Active Roles 7.3.1 - Synchronization Service Administrator Guide

Synchronization Service Overview Deploying Synchronization Service Getting started Connections to external data systems
External data systems supported out of the box
Working with Active Directory Working with an AD LDS (ADAM) instance Working with Skype for Business Server Working with Exchange Server Working with Active Roles Working with One Identity Manager Working with a delimited text file Working with Microsoft SQL Server Sample queries to modify SQL Server data Working with an OLE DB-compliant relational database Working with SharePoint Working with Microsoft Office 365 Working with Microsoft Azure Active Directory
Using connectors installed remotely Creating a connection Renaming a connection Deleting a connection Modifying synchronization scope for a connection Using connection handlers Specifying password synchronization settings for a connection
Synchronizing identity data Mapping objects Automated password synchronization Synchronization history Scenarios of use Appendix A: Developing PowerShell scripts for attribute synchronization rules Appendix B: Using a PowerShell script to transform passwords

SPOTenant object attributes

SPOTenant object attributes

 

Table 92: SPOTenant attributes

Attribute

Description

Supported operations

ExternalServicesEnabled

Gets or sets the maximum compatibility level for new sites.

Read, Write (update only)

MinCompatibilityLevel

Gets or sets the minimum compatibility level for new sites.

Read, Write (update only)

NoAccessRedirectUrl

Gets or sets the redirect URL for the SPOSite object whose LockState attribute value is set to NoAccess.

Read, Write (update only)

ObjectID

Gets the unique object identifier (GUID).

Read

ResourceQuota

Gets or sets the server resource quota available to the organization.

Read, Write (update only)

ResourceQuotaAllocated

Gets or sets the server resource quota limit for the organization.

Read, Write (update only)

StorageQuota

Gets or sets the storage quota available to the organization.

Read, Write (update only)

StorageQuotaAllocated

Gets or sets the storage quota limit for the organization.

Read, Write (update only)

User object attributes

User object attributes

The Office 365 Connector provides the following attributes for the User object in Office 365:

Attributes Related to License Plans and Services

These attributes allow you to get or set the license plans and services available to the user in Office 365. The attributes support Read and Write operations.

The names and display names of these attributes are formed dynamically according to the following patterns:

 

Table 93: Naming patterns for attributes

Item

Naming pattern

Examples

Attribute display name

<LicensePlanNameOnGUI> - <ServiceNameOnGUI>

In this pattern:

LicensePlanNameOnGUI is the license plan name as it is displayed on the Office 365 user interface.

ServiceNameOnGUI is the service name as it is displayed below the corresponding license plan on the Office 365 user interface.

Microsoft Office 365 Plan E3 - Office Web Apps

Microsoft Office 365 Plan K2 - Exchange Online Kiosk

Attribute name

<LicensePlanName>-<ServiceName>

In this pattern:

LicensePlanName is the license plan name in the form used by the Microsoft Office 365 cmdlets for Windows PowerShell.

ServiceName is the service name in the corresponding license plan. The service name is displayed in the form used by the Microsoft Office 365 cmdlets for Windows PowerShell.

ENTERPRISEPACK-SHAREPOINTWAC

DESKLESSWOFFPACK-EXCHANGE_S_DESKLESS

These attributes can take one of the following values:

  • True. Specifies that the service is selected in the corresponding license plan in Office 365.
  • False. Specifies that the service is selected in the corresponding license plan in Office 365.

If necessary, you can modify the display names of Office 365 license plans and services that appear in the Synchronization Service Administration Console. These display names are part of the Office 365 Connector schema and saved in the file O365LicensePlansServices.xml located in the Synchronization Service installation folder (by default, this is %ProgramFiles%\One Identity\Active Roles\7.3\SyncService).

For example, you may need to modify the name of a license plan or service in the Office 365 Connector schema when the corresponding name changes in the Office 365 user interface and therefore the related attribute display name becomes outdated in the Synchronization Service Administration Console.

