From 44c9a4efbf6c320c493a23716aa26e088c2ca72e Mon Sep 17 00:00:00 2001
From: Sean Wheeler <sean.wheeler@microsoft.com>
Date: Wed, 3 Jul 2024 10:23:59 -0500
Subject: [PATCH] Add about topics for ActiveDirectory (#3837)

* Add about topics for ActiveDirectory

* fix link
---
 .../activedirectory/About/About.md            |  11 +-
 .../About/about_ActiveDirectory.md            |  81 +++
 .../About/about_ActiveDirectory_Identity.md   | 196 ++++++
 .../about_ActiveDirectory_ObjectModel.md      | 595 ++++++++++++++++++
 .../activedirectory/About/About.md            |  11 +-
 .../About/about_ActiveDirectory.md            |  81 +++
 .../About/about_ActiveDirectory_Identity.md   | 196 ++++++
 .../about_ActiveDirectory_ObjectModel.md      | 595 ++++++++++++++++++
 .../activedirectory/About/About.md            |  11 +-
 .../About/about_ActiveDirectory.md            |  81 +++
 .../About/about_ActiveDirectory_Identity.md   | 196 ++++++
 .../about_ActiveDirectory_ObjectModel.md      | 595 ++++++++++++++++++
 .../activedirectory/About/About.md            |  11 +-
 .../About/about_ActiveDirectory.md            |  81 +++
 .../About/about_ActiveDirectory_Identity.md   | 196 ++++++
 .../about_ActiveDirectory_ObjectModel.md      | 595 ++++++++++++++++++
 .../activedirectory/About/About.md            |  11 +-
 .../About/about_ActiveDirectory.md            |  81 +++
 .../About/about_ActiveDirectory_Identity.md   | 196 ++++++
 .../about_ActiveDirectory_ObjectModel.md      | 595 ++++++++++++++++++
 .../activedirectory/About/About.md            |  11 +-
 .../About/about_ActiveDirectory.md            |  81 +++
 .../About/about_ActiveDirectory_Identity.md   | 196 ++++++
 .../about_ActiveDirectory_ObjectModel.md      | 595 ++++++++++++++++++
 24 files changed, 5292 insertions(+), 6 deletions(-)
 create mode 100644 docset/winserver2012-ps/activedirectory/About/about_ActiveDirectory.md
 create mode 100644 docset/winserver2012-ps/activedirectory/About/about_ActiveDirectory_Identity.md
 create mode 100644 docset/winserver2012-ps/activedirectory/About/about_ActiveDirectory_ObjectModel.md
 create mode 100644 docset/winserver2012r2-ps/activedirectory/About/about_ActiveDirectory.md
 create mode 100644 docset/winserver2012r2-ps/activedirectory/About/about_ActiveDirectory_Identity.md
 create mode 100644 docset/winserver2012r2-ps/activedirectory/About/about_ActiveDirectory_ObjectModel.md
 create mode 100644 docset/winserver2016-ps/activedirectory/About/about_ActiveDirectory.md
 create mode 100644 docset/winserver2016-ps/activedirectory/About/about_ActiveDirectory_Identity.md
 create mode 100644 docset/winserver2016-ps/activedirectory/About/about_ActiveDirectory_ObjectModel.md
 create mode 100644 docset/winserver2019-ps/activedirectory/About/about_ActiveDirectory.md
 create mode 100644 docset/winserver2019-ps/activedirectory/About/about_ActiveDirectory_Identity.md
 create mode 100644 docset/winserver2019-ps/activedirectory/About/about_ActiveDirectory_ObjectModel.md
 create mode 100644 docset/winserver2022-ps/activedirectory/About/about_ActiveDirectory.md
 create mode 100644 docset/winserver2022-ps/activedirectory/About/about_ActiveDirectory_Identity.md
 create mode 100644 docset/winserver2022-ps/activedirectory/About/about_ActiveDirectory_ObjectModel.md
 create mode 100644 docset/winserver2025-ps/activedirectory/About/about_ActiveDirectory.md
 create mode 100644 docset/winserver2025-ps/activedirectory/About/about_ActiveDirectory_Identity.md
 create mode 100644 docset/winserver2025-ps/activedirectory/About/about_ActiveDirectory_ObjectModel.md

diff --git a/docset/winserver2012-ps/activedirectory/About/About.md b/docset/winserver2012-ps/activedirectory/About/About.md
index adc76085b9..449df28850 100644
--- a/docset/winserver2012-ps/activedirectory/About/About.md
+++ b/docset/winserver2012-ps/activedirectory/About/About.md
@@ -2,7 +2,7 @@
 description: About articles for the ActiveDirectory module.
 Help Version: 3.1.0.0
 Locale: en-US
-ms.date: 04/22/2013
+ms.date: 07/03/2024
 title: About articles
 ---
 # About topics
@@ -13,5 +13,14 @@ About topics cover a range of concepts about PowerShell.
 
 ## About Topics
 
+### [about_ActiveDirectory](about_ActiveDirectory.md)
+The Active Directory module is a command line interface for managing Active Directory.
+
 ### [about_ActiveDirectory_Filter](about_ActiveDirectory_Filter.md)
 Describes the syntax and behavior of the search filter supported by the Active Directory module for Windows PowerShell.
+
+### [about_ActiveDirectory_Identity](about_ActiveDirectory_Identity.md)
+The Active Directory module for Windows PowerShell objects have a range of identifying attributes that are used for search and retrieval.
+
+### [about_ActiveDirectory_ObjectModel](about_ActiveDirectory_ObjectModel.md)
+Describes the object model of the Active Directory module for Windows PowerShell.
diff --git a/docset/winserver2012-ps/activedirectory/About/about_ActiveDirectory.md b/docset/winserver2012-ps/activedirectory/About/about_ActiveDirectory.md
new file mode 100644
index 0000000000..1b7183dcd2
--- /dev/null
+++ b/docset/winserver2012-ps/activedirectory/About/about_ActiveDirectory.md
@@ -0,0 +1,81 @@
+---
+title: about_ActiveDirectory
+ms.date: 04/22/2013
+description: The Active Directory module is a command line interface for managing Active Directory.
+Locale: en-US
+schema: 2.0.0
+---
+
+# about_ActiveDirectory
+
+## SHORT DESCRIPTION
+
+The Active Directory module is a command line interface for managing Active
+Directory.
+
+## LONG DESCRIPTION
+
+The Active Directory module for Windows PowerShell is for IT Professionals who
+are administering and interfacing with Active Directory. The Active Directory
+module provides an efficient way to complete many administrative,
+configuration, and diagnostic tasks across Active Directory Domain Services (AD
+DS) and Active Directory Lightweight Directory Services (AD LDS) instances in
+their environments. The Active Directory module includes a set of Windows
+PowerShell cmdlets and a provider. The provider exposes the Active Directory
+database through a hierarchical navigation system, which is very similar to the
+file system. As with drives in a file system, such as C:, you can connect
+Windows PowerShell drives to Active Directory domains and AD LDS, as well as
+Active Directory snapshots.
+
+### Coverage of Active Directory Module Cmdlets
+
+Create, Read, Update, and Delete actions are supported for Active Directory
+objects by cmdlets such as `New-ADUser`, `Get-ADOrganizationalUnit`,
+`Set-ADComputer`, and `Remove-ADUser`.
+
+Account and Password Policy Management are supported by cmdlets such as
+`Enable-ADAccount`, `Unlock-ADAccount`, `New-ADServiceAccount`,
+`Set-ADAccountControl`, and `Remove-ADFineGrainedPasswordPolicy`.
+
+Domain and Forest Management is supported by cmdlets such as `Get-ADForest`,
+`Set-ADForest`, `Set-ADForestMode`, `Enable-ADOptionalFeature`,
+`Get-ADDomainController`, and `Get-ADDomain`.
+
+### Listing the Active Directory Module Cmdlets
+
+To get a list of all of the Active Directory module cmdlets, run
+
+```powershell
+Get-Command -Module ActiveDirectory
+```
+
+### Getting Started
+
+Getting started with the Active Directory module for Windows PowerShell is as
+easy as clicking the following shortcut:
+
+Run the following command in any Windows PowerShell prompt to import the Active
+Directory module:
+
+```powershell
+Import-Module ActiveDirectory
+```
+
+### Overview and Conceptual Topics
+
+The first two of these topics offer a high level overview of the Active
+Directory module and the Active Directory Provider.
