userattrs
Use the userattrs program to query account attributes in Microsoft Active Directory; to find specific useful attributes that may be used as search criteria in designing the intcptsvc configuration file.
This program is installed by intcpt.msi or intcpt-64.msi on a Windows transparent password synchronization trigger system and can be found in the following directory:
<Program Files path>\Bravura Security\\Password Filter\util\
Usage
userattrs.exe [-p <ADsPath> ] [-a <attributes>] [-c <admin account> <admin password>] [ -f <ADsSearchFilter>] -u <accounts>
Argument | Description |
|---|---|
-p, --adspath <ADsPath> | Specify the domain path (ADsPath). Available macros are %PDC%, %DC%, %DN%. The default is LDAP://%DC%/%DN%. |
-a, --attributes <attributes> | Specify the attributes to query, separated by a space. If none are specified, all attributes are queried. |
-c, --credential <admin account> <admin password> | Specify administrator account and password separated by space. If no credentials are specified, the security context of the current process is used to bind the object. |
-p, --filter <filter> | Specify the account searching criteria (ADsSearchFilter). The default is sAMAccountName=%USER%. |
-u, --users | Specify the users’ accounts to query, separated by a space. |
For example:
userattrs.exe -a DisplayName distinguishedName -u brownwi
returns:
Open an ADs object: LDAP://%DC%/%DN%...succeeded. Retrieving user [brownwi]'s attributes... Attribute: [DisplayName]: Brown, William Attribute: [_AccountName_]: brownwi Attribute: [distinguishedName]: CN=brownwi qa,CN=CertCo,DC=example,DC=local Cost : 437 (ms)