To modify the display names of attributes in the Office 365 Connector schema

  1. Open the file O365LicensePlansServices.xml located in the Synchronization Service installation folder.
  2. In the appropriate XML elements, modify the values of the PlanDisplayName and ServiceDisplayName attributes as necessary. See the following table for more information about the XML elements used in the file:

 

Table 94: XML elements

XML element

Description

Example

<Plan>

Defines the name and display name of the attribute related to a particular Office 365 license plan in the Office 365 Connector schema.

This element has the following attributes:

  • PlanName. The license plan name in the form used by the Microsoft Office 365 cmdlets for Windows PowerShell.
  • PlanDisplayName. The license plan name as it displays in the Synchronization Service Administration Console.

<Plan PlanName="STANDARDPACK" PlanDisplayName="Microsoft Office 365 Plan E1"/>

<Service>

Defines the name and display name of the attribute related to a particular Office 365 service in the Office 365 Connector schema.

This element has the following attributes:

  • ServiceName. The service name in the form used by the Microsoft Office 365 cmdlets for Windows PowerShell.
  • ServiceDisplayName. The service name as it displays in the Synchronization Service Administration Console.

<Service ServiceName="OFFICESUBSCRIPTION" ServiceDisplayName="Office Professional Plus" />

  1. When you are finished, click OK.
Other attributes

 

Table 95: Other attributes

Attribute

Description

Supported operations

AllowUMCallsFromNonUsers

Gets or sets whether to exclude or include the user in directory searches.

This attribute can take one of the following values:

  • None. Specifies to exclude the user from directory searches.
  • SearchEnabled. Specifies to include the user in directory searches.

Read, Write

AlternateEmailAddresses

Gets or sets the alternate e-mail addresses of the user.

Read, Write

AssistantName

Gets or sets the name of the user’s assistant.

Read, Write

BlockCredential

Gets or sets whether or not the user can sign in and use Microsoft Office 365 services.

This attribute can take one of the following values:

  • TRUE. Specifies that user’s Microsoft Online Services ID is disabled and the user cannot sign in and use Office 365 services.
  • FALSE (default). Specifies that user’s Microsoft Online Services ID is enabled and the user can sign in and use Office 365 services.

Read, Write

City

Gets or sets the user’s city.

Read, Write

Company

Gets or sets the name of user’s company.

Read, Write

Country

Gets or sets the user’s country.

Read, Write

CountryOrRegion

Gets or sets the country or region of the user.

Read, Write

Department

Gets or sets the user’s department.

Read, Write

DisplayName

Gets or sets the display name of the user.

Read, Write

Fax

Gets or sets the user’s fax number.

Read, Write

FirstName

Gets or sets the first name of the user.

Read, Write

ForceChangePassword

Gets or sets whether or not the user is forced to change their password the next time the user signs in to Microsoft Office 365.

  • TRUE. Specifies that the user must change their password the next time the user signs in to Microsoft Office 365.
  • FALSE (default). Specifies that the user does not have to change their password the next time the user signs in to Microsoft Office 365.

Write

NOTE: To write data by using this attribute, you must at the same time write data by using the Password attribute.

HomePhone

Gets or sets the home phone number of the user.

Read, Write

ImmutableId

Gets or sets the GUID of the user in Office 365.

This GUID is used to verify the identity of the Active Directory user when the user accesses Office 365 by using single sign-on.

Note that in order the Microsoft Office 365 Connector could read the ImmutableId attribute value stored in Microsoft Office 365, that value must be in base64 encoding format. If the ImmutableId attribute value has any other encoding format, the Microsoft Office 365 Connector returns an error when reading that value.

Read, Write

Initials

Gets or sets the initials of the user.

Read, Write

LastName

Gets or sets the last name of the user.

Read, Write

LiveID

Gets the user’s unique login ID.

Read

MailboxId

Gets the GUID of the user’s mailbox.

Read

Manager

Gets or sets the name of the user’s manager.

Read, Write

MobilePhone

Gets or sets the user’s mobile phone number.

Read, Write

Name

Gets or sets the name of the user.