+
+- For a brief introduction to the Active Directory provider for Windows
+  PowerShell, see [ActiveDirectory](/powershell/module/activedirectory).
+- The following topics are conceptual support topics for the Active Directory
+  module cmdlets.
+  - For an introduction to the **Identity** parameter, which is used by the
+    Active Directory module cmdlets to identify objects in the directory, see
+    [about_ActiveDirectory_Identity](about_ActiveDirectory_Identity.md).
+  - For an introduction to the **Filter** parameter which is used by Active
+    Directory module cmdlets to search for objects in the directory, see
+    [about_ActiveDirectory_Filter](about_ActiveDirectory_Filter.md).
+  - For an introduction to the .NET Framework-based object model implemented by
+    the Active Directory module, see
+    [about_ActiveDirectory_ObjectModel](about_ActiveDirectory_ObjectModel.md).
diff --git a/docset/winserver2012-ps/activedirectory/About/about_ActiveDirectory_Identity.md b/docset/winserver2012-ps/activedirectory/About/about_ActiveDirectory_Identity.md
new file mode 100644
index 0000000000..c007277b19
--- /dev/null
+++ b/docset/winserver2012-ps/activedirectory/About/about_ActiveDirectory_Identity.md
@@ -0,0 +1,196 @@
+---
+title: about_ActiveDirectory_Identity
+ms.date: 04/22/2013
+description: This article lists the identifying attributes that are used for search and retrieval supported by the Active Directory module for Windows PowerShell.
+Locale: en-US
+schema: 2.0.0
+---
+
+# about_ActiveDirectory_Identity
+
+## SHORT DESCRIPTION
+
+The Active Directory module for Windows PowerShell objects have a range of
+identifying attributes that are used for search and retrieval.
+
+## LONG DESCRIPTION
+
+In order to identify the objects in Active Directory, each object has
+attributes that can be used as identifiers. In the Active Directory module, the
+value of the identity of an object can be passed using the Identity parameter.
+Each object type has its own set of possible types and values for use by the
+Identity parameter. See the detailed description of the Identity parameter of
+the given cmdlet for more information about its usage.
+
+When searching with the Active Directory module cmdlets, the value of the
+Identity parameter, along with the values of the Server and Partition
+parameters, is used to uniquely identify a single object. The Server parameter
+is used to locate which server to connect with. The Partition parameter further
+narrows the search to a specific partition. The Identity parameter then
+resolves to a single unique object in the partition.
+
+Note that using the Security Accounts Manager (SAM) Account Name
+(**sAMAccountName**) when targeting a global catalog port, you will not find a
+user in a different domain if you are using the Identity parameter
+
+If more than one object is found using identity resolution, the Active
+Directory module throws an error.
+
+For more information about the Server and Partition parameters, see the help
+topics for the individual cmdlets where they are used, such as `Get-ADUser`, by
+typing:
+
+```powershell
+Get-Help Get-ADUser
+```
+
+### Objects and Identities
+
+Each object has a list of attributes that can be used as an identity for that
+object. Additionally, if the object inherits from another object, then the
+parent object's identities can also be used as the child object's identities.
+For more information on the Active Directory object hierarchy, see
+[about_ActiveDirectory_ObjectModel](about_ActiveDirectory_ObjectModel.md).
+
+> [!NOTE]
+> For Active Directory Provider cmdlets, only an object's 'Distinguished Name'
+> or 'Relative Distinguished Name' can be used as the identity. For a list of
+> Active Directory Provider cmdlets, see ActiveDirectory.
+
+### Identity Attributes
+
+The following is a list of identity attributes by object type.
+
+- ADAccount
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Security Identifier (objectSid)
+  - SAM Account Name (sAMAccountName)
+
+- ADComputer
+  - Distinguished Name
+  - GUID  (objectGUID)
+  - Security Identifier (objectSid)
+  - Security Accounts Manager Account Name (sAMAccountName)
+
+- ADDirectoryServer
+  - Name of the server object (name)
+    - For AD LDS instances the syntax of a name is `<computer-name>$<instance-name>`
+    - For other Active Directory instances, use the value of the name property.
+  - Distinguished Name of the NTDS Settings object
+  - Distinguished Name of the server object that represents the directory
+    server.
+  - GUID (objectGUID) of server object under the configuration partition.
+  - GUID (objectGUID) of NTDS settings object under the configuration partition
+
+- ADDomain
+  - Distinguished Name
+  - GUID
+  - Security Identifier
+  - DNS domain name
+  - NetBIOS domain name
+
+- ADDomainController
+  - GUID (objectGUID)
+  - IPV4Address
+  - Global IPV6Address
+  - DNS Host Name (dNSHostName)
+  - Name of the server object
+  - Distinguished Name of the NTDS Settings object
+  - Distinguished Name of the server object that represents the domain controller
+  - GUID of NTDS settings object under the configuration partition
+  - GUID of server object under the configuration partition
+  - Distinguished Name of the computer object that represents the domain controller.
+
+- ADFineGrainedPasswordPolicy
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Name (name)
+
+- ADForest
+  - Fully qualified domain name
+  - DNS host name
+  - NetBIOS name
+
+- ADGroup
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Security Identifier (objectSid)
+  - Security Accounts Manager (SAM) Account Name (sAMAccountName)
+
+- ADObject
+  - Distinguished Name
+  - GUID (objectGUID)
+
+- ADOptionalFeature
+  - Distinguished Name
+  - Name (name)
+  - Feature GUID (featureGUID)
+  - GUID (objectGUID)
+
+- ADOrganizationalUnit
+  - Distinguished Name
+  - GUID (objectGUID)
+
+- ADPrincipal
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Security Identifier (objectSid)
+  - SAM Account Name (sAMAccountName)
+
+- ADServiceAccount
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Security Identifier (objectSid)
+  - SAM Account Name (sAMAccountName)
+
+- ADUser
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Security Identifier (objectSid)
+  - SAM User Name (sAMUserName)
+
+
+### Identities Formats
+
+Active Directory module objects have a range of identity attributes. Below is a
+list of these, their types and formats.
+
+- Distinguished Name
+  - Example: CN=SaraDavis,CN=Europe,CN=Users, DC=corp,DC=contoso,DC=com
+
+- DNS domain name
+  - Example: redmond.corp.contoso.com
+
+- DNS Host Name (dNSHostName)
+  - Example: corp-DC01.corp.contoso.com
+
+- Feature GUID (featureGUID)
+  - Example: 599c3d2e-f72d-4d20-8a88-030d99495f20
+
+- Fully qualified domain name
+  - Example: corp.contoso.com
+
+- Global IPV6Address
+  - Example: 2001:4898:0:fff:200:5efe:157.59.132.61
+
+- GUID (objectGUID)
+  - Example: 599c3d2e-f72d-4d20-8a88-030d99495f20
+
+- IPV4Address
+  - Example:157.59.132.61
+
+- NetBIOS domain name
+  - Example: redmond
+
+- Name of the server object
+  - Example: corp-DC01$
+
+- SAM Account Name (sAMAccountName)
+  - Example: saradavisreports
+
+- Security Identifier (objectSid)
+  - Example: S-1-5-21-3165297888-301567370-576410423-1103
+
+- Name
+  - Example: Recycle Bin Feature
diff --git a/docset/winserver2012-ps/activedirectory/About/about_ActiveDirectory_ObjectModel.md b/docset/winserver2012-ps/activedirectory/About/about_ActiveDirectory_ObjectModel.md
new file mode 100644
index 0000000000..8535a97464
--- /dev/null
+++ b/docset/winserver2012-ps/activedirectory/About/about_ActiveDirectory_ObjectModel.md
@@ -0,0 +1,595 @@
+---
+title: about_ActiveDirectory_ObjectModel
+ms.date: 04/22/2013
+description: Describes the object model of the Active Directory module for Windows PowerShell.
+Locale: en-US
+schema: 2.0.0
+---
+
+# about_ActiveDirectory_ObjectModel
+
+## SHORT DESCRIPTION
+Describes the object model of the Active Directory module for Windows
+PowerShell.
+
+## LONG DESCRIPTION
+
+This topic explains the Active Directory module classes and their properties
+used to model actual Active Directory attributes. It also outlines the class
+hierarchy constructed from its Active Directory counterpart. The object model
+establishes a data foundation for all the operations supported by Active
+Directory module cmdlets.
