using System;
using System.Collections.Generic;
using System.Text;
namespace Pegasus.DirectoryServices
{
/// <summary>
/// Active directory user account flags
/// </summary>
[Flags]
public enum UserAccountAttributes : uint
{
/// <summary>
/// The logon script is executed.
/// </summary>
ADS_UF_SCRIPT = 0x00000001,
/// <summary>
/// The user account is disabled.
/// </summary>
ADS_UF_ACCOUNTDISABLE = 0x00000002,
/// <summary>
/// The home directory is required.
/// </summary>
ADS_UF_HOMEDIR_REQUIRED = 0x00000008,
/// <summary>
/// The account is currently locked out.
/// </summary>
ADS_UF_LOCKOUT = 0x00000010,
/// <summary>
/// No password is required.
/// </summary>
ADS_UF_PASSWD_NOTREQD = 0x00000020,
/// <summary>
/// The user cannot change the password.
/// </summary>
ADS_UF_PASSWD_CANT_CHANGE = 0x00000040,
/// <summary>
/// The user can send an encrypted password.
/// </summary>
ADS_UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED = 0x00000080,
/// <summary>
/// This is an account for users whose primary account is in another domain. This account
/// provides user access to this domain, but not to any domain that trusts this domain. Also known
/// as a local user account.
/// </summary>
ADS_UF_TEMP_DUPLICATE_ACCOUNT = 0x00000100,
/// <summary>
/// This is a default account type that represents a typical user.
/// </summary>
ADS_UF_NORMAL_ACCOUNT = 0x00000200,
/// <summary>
/// This is a permit to trust account for a system domain that trusts other domains.
/// </summary>
ADS_UF_INTERDOMAIN_TRUST_ACCOUNT = 0x00000800,
/// <summary>
/// This is a computer account for a computer that is a member of this domain.
/// </summary>
ADS_UF_WORKSTATION_TRUST_ACCOUNT = 0x00001000,
/// <summary>
/// This is a computer account for a system backup domain controller that is a member of this domain.
/// </summary>
ADS_UF_SERVER_TRUST_ACCOUNT = 0x00002000,
/// <summary>
/// The password for this account will never expire.
/// </summary>
ADS_UF_DONT_EXPIRE_PASSWD = 0x00010000,
/// <summary>
/// This is an MNS logon account.
/// </summary>
ADS_UF_MNS_LOGON_ACCOUNT = 0x00020000,
/// <summary>
/// The user must log on using a smart card.
/// </summary>
ADS_UF_SMARTCARD_REQUIRED = 0x00040000,
/// <summary>
/// The service account (user or computer account), under which a service runs, is trusted for
/// Kerberos delegation. Any such service can impersonate a client requesting the service.
/// </summary>
ADS_UF_TRUSTED_FOR_DELEGATION = 0x00080000,
/// <summary>
/// The security context of the user will not be delegated to a service even if the service account is
/// set as trusted for Kerberos delegation.
/// </summary>
ADS_UF_NOT_DELEGATED = 0x00100000,
/// <summary>
/// Restrict this principal to use only Data Encryption Standard (DES) encryption types for keys.
/// </summary>
ADS_UF_USE_DES_KEY_ONLY = 0x00200000,
/// <summary>
/// This account does not require Kerberos pre-authentication for logon.
/// </summary>
ADS_UF_DONT_REQUIRE_PREAUTH = 0x00400000,
/// <summary>
/// The user password has expired. This flag is created by the system using data from the
/// Pwd-Last-Set attribute and the domain policy.
/// </summary>
ADS_UF_PASSWORD_EXPIRED = 0x00800000,
/// <summary>
/// The account is enabled for delegation. This is a security-sensitive setting; accounts
/// with this option enabled should be strictly controlled. This setting enables a service running
/// under the account to assume a client identity and authenticate as that user to other remote
/// servers on the network.
/// </summary>
ADS_UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION = 0x01000000,
}
}