Read, Write

Notes

Gets or sets notes about the user.

Read, Write

ObjectID

Gets the unique object identifier (GUID).

Read

Office

Gets or sets the user’s office.

Read, Write

OtherFax

Gets or sets the alternate fax number of the user.

Read, Write

OtherHomePhone

Gets or sets the alternate home phone number of the user.

Read, Write

OtherTelephone

Gets or sets the alternate phone number of the user.

Read, Write

Pager

Gets or sets the pager of the user.

Read, Write

Password

Sets a password for the user.

Write

PasswordNeverExpires

Gets or sets whether or not the user’s password periodically expires.

This attribute can take one of the following values:

  • TRUE (default). Specifies that the user’s password never expires.
  • FALSE. Specifies that the user’s password periodically expires.

Read, Write

Phone

Gets or sets the phone number of the user.

Read, Write

PhoneNumber

Gets or sets the user’s phone number.

Read, Write

PhoneticDisplayName

Gets or sets a phonetic pronunciation of the value specified in the DisplayName attribute for the user.

Read, Write

PostalCode

Gets or sets the user’s postal code.

Read, Write

PostOfficeBox

Gets or sets the post office box number of the user.

Read, Write

PreferredLanguage

Gets or sets the preferred language for the user.

Read, Write

RemotePowerShellEnabled

Gets or sets whether remote Windows PowerShell cmdlets are available to the user.

This attribute can take one of the following values:

  • TRUE
  • FALSE

Read, Write

ResetPasswordOnNextLogon

Gets or sets whether the user must reset their password at next logon.

This attribute can take one of the following values:

TRUE

FALSE

Read, Write

SimpleDisplayName

Gets or sets an alternate description of the user in a situation where a limited set of characters is allowed.

The limited set of characters includes ASCII characters from 26 to 126.

Read, Write

State

Gets or sets the state where the user is located.

Read, Write

StateOrProvince

Gets or sets the state or province of the user.

Read, Write

StreetAddress

Gets or sets the user’s street address.

Read, Write

Title

Gets or sets the user’s title.

Read, Write

UMDtmfMap

Gets or sets whether to create a user-defined DTMF map for the user if it has Unified Messaging enabled.

Read, Write

UsageLocation

Gets or sets the two-letter ISO country designation. This attribute specifies the user’s country where services are consumed.

Read, Write

UserPrincipalName

Gets or sets the user’s Microsoft Online Services ID.

Read, Write

WebPage

Gets or sets the Web page address of the user.

Read, Write

WindowsEmailAddress

Gets or sets the email address of the user stored in Active Directory.

Read, Write

Attributes Related to License Plans and Services

User object attributes

The Office 365 Connector provides the following attributes for the User object in Office 365:

Attributes Related to License Plans and Services

These attributes allow you to get or set the license plans and services available to the user in Office 365. The attributes support Read and Write operations.

The names and display names of these attributes are formed dynamically according to the following patterns:

 

Table 93: Naming patterns for attributes

Item

Naming pattern

Examples

Attribute display name

<LicensePlanNameOnGUI> - <ServiceNameOnGUI>

In this pattern:

LicensePlanNameOnGUI is the license plan name as it is displayed on the Office 365 user interface.

ServiceNameOnGUI is the service name as it is displayed below the corresponding license plan on the Office 365 user interface.

Microsoft Office 365 Plan E3 - Office Web Apps

Microsoft Office 365 Plan K2 - Exchange Online Kiosk

Attribute name

<LicensePlanName>-<ServiceName>

In this pattern:

LicensePlanName is the license plan name in the form used by the Microsoft Office 365 cmdlets for Windows PowerShell.

ServiceName is the service name in the corresponding license plan. The service name is displayed in the form used by the Microsoft Office 365 cmdlets for Windows PowerShell.

ENTERPRISEPACK-SHAREPOINTWAC

DESKLESSWOFFPACK-EXCHANGE_S_DESKLESS

These attributes can take one of the following values:

  • True. Specifies that the service is selected in the corresponding license plan in Office 365.
  • False. Specifies that the service is selected in the corresponding license plan in Office 365.