+
+### Class Hierarchy
+
+The following list shows the class hierarchy defined in the Active Directory
+module object model, with class inheritance implied by indentation. This
+inheritance model allows for Active Directory cmdlets to accept a range of
+object types as input. This means, for example, that the cmdlet
+Get-ADPrincipalGroupMembership can accept as input any of the following
+objects: ADGroup, ADAccount, ADComputer, ADServiceAccount or ADUser. This works
+because of the inheritance model and guarantees that an ADUser object has all
+of the properties of an ADPrincipal object.
+
+```
+ADEntity
+  ADRootDSE
+  ADObject
+    ADFineGrainedPasswordPolicy
+    ADOptionalFeature
+    ADOrganizationalUnit
+    ADPartition
+      ADDomain
+    ADPrincipal
+      ADAccount
+        ADComputer
+        ADServiceAccount
+        ADUser
+      ADGroup
+  ADDefaultDomainPasswordPolicy
+  ADForest
+  ADDirectoryServer
+    ADDomainController
+```
+
+### Active Directory Module Classes
+
+The following listing shows every Active Directory module class from the class
+hierarchy listing. Each class defines a set of properties, some of which are
+LDAP attributes that are retrieved by default and some are new properties
+created specifically for the Active Directory module. These new properties are
+derived from one or more LDAP attributes as outlined in the class listings.
+
+
+- ADEntity - The base level class from which all other classes are derived.
+  - ADRootDSE - Represents the rootDSE and is derived from ADEntity. An
+    ADRootDSE may contain the following properties in addition to those
+    inherited from its parent.
+    - ConfigurationNamingContext - A property of type System.String, derived
+      from the directory attribute ConfigurationNamingContext
+    - CurrentTime - A property of type System.DateTime, derived from the
+      directory attribute CurrentTime
+    - DefaultNamingContext - A property of type System.String, derived from the
+      directory attribute DefaultNamingContext
+    - DnsHostName - A property of type System.String, derived from the
+      directory attribute DnsHostName
+    - DomainControllerFunctionality - A property of type
+      ADDomainControllerMode, derived from the directory attribute
+      DomainControllerFunctionality
+    - DomainFunctionality - A property of type ADDomainMode, derived from the
+      directory attribute DomainFunctionality
+    - DsServiceName - A property of type System.String, derived from the
+      directory attribute DsServiceName
+    - ForestFunctionality - A property of type ADForestMode, derived from the
+      directory attribute ForestFunctionality
+    - GlobalCatalogReady - A property of type System.Boolean, derived from the
+      directory attribute GlobalCatalogReady
+    - HighestCommittedUSN - A property of type System.Long, derived from the
+      directory attribute HighestCommittedUSN
+    - LdapServiceName - A property of type System.String, derived from the
+      directory attribute LdapServiceName
+    - NamingContexts - A property of type System.String, derived from the
+      directory attribute NamingContexts
+    - RootDomainNamingContext - A property of type System.String, derived from
+      the directory attribute RootDomainNamingContext
+    - SchemaNamingContext - A property of type System.String, derived from the
+      directory attribute SchemaNamingContext
+    - ServerName - A property of type System.String, derived from the directory
+      attribute ServerName
+    - SubschemaSubentry - A property of type ADObject, derived from the
+      directory attribute SubschemaSubentry
+    - SupportedCapabilities - A property of type ADObjectIdentifier, derived
+      from the directory attribute SupportedCapabilities
+    - SupportedControl - A property of type ADObjectIdentifier, derived from
+      the directory attribute SupportedControl
+    - SupportedLDAPPolicies - A property of type System.String, derived from
+      the directory attribute SupportedLDAPPolicies
+    - SupportedLDAPVersion - A property of type System.Int, derived from the
+      directory attribute SupportedLDAPVersion
+    - SupportedRootDSEOperations - A property of type
+      ADPropertyValueCollection, derived from the directory attribute
+      SupportedRootDSEOperations
+    - SupportedSASLMechanisms - A property of type System.String, derived from
+      the directory attribute SupportedSASLMechanisms
+    - Syncronized - A property of type System.Boolean, derived from the
+      directory attribute IsSynchronized.
+  - ADObject - Represents any object in Active Directory and is derived from
+    ADEntity. An ADObject may contain the following properties in addition to
+    those inherited from its parent.
+    - CanonicalName - A property of type System.String, derived from the
+      directory attribute: canonicalName
+    - CN - A property of type System.String, derived from the directory
+      attribute: cn
+    - Created - A property of type System.DateTime, derived from the directory
+      attribute: createTimeStamp
+    - Deleted - A property of type System.Boolean, derived from the directory
+      attribute: isDeleted
+    - Description - A property of type System.String, derived from the
+      directory attribute: description
+    - DisplayName - A property of type System.String, derived from the
+      directory attribute: displayName
+    - DistinguishedName - A property of type System.String, derived from the
+      directory attribute: distinguishedName
+    - LastKnownParent - A property of type System.String, derived from the
+      directory attribute: lastKnownParent
+    - Modified - A property of type System.DateTime, derived from the directory
+      attribute: modifyTimeStamp
+    - Name - A property of type System.String, derived from the directory
+      attribute: name
+    - ObjectCategory - A property of type System.String, derived from the
+      directory attribute: objectCategory
+    - ObjectClass - A property of type System.String, derived from the
+      directory attribute: objectClass
+    - ObjectGUID - A property of type System.Guid, derived from the directory
+      attribute: objectGUID
+    - ProtectedFromAccidentalDeletion - A property of type System.Boolean,
+      derived from the directory attributes: nTSecurityDescriptor,
+      sdRightsEffective, instanceType, isDeleted
+    - ADFineGrainedPasswordPolicy Represents a fine grained password policy
+      object; that is, an AD object of type msDS-PasswordSettings in AD DS and
+      is derived from ADObject. This class is not supported by AD LDS. An
+      ADFineGrainedPasswordPolicy may contain the following properties in
+      addition to those inherited from its parent.
+      - AppliesTo - A property of type System.String, derived from the
+        directory attribute: msDS-PSOAppliesTo
+      - ComplexityEnabled - A property of type System.Boolean, derived from the
+        directory attribute: msDS-PasswordComplexityEnabled
+      - LockoutDuration - A property of type System.TimeSpan, derived from the
+        directory attribute: msDS-LockoutDuration
+      - LockoutObservationWindow - A property of type System.TimeSpan, derived
+        from the directory attribute: msDS-LockoutObservationWindow
+      - LockoutThreshold - A property of type System.Int32, derived from the
+        directory attribute: msDS-LockoutThreshold
+      - MaxPasswordAge - A property of type System.TimeSpan, derived from the
+        directory attribute: msDS-MaximumPasswordAge
+      - MinPasswordAge - A property of type System.TimeSpan, derived from the
+        directory attribute: msDS-MinimumPasswordAge
+      - MinPasswordLength - A property of type System.Int32, derived from the
+        directory attribute: msDS-MinimumPasswordLength
+      - PasswordHistoryCount - A property of type System.Int32, derived from
+        the directory attribute: msDS-PasswordHistoryLength
+      - Precedence - A property of type System.Int32, derived from the
+        directory attribute: msDS-PasswordSettingsPrecedence
+      - ReversibleEncryptionEnabled - A property of type System.Boolean,
+        derived from the directory attribute:
+        msDS-PasswordReversibleEncryptionEnabled
+    - ADOptionalFeature Represents an optional feature, an Active Directory
+      object of type msDS-OptionalFeature, and is derived from ADObject. An
+      ADOptionalFeaturemay contain the following properties in addition to
+      those inherited from its parent.
+      - EnabledScopes - A property of type System.String, derived from the
+        directory attribute: msDS-EnabledFeatureBL
+      - FeatureGUID - A property of type System.Guid, derived from the
+        directory attribute: msDS-OptionalFeatureGUID
+      - FeatureScope - A property of type System.Int32, derived from the
+        directory attribute: msDS-OptionalFeatureFlags
+      - IsDisableable - A property of type System.Boolean, derived from the
+        directory attribute: msDS-OptionalFeatureFlags
+      - RequiredDomainMode - A property of type
+        Microsoft.ActiveDirectory.Management.ADDomainMode, derived from the
+        directory attribute: msDS-RequiredDomainBehaviorVersion
+      - RequiredForestMode - A property of type
+        Microsoft.ActiveDirectory.Management.ADForestMode, derived from the
+        directory attribute: msDS-RequiredForestBehaviorVersion
+    - ADOrganizationalUnit Represents an organizationalUnit (OU) object and is
+      derived from ADObject. An ADOrganizationalUnit may contain the following
+      properties in addition to those inherited from its parent.
