management API
• Credential Reuse
• Cyclic Inheritance
• Delegation vs Impersonation
• Digital Identity
• End-User
• FIDO
• FIDO Client
• Financial API
• G-Suite User
• Google Cloud Platform
• HKEY_CURRENT_USER
• Human-Centered Design
• INCITS 359
• Identity Cube
• InetOrgPerson
• Kerberos Principal
• Linked Attribute
• Local device
• Locale
• MSFT Access Token
• MemberOf
• NIST.SP.800-207
• NetworkCleartext
• Non-interactive
• OAuth Dynamic Client Registration Metadata
• Password Authentication is Broken
• Password Expiration
• Password Flow From Active Directory to eDirectory
• Password Modification Policy
• Password Reuse
• Passwordless SMS Authentication
• Phishing
• Primary Access Token
• PrimaryGroupID
• Privacy Enhancing Technologies
• RemoteInteractive
• Risk-Based Authentication
• Security Principal Objects
• Server
• Session Layer
• Strength of Function for Authenticators - Biometrics
• Traditional Registration
• Trust Tier
• U2F device
• UnicodePwd
• Universal Authentication Framework
• Universal Password
• Universal Second Factor
• Universal Second Factor Challenges
• User Interface
• User-generated content
• Windows Logon
• Windows Logon Types
• Windows registry
• Windows user
• XACML