If necessary, you can modify the display names of Office 365 license plans and services that appear in the Synchronization Service Administration Console. These display names are part of the Office 365 Connector schema and saved in the file O365LicensePlansServices.xml located in the Synchronization Service installation folder (by default, this is %ProgramFiles%\One Identity\Active Roles\7.3\SyncService).

For example, you may need to modify the name of a license plan or service in the Office 365 Connector schema when the corresponding name changes in the Office 365 user interface and therefore the related attribute display name becomes outdated in the Synchronization Service Administration Console.

To modify the display names of attributes in the Office 365 Connector schema

  1. Open the file O365LicensePlansServices.xml located in the Synchronization Service installation folder.
  2. In the appropriate XML elements, modify the values of the PlanDisplayName and ServiceDisplayName attributes as necessary. See the following table for more information about the XML elements used in the file:

 

Table 94: XML elements

XML element

Description

Example

<Plan>

Defines the name and display name of the attribute related to a particular Office 365 license plan in the Office 365 Connector schema.

This element has the following attributes:

  • PlanName. The license plan name in the form used by the Microsoft Office 365 cmdlets for Windows PowerShell.
  • PlanDisplayName. The license plan name as it displays in the Synchronization Service Administration Console.

<Plan PlanName="STANDARDPACK" PlanDisplayName="Microsoft Office 365 Plan E1"/>

<Service>

Defines the name and display name of the attribute related to a particular Office 365 service in the Office 365 Connector schema.

This element has the following attributes:

  • ServiceName. The service name in the form used by the Microsoft Office 365 cmdlets for Windows PowerShell.
  • ServiceDisplayName. The service name as it displays in the Synchronization Service Administration Console.

<Service ServiceName="OFFICESUBSCRIPTION" ServiceDisplayName="Office Professional Plus" />

  1. When you are finished, click OK.
Other attributes

 

Table 95: Other attributes

Attribute

Description

Supported operations

AllowUMCallsFromNonUsers

Gets or sets whether to exclude or include the user in directory searches.

This attribute can take one of the following values:

  • None. Specifies to exclude the user from directory searches.
  • SearchEnabled. Specifies to include the user in directory searches.

Read, Write

AlternateEmailAddresses

Gets or sets the alternate e-mail addresses of the user.

Read, Write

AssistantName

Gets or sets the name of the user’s assistant.

Read, Write

BlockCredential

Gets or sets whether or not the user can sign in and use Microsoft Office 365 services.

This attribute can take one of the following values:

  • TRUE. Specifies that user’s Microsoft Online Services ID is disabled and the user cannot sign in and use Office 365 services.
  • FALSE (default). Specifies that user’s Microsoft Online Services ID is enabled and the user can sign in and use Office 365 services.

Read, Write

City

Gets or sets the user’s city.

Read, Write

Company

Gets or sets the name of user’s company.

Read, Write

Country

Gets or sets the user’s country.

Read, Write

CountryOrRegion

Gets or sets the country or region of the user.

Read, Write

Department

Gets or sets the user’s department.

Read, Write

DisplayName

Gets or sets the display name of the user.

Read, Write

Fax

Gets or sets the user’s fax number.

Read, Write

FirstName

Gets or sets the first name of the user.

Read, Write

ForceChangePassword

Gets or sets whether or not the user is forced to change their password the next time the user signs in to Microsoft Office 365.

  • TRUE. Specifies that the user must change their password the next time the user signs in to Microsoft Office 365.
  • FALSE (default). Specifies that the user does not have to change their password the next time the user signs in to Microsoft Office 365.

Write

NOTE: To write data by using this attribute, you must at the same time write data by using the Password attribute.

HomePhone

Gets or sets the home phone number of the user.

Read, Write

ImmutableId

Gets or sets the GUID of the user in Office 365.

This GUID is used to verify the identity of the Active Directory user when the user accesses Office 365 by using single sign-on.