+      - City - A property of type System.String, derived from the directory
+        attribute: l
+      - Country - A property of type System.String, derived from the directory
+        attribute: c
+      - LinkedGroupPolicyObjects - A property of type System.String, derived
+        from the directory attribute: gpLink. This property is not supported on
+        AD LDS.
+      - ManagedBy - A property of type System.String, derived from the
+        directory attribute: managedBy
+      - PostalCode - A property of type System.String, derived from the
+        directory attribute: postalCode
+      - State - A property of type System.String, derived from the directory
+        attribute: st
+      - StreetAddress - A property of type System.String, derived from the
+        directory attribute: street
+    - ADPartition - Represents a naming context, Configuration, Schema, Domain
+      or Application Partition(ND NC) and is derived from ADObject. This class
+      is not supported by AD LDS. An ADPartition may contain the following
+      properties in addition to those inherited from its parent.
+      - DeletedObjectsContainer - A property of type System.String, derived
+        from the directory attribute: DeletedObjectsContainer
+      - DNSRoot - A property of type System.String, derived from the directory
+        attribute: DNSRoot
+      - LostAndFoundContainer - A property of type System.String, derived from
+        the directory attribute: LostAndFoundContainer
+      - QuotasContainer - A property of type System.String, derived from the
+        directory attribute: QuotasContainer
+      - ReadOnlyReplicaDirectoryServers - A property of type System.String,
+        derived from the directory attribute: ReadOnlyReplicaDirectoryServers
+      - ReplicaDirectoryServers - A property of type System.String, derived
+        from the directory attribute: ReplicaDirectoryServers
+      - SubordinateReferences - A property of type System.String, derived from
+        the directory attribute: SubordinateReferences
+      - ADDomain - Represents a domain in AD DS or an instance in AD LDS; for
+        example, an Active Directory object of type domainDNS and is derived
+        from ADPartition. This class is not supported by AD LDS. An ADDomain
+        may contain the following properties in addition to those inherited
+        from its parent.
+        - AllowedDNSSuffixes - A property of type System.String, derived from
+          the directory attribute: msDS-AllowedDNSSuffixes
+        - ChildDomains - A property of type System.String, derived from the
+          directory attribute: ChildDomains
+        - ComputersContainer - A property of type System.String, derived from
+          the directory attribute: ComputersContainer
+        - DomainControllersContainer - A property of type System.String,
+          derived from the directory attribute: DomainControllersContainer
+        - DomainMode - A property of type System.Int32, derived from the
+          directory attribute: msDS-Behavior-Version
+        - DomainSID - A property of type
+          System.Security.Principal.SecurityIdentifier, derived from the
+          directory attribute: objectSid
+        - ForeignSecurityPrincipalsContainer - A property of type
+          System.String, derived from the directory attribute:
+          ForeignSecurityPrincipalsContainer
+        - Forest - A property of type System.String, derived from the directory
+          attribute: Forest
+        - InfrastructureMaster - A property of type System.String, derived from
+          the directory attribute: InfrastructureMaster
+        - LastLogonReplicationInterval - A property of type System.TimeSpan,
+          derived from the directory attribute: msDS-LogonTimeSyncInterval
+        - LinkedGroupPolicyObjects - A property of type System.String, derived
+          from the directory attribute: LinkedGroupPolicyObjects
+        - ManagedBy - A property of type System.String, derived from the
+          directory attribute: managedBy
+        - NetBIOSName - A property of type System.String, derived from the
+          directory attribute: NetBIOSName
+        - ParentDomain - A property of type System.String, derived from the
+          directory attribute: ParentDomain
+        - PDCEmulator - A property of type System.String, derived from the
+          directory attribute: PDCEmulator
+        - RIDMaster - A property of type System.String, derived from the
+          directory attribute: RIDMaster
+        - SystemsContainer - A property of type System.String, derived from the
+          directory attribute: SystemsContainer
+        - UsersContainer - A property of type System.String, derived from the
+          directory attribute: UsersContainer
+      - ADPrincipal - Represents a security principal, which is an Active
+        Directory object of type user, computer, group or iNetOrgPerson and is
+        derived from ADObject. An ADPrincipal may contain the following
+        properties in addition to those inherited from its parent.
+        - HomePage - A property of type System.String, derived from the
+          directory attribute: wWWHomePage
+        - MemberOf - A property of type System.String, derived from the
+          directory attribute: memberOf
+        - SamAccountName - A property of type System.String, derived from the
+          directory attribute: sAMAccountName. This property is not supported
+          for AD LDS.
+        - SID - A property of type
+          System.Security.Principal.SecurityIdentifier, derived from the
+          directory attribute: objectSid
+        - SIDHistory - A property of type
+          System.Security.Principal.SecurityIdentifier, derived from the
+          directory attribute: sIDHistory. This property is not supported for
+          AD LDS.
+        - ADAccount - Represents a security account; that is, an Active
+          Directory object of type user, computer or iNetOrgPerson and is
+          derived from ADPrincipal. An ADAccount may contain the following
+          properties in addition to those inherited from its parent.
+          - AccountExpirationDate - A property of type System.DateTime, derived
+            from the directory attribute: accountExpires
+          - AccountLockoutTime - A property of type System.DateTime, derived
+            from the directory attribute: lockoutTime
+          - AccountNotDelegated - A property of type System.Boolean, derived
+            from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - AllowReversiblePasswordEncryption - A property of type
+            System.Boolean, for AD DS it is derived from the directory
+            attribute: userAccountControl; for AD LDS it is derived from the
+            directory attribute: ms-DS-UserEncryptedTextPasswordAllowed
+          - BadLogonCount - A property of type System.Int32, derived from the
+            directory attribute: badPwdCount
+          - CannotChangePassword - A property of type System.Boolean, derived
+            from the directory attribute: nTSecurityDescriptor
+          - Certificates - A property of type
+            System.Security.Cryptography.X509Certificates.X509Certificate,
+            derived from the directory attribute: userCertificate
+          - DoesNotRequirePreAuth - A property of type System.Boolean, derived
+            from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - Enabled - A property of type System.Boolean, for AD DS it is
+            derived from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed; for AD LDS it is derived from
+            the directory attribute msDS-UserAccountDisabled
+          - HomedirRequired - A property of type System.Boolean, derived from
+            the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - LastBadPasswordAttempt - A property of type System.DateTime,
+            derived from the directory attribute: badPasswordTime
+          - LastLogonDate - A property of type System.DateTime, derived from
+            the directory attribute: lastLogonTimestamp
+          - LockedOut - A property of type System.Boolean, for AD DS it is
+            derived from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed, lockoutTime; for AD LDS it is
+            derived from the directory attribute msDS-UserAccountDisabled
+          - MNSLogonAccount - A property of type System.Boolean, derived from
+            the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - PasswordExpired - A property of type System.Boolean, for AD DS it
+            is derived from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed; for AD LDS it is derived from
+            the directory attribute msDS-UserPasswordExpired
+          - PasswordLastSet - A property of type System.DateTime, derived from
+            the directory attribute: pwdLastSet
+          - PasswordNeverExpires - A property of type System.Boolean, for AD
+            LDS it is derived from the directory attributes:
+            userAccountControl, msDS-User-Account-Control-Computed; for AD LDS
+            it is derived from the directory attribute:
+            msDS-UserDontExpirePassword
+          - PasswordNotRequired - A property of type System.Boolean, for AD DS
+            it is derived from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed; for AD LDS it is derived from
+            the directory attribute: ms-DS-UserPasswordNotRequired
+          - PrimaryGroup - A property of type System.String, derived from the
+            directory attributes: primaryGroupID, objectSid. This property is
+            not supported by AD LDS.
+          - ServicePrincipalNames - A property of type System.String, derived
+            from the directory attribute: servicePrincipalName. This property
+            is not supported by AD LDS.
+          - TrustedForDelegation - A property of type System.Boolean, derived
+            from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - TrustedToAuthForDelegation - A property of type System.Boolean,
+            derived from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - UseDESKeyOnly - A property of type System.Boolean, derived from the
+            directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - UserPrincipalName - A property of type System.String, derived from
+            the directory attribute: userPrincipalName
+          - ADComputer - Represents a computer and is derived from ADAccount.
