The Attributes field defines what attributes should be returned by the query, the attributes are specified as a comma separated list. The attributes field also support an number of additional functions for formatting, decode types, and updates.
The Attributes field has the following format:
Syntax: [Attribute[;Conditional Attribute][;DecodeType][;Type][=<Op><Value>]][,][Meta.<Type>.<Attribute>[,] []
Attribute - the name of the attribute to be returned, the list of attributes is provided in a comma separated list, i.e. name, whencreated, pwdlastset. If the attributes field is left blank all attributes of the object are returned, with the exception of constructed attributes.
Conditional Attributes - Conditional Attributes allow the user to define the value that is returned based on a true or false conditional statement. See Conditional Attributes
DecodeType - the option is used to change the default DecodeType of an attribute i.e. LastLogonTimeStamp;int64. See Decode Types for a full list of Decode Types
Type - These are the Microsoft supported options that provide additional server side functionality, they are:
Range:x-x
Binary
=Op - These are the parameters to complete update queries. See Update Query
Meta.<Type>.<Attribute> - This provides the ability to return the meta data details of an attribute in a query result. The meta data for an attribute includes the following fields - version number, local USN, originating server, time, and originating DC, any of these can be returned. The meta data is from the server being queried, to see the meta across all DC use the Meta Data option.
Type:
ver - Version
lusn - Local USN
ousn - Originating USN
time - Time of change
dc - Originating DC
Attribute - The name of the attribute
Examples:
meta.ver.objectclass
meta.time.pwdlastset
meta.dc.lastlogontimestamp