Note that in order the Microsoft Office 365 Connector could read the ImmutableId attribute value stored in Microsoft Office 365, that value must be in base64 encoding format. If the ImmutableId attribute value has any other encoding format, the Microsoft Office 365 Connector returns an error when reading that value.

Read, Write

Initials

Gets or sets the initials of the user.

Read, Write

LastName

Gets or sets the last name of the user.

Read, Write

LiveID

Gets the user’s unique login ID.

Read

MailboxId

Gets the GUID of the user’s mailbox.

Read

Manager

Gets or sets the name of the user’s manager.

Read, Write

MobilePhone

Gets or sets the user’s mobile phone number.

Read, Write

Name

Gets or sets the name of the user.

Read, Write

Notes

Gets or sets notes about the user.

Read, Write

ObjectID

Gets the unique object identifier (GUID).

Read

Office

Gets or sets the user’s office.

Read, Write

OtherFax

Gets or sets the alternate fax number of the user.

Read, Write

OtherHomePhone

Gets or sets the alternate home phone number of the user.

Read, Write

OtherTelephone

Gets or sets the alternate phone number of the user.

Read, Write

Pager

Gets or sets the pager of the user.

Read, Write

Password

Sets a password for the user.

Write

PasswordNeverExpires

Gets or sets whether or not the user’s password periodically expires.

This attribute can take one of the following values:

  • TRUE (default). Specifies that the user’s password never expires.
  • FALSE. Specifies that the user’s password periodically expires.

Read, Write

Phone

Gets or sets the phone number of the user.

Read, Write

PhoneNumber

Gets or sets the user’s phone number.

Read, Write

PhoneticDisplayName

Gets or sets a phonetic pronunciation of the value specified in the DisplayName attribute for the user.

Read, Write

PostalCode

Gets or sets the user’s postal code.

Read, Write

PostOfficeBox

Gets or sets the post office box number of the user.

Read, Write

PreferredLanguage

Gets or sets the preferred language for the user.

Read, Write

RemotePowerShellEnabled

Gets or sets whether remote Windows PowerShell cmdlets are available to the user.

This attribute can take one of the following values:

  • TRUE
  • FALSE

Read, Write

ResetPasswordOnNextLogon

Gets or sets whether the user must reset their password at next logon.

This attribute can take one of the following values:

TRUE

FALSE

Read, Write

SimpleDisplayName

Gets or sets an alternate description of the user in a situation where a limited set of characters is allowed.

The limited set of characters includes ASCII characters from 26 to 126.

Read, Write

State

Gets or sets the state where the user is located.

Read, Write

StateOrProvince

Gets or sets the state or province of the user.

Read, Write

StreetAddress

Gets or sets the user’s street address.

Read, Write

Title

Gets or sets the user’s title.

Read, Write

UMDtmfMap

Gets or sets whether to create a user-defined DTMF map for the user if it has Unified Messaging enabled.

Read, Write

UsageLocation

Gets or sets the two-letter ISO country designation. This attribute specifies the user’s country where services are consumed.

Read, Write

UserPrincipalName

Gets or sets the user’s Microsoft Online Services ID.

Read, Write

WebPage

Gets or sets the Web page address of the user.

Read, Write

WindowsEmailAddress

Gets or sets the email address of the user stored in Active Directory.

Read, Write

Other attributes

User object attributes

The Office 365 Connector provides the following attributes for the User object in Office 365:

Attributes Related to License Plans and Services

These attributes allow you to get or set the license plans and services available to the user in Office 365. The attributes support Read and Write operations.

The names and display names of these attributes are formed dynamically according to the following patterns:

 

Table 93: Naming patterns for attributes

Item

Naming pattern

Examples

Attribute display name

<LicensePlanNameOnGUI> - <ServiceNameOnGUI>

In this pattern:

LicensePlanNameOnGUI is the license plan name as it is displayed on the Office 365 user interface.

ServiceNameOnGUI is the service name as it is displayed below the corresponding license plan on the Office 365 user interface.