+            An ADComputer may contain the following properties in addition to
+            those inherited from its parent.
+            - DNSHostName - A property of type System.String, derived from the
+              directory attribute: dNSHostName
+            - IPv4Address - A property of type System.String, derived from the
+              directory attribute: dNSHostName
+            - IPv6Address - A property of type System.String, derived from the
+              directory attribute: dNSHostName
+            - Location - A property of type System.String, derived from the
+              directory attribute: location
+            - ManagedBy - A property of type System.String, derived from the
+              directory attribute: managedBy
+            - OperatingSystem - A property of type System.String, derived from
+              the directory attribute: operatingSystem
+            - OperatingSystemHotfix - A property of type System.String, derived
+              from the directory attribute: operatingSystemHotfix
+            - OperatingSystemServicePack - A property of type System.String,
+              derived from the directory attribute: operatingSystemServicePack
+            - OperatingSystemVersion - A property of type System.String,
+              derived from the directory attribute: operatingSystemVersion
+            - ServiceAccount - A property of type System.String, derived from
+              the directory attribute: msDS-HostServiceAccount
+          - ADServiceAccount - Represents a managed service account; that is,
+            an Active Directory object of type msDS-ManagerdServiceAccount and
+            is derived from ADAccount. This class is not supported by AD LDS.
+            An ADServiceAccount may contain the following properties in
+            addition to those inherited from its parent.
+            - HostComputers - A property of type System.String, derived from
+              the directory attribute: msDS-HostServiceAccountBL
+          - ADUser - Represents a user (or iNetOrgPerson) and is derived from
+            ADAccount. An ADUser may contain the following properties in
+            addition to those inherited from its parent.
+            - City - A property of type System.String, derived from the
+              directory attribute: l
+            - Company - A property of type System.String, derived from the
+              directory attribute: company
+            - Country - A property of type System.String, derived from the
+              directory attribute: c
+            - Department - A property of type System.String, derived from the
+              directory attribute: department
+            - Division - A property of type System.String, derived from the
+              directory attribute: division
+            - EmailAddress - A property of type System.String, derived from the
+              directory attribute: mail
+            - EmployeeID - A property of type System.String, derived from the
+              directory attribute: employeeID
+            - EmployeeNumber - A property of type System.String, derived from
+              the directory attribute: employeeNumber
+            - Fax - A property of type System.String, derived from the
+              directory attribute: facsimileTelephoneNumber
+            - GivenName - A property of type System.String, derived from the
+              directory attribute: givenName
+            - HomeDirectory - A property of type System.String, derived from
+              the directory attribute: homeDirectory. This property is not
+              supported by AD LDS.
+            - HomeDrive - A property of type System.String, derived from the
+              directory attribute: homeDrive. This property is not supported by
+              AD LDS.
+            - HomePhone - A property of type System.String, derived from the
+              directory attribute: homePhone
+            - Initials - A property of type System.String, derived from the
+              directory attribute: initials
+            - LogonWorkstations - A property of type System.String, derived
+              from the directory attribute: userWorkstations. This property is
+              not supported by AD LDS.
+            - Manager - A property of type System.String, derived from the
+              directory attribute: manager
+            - MobilePhone - A property of type System.String, derived from the
+              directory attribute: mobile
+            - Office - A property of type System.String, derived from the
+              directory attribute: physicalDeliveryOfficeName
+            - OfficePhone - A property of type System.String, derived from the
+              directory attribute: telephoneNumber
+            - Organization - A property of type System.String, derived from the
+              directory attribute: o
+            - OtherName - A property of type System.String, derived from the
+              directory attribute: middleName
+            - POBox - A property of type System.String, derived from the
+              directory attribute: postOfficeBox
+            - PostalCode - A property of type System.String, derived from the
+              directory attribute: postalCode
+            - ProfilePath - A property of type System.String, derived from the
+              directory attribute: profilePath. This property is not supported
+              by AD LDS.
+            - ScriptPath - A property of type System.String, derived from the
+              directory attribute: scriptPath. This property is not supported
+              by AD LDS.
+            - SmartcardLogonRequired - A property of type System.Boolean,
+              derived from the directory attributes: userAccountControl,
+              msDS-User-Account-Control-Computed. This property is not
+              supported by AD LDS.
+            - State - A property of type System.String, derived from the
+              directory attribute: st
+            - StreetAddress - A property of type System.String, derived from
+              the directory attribute: streetAddress
+            - Surname - A property of type System.String, derived from the
+              directory attribute: sn
+            - Title - A property of type System.String, derived from the
+              directory attribute: title
+        - ADGroup -Represents a group and is derived from ADPrincipal. An
+          ADGroup may contain the following properties in addition to those
+          inherited from its parent.
+          - GroupCategory - A property of type
+            Microsoft.ActiveDirectory.Management.ADGroupCategory, derived from
+            the directory attribute: groupType
+          - GroupScope - A property of type
+            Microsoft.ActiveDirectory.Management.ADGroupScope, derived from the
+            directory attribute: groupType
+          - ManagedBy - A property of type System.String, derived from the
+            directory attribute: managedBy
+          - Members - A property of type System.String, derived from the
+            directory attribute: member
+  - ADDefaultDomainPasswordPolicy - Represents the domain-wide password policy
+    of an Active Directory domain and is derived from ADEntity. This class is
+    not supported by AD LDS. An ADDefaultDomainPasswordPolicy may contain the
+    following properties in addition to those inherited from its parent.
+    - ComplexityEnabled - A property of type System.Boolean, derived from the
+      directory attribute: pwdProperties
+    - DistinguishedName - A property of type System.String, derived from the
+      directory attribute: distinguishedName
+    - LockoutDuration - A property of type System.TimeSpan, derived from the
+      directory attribute: lockoutDuration
+    - LockoutObservationWindow - A property of type System.TimeSpan, derived
+      from the directory attribute: lockoutObservationWindow
+    - LockoutThreshold - A property of type System.Int32, derived from the
+      directory attribute: lockoutThreshold
+    - MaxPasswordAge - A property of type System.TimeSpan, derived from the
+      directory attribute: maxPwdAge
+    - MinPasswordAge - A property of type System.TimeSpan, derived from the
+      directory attribute: minPwdAge
+    - MinPasswordLength - A property of type System.Int32, derived from the
+      directory attribute: minPwdLength
+    - PasswordHistoryCount - A property of type System.Int32, derived from the
+      directory attribute: pwdHistoryLength
+    - ReversibleEncryptionEnabled - A property of type System.Boolean, derived
+      from the directory attribute: pwdProperties
+  - ADForest - Represents a Active Directory forest in AD DS or a Configuration
+    Set in AD LDS and is derived from ADEntity. This class is not supported by
+    AD LDS. An ADForest may contain the following properties in addition to
+    those inherited from its parent.
+    - ApplicationPartitions - A property of type System.String, derived from
+      the directory attribute: ApplicationPartitions
+    - CrossForestReferences - A property of type System.String, derived from
+      the directory attribute: CrossForestReferences
+    - DomainNamingMaster - A property of type System.String, derived from the
+      directory attribute: DomainNamingMaster
+    - Domains - A property of type System.String, derived from the directory
+      attribute: Domains
+    - ForestMode - A property of type System.Int32, derived from the directory
+      attribute: msDS-Behavior-Version
+    - GlobalCatalogs - A property of type System.String, derived from the
+      directory attribute: GlobalCatalogs
+    - Name - A property of type System.String, derived from the directory
+      attribute: name
+    - PartitionContainerName - A property of type System.String, derived from
+      the directory attribute: distinguishedName
+    - RootDomain - A property of type System.String, derived from the directory
+      attribute: RootDomain
+    - SchemaMaster - A property of type System.String, derived from the
+      directory attribute: SchemaMaster
+    - Sites - A property of type System.String, derived from the directory
+      attribute: Sites
+    - SPNSuffixes - A property of type System.String, derived from the
+      directory attribute: msDS-SPNSuffixes
+    - UPNSuffixes - A property of type System.String, derived from the
+      directory attribute: uPNSuffixes
+  - ADDirectoryServer - Represents a directory server used as either a domain
+    controller or an AD LDS instance and is derived from ADEntity. An
+    ADDirectoryServer may contain the following properties in addition to those
+    inherited from its parent.
+    - DefaultPartition - A property of type System.String, derived from the
+      directory attribute: DefaultPartition
+    - HostName - A property of type System.String, derived from the directory
+      attribute: HostName
+    - InvocationId - A property of type System.Guid, derived from the directory
+      attribute: InvocationId
+    - IPv4Address - A property of type System.String, derived from the
+      directory attribute: HostName
+    - IPv6Address - A property of type System.String, derived from the
+      directory attribute: HostName
+    - LdapPort - A property of type System.Int32, derived from the directory
+      attribute: LdapPort
+    - Name - A property of type System.String, derived from the directory
+      attribute: Name
+    - NTDSSettingsObjectDN - A property of type System.String, derived from the
+      directory attribute: NTDSSettingsObjectDN
+    - OperationMasterRoles - A property of type
+      Microsoft.ActiveDirectory.Management.ADOperationMasterRole, derived from
+      the directory attribute: OperationMasterRole
+    - Partitions - A property of type System.String, derived from the directory
+      attribute: Partitions
+    - ServerObjectDN - A property of type System.String, derived from the
+      directory attribute: ServerObjectDN
+    - ServerObjectGuid - A property of type System.Guid, derived from the
+      directory attribute: ServerObjectGuid
+    - Site - A property of type System.String, derived from the directory
+      attribute: Site
+    - SslPort - A property of type System.Int32, derived from the directory
+      attribute: SslPort
+    - ADDomainController - Represents a domain controller in AD DS and is
+      derived from ADDirectoryServer. An ADDomainController may contain the
+      following properties in addition to those inherited from its parent.
+      - ComputerObjectDN - A property of type System.String, derived from the
+        directory attribute: ComputerDN
+      - Domain - A property of type System.String, derived from the directory
+        attribute: Domain
+      - Enabled - A property of type System.Boolean, derived from the directory
+        attribute: Enabled
+      - Forest - A property of type System.String, derived from the directory
+        attribute: Forest
+      - IsGlobalCatalog - A property of type System.Boolean, derived from the
+        directory attribute: IsGlobalCatalog
+      - IsReadOnly - A property of type System.Boolean, derived from the
+        directory attribute: IsReadOnly
+      - OperatingSystem - A property of type System.String, derived from the
+        directory attribute: OSName
+      - OperatingSystemHotfix - A property of type System.String, derived from
+        the directory attribute: OSHotFix
+      - OperatingSystemServicePack - A property of type System.String, derived
+        from the directory attribute: OSServicepack
+      - OperatingSystemVersion - A property of type System.String, derived from
+        the directory attribute: OSVersion
diff --git a/docset/winserver2012r2-ps/activedirectory/About/About.md b/docset/winserver2012r2-ps/activedirectory/About/About.md
index adc76085b9..449df28850 100644
--- a/docset/winserver2012r2-ps/activedirectory/About/About.md
+++ b/docset/winserver2012r2-ps/activedirectory/About/About.md
@@ -2,7 +2,7 @@
 description: About articles for the ActiveDirectory module.
 Help Version: 3.1.0.0
 Locale: en-US
-ms.date: 04/22/2013
+ms.date: 07/03/2024
 title: About articles
 ---
 # About topics
@@ -13,5 +13,14 @@ About topics cover a range of concepts about PowerShell.
 
 ## About Topics
 
+### [about_ActiveDirectory](about_ActiveDirectory.md)
+The Active Directory module is a command line interface for managing Active Directory.
+
 ### [about_ActiveDirectory_Filter](about_ActiveDirectory_Filter.md)
 Describes the syntax and behavior of the search filter supported by the Active Directory module for Windows PowerShell.
+
+### [about_ActiveDirectory_Identity](about_ActiveDirectory_Identity.md)
+The Active Directory module for Windows PowerShell objects have a range of identifying attributes that are used for search and retrieval.
+
+### [about_ActiveDirectory_ObjectModel](about_ActiveDirectory_ObjectModel.md)
+Describes the object model of the Active Directory module for Windows PowerShell.
diff --git a/docset/winserver2012r2-ps/activedirectory/About/about_ActiveDirectory.md b/docset/winserver2012r2-ps/activedirectory/About/about_ActiveDirectory.md
new file mode 100644
index 0000000000..1b7183dcd2
--- /dev/null
+++ b/docset/winserver2012r2-ps/activedirectory/About/about_ActiveDirectory.md
@@ -0,0 +1,81 @@
+---
+title: about_ActiveDirectory
+ms.date: 04/22/2013
+description: The Active Directory module is a command line interface for managing Active Directory.
+Locale: en-US
+schema: 2.0.0
+---
+
+# about_ActiveDirectory
+
+## SHORT DESCRIPTION
+
+The Active Directory module is a command line interface for managing Active
+Directory.
+
+## LONG DESCRIPTION
+
+The Active Directory module for Windows PowerShell is for IT Professionals who
+are administering and interfacing with Active Directory. The Active Directory
+module provides an efficient way to complete many administrative,
+configuration, and diagnostic tasks across Active Directory Domain Services (AD
+DS) and Active Directory Lightweight Directory Services (AD LDS) instances in
+their environments. The Active Directory module includes a set of Windows
+PowerShell cmdlets and a provider. The provider exposes the Active Directory
+database through a hierarchical navigation system, which is very similar to the
+file system. As with drives in a file system, such as C:, you can connect
+Windows PowerShell drives to Active Directory domains and AD LDS, as well as
+Active Directory snapshots.
+
+### Coverage of Active Directory Module Cmdlets
+
+Create, Read, Update, and Delete actions are supported for Active Directory
+objects by cmdlets such as `New-ADUser`, `Get-ADOrganizationalUnit`,
+`Set-ADComputer`, and `Remove-ADUser`.
+
+Account and Password Policy Management are supported by cmdlets such as
+`Enable-ADAccount`, `Unlock-ADAccount`, `New-ADServiceAccount`,
+`Set-ADAccountControl`, and `Remove-ADFineGrainedPasswordPolicy`.
+
+Domain and Forest Management is supported by cmdlets such as `Get-ADForest`,
+`Set-ADForest`, `Set-ADForestMode`, `Enable-ADOptionalFeature`,
+`Get-ADDomainController`, and `Get-ADDomain`.
+
+### Listing the Active Directory Module Cmdlets
+
+To get a list of all of the Active Directory module cmdlets, run
+
+```powershell
+Get-Command -Module ActiveDirectory
+```
+
+### Getting Started
+
+Getting started with the Active Directory module for Windows PowerShell is as
+easy as clicking the following shortcut:
+
+Run the following command in any Windows PowerShell prompt to import the Active
+Directory module:
+
+```powershell
+Import-Module ActiveDirectory
+```
+
+### Overview and Conceptual Topics
+
+The first two of these topics offer a high level overview of the Active
+Directory module and the Active Directory Provider.
+
+- For a brief introduction to the Active Directory provider for Windows
+  PowerShell, see [ActiveDirectory](/powershell/module/activedirectory).
+- The following topics are conceptual support topics for the Active Directory
+  module cmdlets.
+  - For an introduction to the **Identity** parameter, which is used by the
+    Active Directory module cmdlets to identify objects in the directory, see
+    [about_ActiveDirectory_Identity](about_ActiveDirectory_Identity.md).
+  - For an introduction to the **Filter** parameter which is used by Active
+    Directory module cmdlets to search for objects in the directory, see
+    [about_ActiveDirectory_Filter](about_ActiveDirectory_Filter.md).
+  - For an introduction to the .NET Framework-based object model implemented by
+    the Active Directory module, see
+    [about_ActiveDirectory_ObjectModel](about_ActiveDirectory_ObjectModel.md).
diff --git a/docset/winserver2012r2-ps/activedirectory/About/about_ActiveDirectory_Identity.md b/docset/winserver2012r2-ps/activedirectory/About/about_ActiveDirectory_Identity.md
new file mode 100644
index 0000000000..c007277b19
--- /dev/null
+++ b/docset/winserver2012r2-ps/activedirectory/About/about_ActiveDirectory_Identity.md
@@ -0,0 +1,196 @@
+---
+title: about_ActiveDirectory_Identity
+ms.date: 04/22/2013
+description: This article lists the identifying attributes that are used for search and retrieval supported by the Active Directory module for Windows PowerShell.
+Locale: en-US
+schema: 2.0.0
+---
+
+# about_ActiveDirectory_Identity
+
+## SHORT DESCRIPTION
+
+The Active Directory module for Windows PowerShell objects have a range of
+identifying attributes that are used for search and retrieval.