Microsoft Office 365 Plan E3 - Office Web Apps

Microsoft Office 365 Plan K2 - Exchange Online Kiosk

Attribute name

<LicensePlanName>-<ServiceName>

In this pattern:

LicensePlanName is the license plan name in the form used by the Microsoft Office 365 cmdlets for Windows PowerShell.

ServiceName is the service name in the corresponding license plan. The service name is displayed in the form used by the Microsoft Office 365 cmdlets for Windows PowerShell.

ENTERPRISEPACK-SHAREPOINTWAC

DESKLESSWOFFPACK-EXCHANGE_S_DESKLESS

These attributes can take one of the following values:

  • True. Specifies that the service is selected in the corresponding license plan in Office 365.
  • False. Specifies that the service is selected in the corresponding license plan in Office 365.

If necessary, you can modify the display names of Office 365 license plans and services that appear in the Synchronization Service Administration Console. These display names are part of the Office 365 Connector schema and saved in the file O365LicensePlansServices.xml located in the Synchronization Service installation folder (by default, this is %ProgramFiles%\One Identity\Active Roles\7.3\SyncService).

For example, you may need to modify the name of a license plan or service in the Office 365 Connector schema when the corresponding name changes in the Office 365 user interface and therefore the related attribute display name becomes outdated in the Synchronization Service Administration Console.

To modify the display names of attributes in the Office 365 Connector schema

  1. Open the file O365LicensePlansServices.xml located in the Synchronization Service installation folder.
  2. In the appropriate XML elements, modify the values of the PlanDisplayName and ServiceDisplayName attributes as necessary. See the following table for more information about the XML elements used in the file:

 

Table 94: XML elements

XML element

Description

Example

<Plan>

Defines the name and display name of the attribute related to a particular Office 365 license plan in the Office 365 Connector schema.

This element has the following attributes:

  • PlanName. The license plan name in the form used by the Microsoft Office 365 cmdlets for Windows PowerShell.
  • PlanDisplayName. The license plan name as it displays in the Synchronization Service Administration Console.

<Plan PlanName="STANDARDPACK" PlanDisplayName="Microsoft Office 365 Plan E1"/>

<Service>

Defines the name and display name of the attribute related to a particular Office 365 service in the Office 365 Connector schema.

This element has the following attributes:

  • ServiceName. The service name in the form used by the Microsoft Office 365 cmdlets for Windows PowerShell.
  • ServiceDisplayName. The service name as it displays in the Synchronization Service Administration Console.

<Service ServiceName="OFFICESUBSCRIPTION" ServiceDisplayName="Office Professional Plus" />

  1. When you are finished, click OK.
Other attributes

 

Table 95: Other attributes

Attribute

Description

Supported operations

AllowUMCallsFromNonUsers

Gets or sets whether to exclude or include the user in directory searches.

This attribute can take one of the following values:

  • None. Specifies to exclude the user from directory searches.
  • SearchEnabled. Specifies to include the user in directory searches.

Read, Write

AlternateEmailAddresses

Gets or sets the alternate e-mail addresses of the user.

Read, Write

AssistantName

Gets or sets the name of the user’s assistant.

Read, Write

BlockCredential

Gets or sets whether or not the user can sign in and use Microsoft Office 365 services.

This attribute can take one of the following values:

  • TRUE. Specifies that user’s Microsoft Online Services ID is disabled and the user cannot sign in and use Office 365 services.
  • FALSE (default). Specifies that user’s Microsoft Online Services ID is enabled and the user can sign in and use Office 365 services.

Read, Write

City

Gets or sets the user’s city.

Read, Write

Company

Gets or sets the name of user’s company.

Read, Write

Country

Gets or sets the user’s country.

Read, Write

CountryOrRegion

Gets or sets the country or region of the user.

Read, Write

Department

Gets or sets the user’s department.

Read, Write

DisplayName

Gets or sets the display name of the user.

Read, Write

Fax

Gets or sets the user’s fax number.

Read, Write

FirstName

Gets or sets the first name of the user.