+
+## LONG DESCRIPTION
+
+In order to identify the objects in Active Directory, each object has
+attributes that can be used as identifiers. In the Active Directory module, the
+value of the identity of an object can be passed using the Identity parameter.
+Each object type has its own set of possible types and values for use by the
+Identity parameter. See the detailed description of the Identity parameter of
+the given cmdlet for more information about its usage.
+
+When searching with the Active Directory module cmdlets, the value of the
+Identity parameter, along with the values of the Server and Partition
+parameters, is used to uniquely identify a single object. The Server parameter
+is used to locate which server to connect with. The Partition parameter further
+narrows the search to a specific partition. The Identity parameter then
+resolves to a single unique object in the partition.
+
+Note that using the Security Accounts Manager (SAM) Account Name
+(**sAMAccountName**) when targeting a global catalog port, you will not find a
+user in a different domain if you are using the Identity parameter
+
+If more than one object is found using identity resolution, the Active
+Directory module throws an error.
+
+For more information about the Server and Partition parameters, see the help
+topics for the individual cmdlets where they are used, such as `Get-ADUser`, by
+typing:
+
+```powershell
+Get-Help Get-ADUser
+```
+
+### Objects and Identities
+
+Each object has a list of attributes that can be used as an identity for that
+object. Additionally, if the object inherits from another object, then the
+parent object's identities can also be used as the child object's identities.
+For more information on the Active Directory object hierarchy, see
+[about_ActiveDirectory_ObjectModel](about_ActiveDirectory_ObjectModel.md).
+
+> [!NOTE]
+> For Active Directory Provider cmdlets, only an object's 'Distinguished Name'
+> or 'Relative Distinguished Name' can be used as the identity. For a list of
+> Active Directory Provider cmdlets, see ActiveDirectory.
+
+### Identity Attributes
+
+The following is a list of identity attributes by object type.
+
+- ADAccount
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Security Identifier (objectSid)
+  - SAM Account Name (sAMAccountName)
+
+- ADComputer
+  - Distinguished Name
+  - GUID  (objectGUID)
+  - Security Identifier (objectSid)
+  - Security Accounts Manager Account Name (sAMAccountName)
+
+- ADDirectoryServer
+  - Name of the server object (name)
+    - For AD LDS instances the syntax of a name is `<computer-name>$<instance-name>`
+    - For other Active Directory instances, use the value of the name property.
+  - Distinguished Name of the NTDS Settings object
+  - Distinguished Name of the server object that represents the directory
+    server.
+  - GUID (objectGUID) of server object under the configuration partition.
+  - GUID (objectGUID) of NTDS settings object under the configuration partition
+
+- ADDomain
+  - Distinguished Name
+  - GUID
+  - Security Identifier
+  - DNS domain name
+  - NetBIOS domain name
+
+- ADDomainController
+  - GUID (objectGUID)
+  - IPV4Address
+  - Global IPV6Address
+  - DNS Host Name (dNSHostName)
+  - Name of the server object
+  - Distinguished Name of the NTDS Settings object
+  - Distinguished Name of the server object that represents the domain controller
+  - GUID of NTDS settings object under the configuration partition
+  - GUID of server object under the configuration partition
+  - Distinguished Name of the computer object that represents the domain controller.
+
+- ADFineGrainedPasswordPolicy
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Name (name)
+
+- ADForest
+  - Fully qualified domain name
+  - DNS host name
+  - NetBIOS name
+
+- ADGroup
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Security Identifier (objectSid)
+  - Security Accounts Manager (SAM) Account Name (sAMAccountName)
+
+- ADObject
+  - Distinguished Name
+  - GUID (objectGUID)
+
+- ADOptionalFeature
+  - Distinguished Name
+  - Name (name)
+  - Feature GUID (featureGUID)
+  - GUID (objectGUID)
+
+- ADOrganizationalUnit
+  - Distinguished Name
+  - GUID (objectGUID)
+
+- ADPrincipal
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Security Identifier (objectSid)
+  - SAM Account Name (sAMAccountName)
+
+- ADServiceAccount
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Security Identifier (objectSid)
+  - SAM Account Name (sAMAccountName)
+
+- ADUser
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Security Identifier (objectSid)
+  - SAM User Name (sAMUserName)
+
+
+### Identities Formats
+
+Active Directory module objects have a range of identity attributes. Below is a
+list of these, their types and formats.
+
+- Distinguished Name
+  - Example: CN=SaraDavis,CN=Europe,CN=Users, DC=corp,DC=contoso,DC=com
+
+- DNS domain name
+  - Example: redmond.corp.contoso.com
+
+- DNS Host Name (dNSHostName)
+  - Example: corp-DC01.corp.contoso.com
+
+- Feature GUID (featureGUID)
+  - Example: 599c3d2e-f72d-4d20-8a88-030d99495f20
+
+- Fully qualified domain name
+  - Example: corp.contoso.com
+
+- Global IPV6Address
+  - Example: 2001:4898:0:fff:200:5efe:157.59.132.61
+
+- GUID (objectGUID)
+  - Example: 599c3d2e-f72d-4d20-8a88-030d99495f20
+
+- IPV4Address
+  - Example:157.59.132.61
+
+- NetBIOS domain name
+  - Example: redmond
+
+- Name of the server object
+  - Example: corp-DC01$
+
+- SAM Account Name (sAMAccountName)
+  - Example: saradavisreports
+
+- Security Identifier (objectSid)
+  - Example: S-1-5-21-3165297888-301567370-576410423-1103
+
+- Name
+  - Example: Recycle Bin Feature
diff --git a/docset/winserver2012r2-ps/activedirectory/About/about_ActiveDirectory_ObjectModel.md b/docset/winserver2012r2-ps/activedirectory/About/about_ActiveDirectory_ObjectModel.md
new file mode 100644
index 0000000000..8535a97464
--- /dev/null
+++ b/docset/winserver2012r2-ps/activedirectory/About/about_ActiveDirectory_ObjectModel.md
@@ -0,0 +1,595 @@
+---
+title: about_ActiveDirectory_ObjectModel
+ms.date: 04/22/2013
+description: Describes the object model of the Active Directory module for Windows PowerShell.
+Locale: en-US
+schema: 2.0.0
+---
+
+# about_ActiveDirectory_ObjectModel
+
+## SHORT DESCRIPTION
+Describes the object model of the Active Directory module for Windows
+PowerShell.
+
+## LONG DESCRIPTION
+
+This topic explains the Active Directory module classes and their properties
+used to model actual Active Directory attributes. It also outlines the class
+hierarchy constructed from its Active Directory counterpart. The object model
+establishes a data foundation for all the operations supported by Active
+Directory module cmdlets.
+
+### Class Hierarchy
+
+The following list shows the class hierarchy defined in the Active Directory
+module object model, with class inheritance implied by indentation. This
+inheritance model allows for Active Directory cmdlets to accept a range of
+object types as input. This means, for example, that the cmdlet
+Get-ADPrincipalGroupMembership can accept as input any of the following
+objects: ADGroup, ADAccount, ADComputer, ADServiceAccount or ADUser. This works
+because of the inheritance model and guarantees that an ADUser object has all
+of the properties of an ADPrincipal object.
+
+```
+ADEntity
+  ADRootDSE
+  ADObject
+    ADFineGrainedPasswordPolicy
+    ADOptionalFeature
+    ADOrganizationalUnit
+    ADPartition
+      ADDomain
+    ADPrincipal
+      ADAccount
+        ADComputer
+        ADServiceAccount
+        ADUser
+      ADGroup
+  ADDefaultDomainPasswordPolicy
+  ADForest
+  ADDirectoryServer
+    ADDomainController
+```
+
+### Active Directory Module Classes
+
+The following listing shows every Active Directory module class from the class
+hierarchy listing. Each class defines a set of properties, some of which are
+LDAP attributes that are retrieved by default and some are new properties
+created specifically for the Active Directory module. These new properties are
+derived from one or more LDAP attributes as outlined in the class listings.
+
+
+- ADEntity - The base level class from which all other classes are derived.
+  - ADRootDSE - Represents the rootDSE and is derived from ADEntity. An
+    ADRootDSE may contain the following properties in addition to those
+    inherited from its parent.