Read, Write

ForceChangePassword

Gets or sets whether or not the user is forced to change their password the next time the user signs in to Microsoft Office 365.

  • TRUE. Specifies that the user must change their password the next time the user signs in to Microsoft Office 365.
  • FALSE (default). Specifies that the user does not have to change their password the next time the user signs in to Microsoft Office 365.

Write

NOTE: To write data by using this attribute, you must at the same time write data by using the Password attribute.

HomePhone

Gets or sets the home phone number of the user.

Read, Write

ImmutableId

Gets or sets the GUID of the user in Office 365.

This GUID is used to verify the identity of the Active Directory user when the user accesses Office 365 by using single sign-on.

Note that in order the Microsoft Office 365 Connector could read the ImmutableId attribute value stored in Microsoft Office 365, that value must be in base64 encoding format. If the ImmutableId attribute value has any other encoding format, the Microsoft Office 365 Connector returns an error when reading that value.

Read, Write

Initials

Gets or sets the initials of the user.

Read, Write

LastName

Gets or sets the last name of the user.

Read, Write

LiveID

Gets the user’s unique login ID.

Read

MailboxId

Gets the GUID of the user’s mailbox.

Read

Manager

Gets or sets the name of the user’s manager.

Read, Write

MobilePhone

Gets or sets the user’s mobile phone number.

Read, Write

Name

Gets or sets the name of the user.

Read, Write

Notes

Gets or sets notes about the user.

Read, Write

ObjectID

Gets the unique object identifier (GUID).

Read

Office

Gets or sets the user’s office.

Read, Write

OtherFax

Gets or sets the alternate fax number of the user.

Read, Write

OtherHomePhone

Gets or sets the alternate home phone number of the user.

Read, Write

OtherTelephone

Gets or sets the alternate phone number of the user.

Read, Write

Pager

Gets or sets the pager of the user.

Read, Write

Password

Sets a password for the user.

Write

PasswordNeverExpires

Gets or sets whether or not the user’s password periodically expires.

This attribute can take one of the following values:

  • TRUE (default). Specifies that the user’s password never expires.
  • FALSE. Specifies that the user’s password periodically expires.

Read, Write

Phone

Gets or sets the phone number of the user.

Read, Write

PhoneNumber

Gets or sets the user’s phone number.

Read, Write

PhoneticDisplayName

Gets or sets a phonetic pronunciation of the value specified in the DisplayName attribute for the user.

Read, Write

PostalCode

Gets or sets the user’s postal code.

Read, Write

PostOfficeBox

Gets or sets the post office box number of the user.

Read, Write

PreferredLanguage

Gets or sets the preferred language for the user.

Read, Write

RemotePowerShellEnabled

Gets or sets whether remote Windows PowerShell cmdlets are available to the user.

This attribute can take one of the following values:

  • TRUE
  • FALSE

Read, Write

ResetPasswordOnNextLogon

Gets or sets whether the user must reset their password at next logon.

This attribute can take one of the following values:

TRUE

FALSE

Read, Write

SimpleDisplayName

Gets or sets an alternate description of the user in a situation where a limited set of characters is allowed.

The limited set of characters includes ASCII characters from 26 to 126.

Read, Write

State

Gets or sets the state where the user is located.

Read, Write

StateOrProvince

Gets or sets the state or province of the user.

Read, Write

StreetAddress

Gets or sets the user’s street address.

Read, Write

Title

Gets or sets the user’s title.

Read, Write

UMDtmfMap

Gets or sets whether to create a user-defined DTMF map for the user if it has Unified Messaging enabled.

Read, Write

UsageLocation

Gets or sets the two-letter ISO country designation. This attribute specifies the user’s country where services are consumed.

Read, Write

UserPrincipalName

Gets or sets the user’s Microsoft Online Services ID.

Read, Write

WebPage

Gets or sets the Web page address of the user.

Read, Write

WindowsEmailAddress

Gets or sets the email address of the user stored in Active Directory.

Read, Write

Related Documents