+    - ConfigurationNamingContext - A property of type System.String, derived
+      from the directory attribute ConfigurationNamingContext
+    - CurrentTime - A property of type System.DateTime, derived from the
+      directory attribute CurrentTime
+    - DefaultNamingContext - A property of type System.String, derived from the
+      directory attribute DefaultNamingContext
+    - DnsHostName - A property of type System.String, derived from the
+      directory attribute DnsHostName
+    - DomainControllerFunctionality - A property of type
+      ADDomainControllerMode, derived from the directory attribute
+      DomainControllerFunctionality
+    - DomainFunctionality - A property of type ADDomainMode, derived from the
+      directory attribute DomainFunctionality
+    - DsServiceName - A property of type System.String, derived from the
+      directory attribute DsServiceName
+    - ForestFunctionality - A property of type ADForestMode, derived from the
+      directory attribute ForestFunctionality
+    - GlobalCatalogReady - A property of type System.Boolean, derived from the
+      directory attribute GlobalCatalogReady
+    - HighestCommittedUSN - A property of type System.Long, derived from the
+      directory attribute HighestCommittedUSN
+    - LdapServiceName - A property of type System.String, derived from the
+      directory attribute LdapServiceName
+    - NamingContexts - A property of type System.String, derived from the
+      directory attribute NamingContexts
+    - RootDomainNamingContext - A property of type System.String, derived from
+      the directory attribute RootDomainNamingContext
+    - SchemaNamingContext - A property of type System.String, derived from the
+      directory attribute SchemaNamingContext
+    - ServerName - A property of type System.String, derived from the directory
+      attribute ServerName
+    - SubschemaSubentry - A property of type ADObject, derived from the
+      directory attribute SubschemaSubentry
+    - SupportedCapabilities - A property of type ADObjectIdentifier, derived
+      from the directory attribute SupportedCapabilities
+    - SupportedControl - A property of type ADObjectIdentifier, derived from
+      the directory attribute SupportedControl
+    - SupportedLDAPPolicies - A property of type System.String, derived from
+      the directory attribute SupportedLDAPPolicies
+    - SupportedLDAPVersion - A property of type System.Int, derived from the
+      directory attribute SupportedLDAPVersion
+    - SupportedRootDSEOperations - A property of type
+      ADPropertyValueCollection, derived from the directory attribute
+      SupportedRootDSEOperations
+    - SupportedSASLMechanisms - A property of type System.String, derived from
+      the directory attribute SupportedSASLMechanisms
+    - Syncronized - A property of type System.Boolean, derived from the
+      directory attribute IsSynchronized.
+  - ADObject - Represents any object in Active Directory and is derived from
+    ADEntity. An ADObject may contain the following properties in addition to
+    those inherited from its parent.
+    - CanonicalName - A property of type System.String, derived from the
+      directory attribute: canonicalName
+    - CN - A property of type System.String, derived from the directory
+      attribute: cn
+    - Created - A property of type System.DateTime, derived from the directory
+      attribute: createTimeStamp
+    - Deleted - A property of type System.Boolean, derived from the directory
+      attribute: isDeleted
+    - Description - A property of type System.String, derived from the
+      directory attribute: description
+    - DisplayName - A property of type System.String, derived from the
+      directory attribute: displayName
+    - DistinguishedName - A property of type System.String, derived from the
+      directory attribute: distinguishedName
+    - LastKnownParent - A property of type System.String, derived from the
+      directory attribute: lastKnownParent
+    - Modified - A property of type System.DateTime, derived from the directory
+      attribute: modifyTimeStamp
+    - Name - A property of type System.String, derived from the directory
+      attribute: name
+    - ObjectCategory - A property of type System.String, derived from the
+      directory attribute: objectCategory
+    - ObjectClass - A property of type System.String, derived from the
+      directory attribute: objectClass
+    - ObjectGUID - A property of type System.Guid, derived from the directory
+      attribute: objectGUID
+    - ProtectedFromAccidentalDeletion - A property of type System.Boolean,
+      derived from the directory attributes: nTSecurityDescriptor,
+      sdRightsEffective, instanceType, isDeleted
+    - ADFineGrainedPasswordPolicy Represents a fine grained password policy
+      object; that is, an AD object of type msDS-PasswordSettings in AD DS and
+      is derived from ADObject. This class is not supported by AD LDS. An
+      ADFineGrainedPasswordPolicy may contain the following properties in
+      addition to those inherited from its parent.
+      - AppliesTo - A property of type System.String, derived from the
+        directory attribute: msDS-PSOAppliesTo
+      - ComplexityEnabled - A property of type System.Boolean, derived from the
+        directory attribute: msDS-PasswordComplexityEnabled
+      - LockoutDuration - A property of type System.TimeSpan, derived from the
+        directory attribute: msDS-LockoutDuration
+      - LockoutObservationWindow - A property of type System.TimeSpan, derived
+        from the directory attribute: msDS-LockoutObservationWindow
+      - LockoutThreshold - A property of type System.Int32, derived from the
+        directory attribute: msDS-LockoutThreshold
+      - MaxPasswordAge - A property of type System.TimeSpan, derived from the
+        directory attribute: msDS-MaximumPasswordAge
+      - MinPasswordAge - A property of type System.TimeSpan, derived from the
+        directory attribute: msDS-MinimumPasswordAge
+      - MinPasswordLength - A property of type System.Int32, derived from the
+        directory attribute: msDS-MinimumPasswordLength
+      - PasswordHistoryCount - A property of type System.Int32, derived from
+        the directory attribute: msDS-PasswordHistoryLength
+      - Precedence - A property of type System.Int32, derived from the
+        directory attribute: msDS-PasswordSettingsPrecedence
+      - ReversibleEncryptionEnabled - A property of type System.Boolean,
+        derived from the directory attribute:
+        msDS-PasswordReversibleEncryptionEnabled
+    - ADOptionalFeature Represents an optional feature, an Active Directory
+      object of type msDS-OptionalFeature, and is derived from ADObject. An
+      ADOptionalFeaturemay contain the following properties in addition to
+      those inherited from its parent.
+      - EnabledScopes - A property of type System.String, derived from the
+        directory attribute: msDS-EnabledFeatureBL
+      - FeatureGUID - A property of type System.Guid, derived from the
+        directory attribute: msDS-OptionalFeatureGUID
+      - FeatureScope - A property of type System.Int32, derived from the
+        directory attribute: msDS-OptionalFeatureFlags
+      - IsDisableable - A property of type System.Boolean, derived from the
+        directory attribute: msDS-OptionalFeatureFlags
+      - RequiredDomainMode - A property of type
+        Microsoft.ActiveDirectory.Management.ADDomainMode, derived from the
+        directory attribute: msDS-RequiredDomainBehaviorVersion
+      - RequiredForestMode - A property of type
+        Microsoft.ActiveDirectory.Management.ADForestMode, derived from the
+        directory attribute: msDS-RequiredForestBehaviorVersion
+    - ADOrganizationalUnit Represents an organizationalUnit (OU) object and is
+      derived from ADObject. An ADOrganizationalUnit may contain the following
+      properties in addition to those inherited from its parent.
+      - City - A property of type System.String, derived from the directory
+        attribute: l
+      - Country - A property of type System.String, derived from the directory
+        attribute: c
+      - LinkedGroupPolicyObjects - A property of type System.String, derived
+        from the directory attribute: gpLink. This property is not supported on
+        AD LDS.
+      - ManagedBy - A property of type System.String, derived from the
+        directory attribute: managedBy
+      - PostalCode - A property of type System.String, derived from the
+        directory attribute: postalCode
+      - State - A property of type System.String, derived from the directory
+        attribute: st
+      - StreetAddress - A property of type System.String, derived from the
+        directory attribute: street
+    - ADPartition - Represents a naming context, Configuration, Schema, Domain
+      or Application Partition(ND NC) and is derived from ADObject. This class
+      is not supported by AD LDS. An ADPartition may contain the following
+      properties in addition to those inherited from its parent.
+      - DeletedObjectsContainer - A property of type System.String, derived
+        from the directory attribute: DeletedObjectsContainer
+      - DNSRoot - A property of type System.String, derived from the directory
+        attribute: DNSRoot
+      - LostAndFoundContainer - A property of type System.String, derived from
+        the directory attribute: LostAndFoundContainer
+      - QuotasContainer - A property of type System.String, derived from the
+        directory attribute: QuotasContainer
+      - ReadOnlyReplicaDirectoryServers - A property of type System.String,
+        derived from the directory attribute: ReadOnlyReplicaDirectoryServers
+      - ReplicaDirectoryServers - A property of type System.String, derived
+        from the directory attribute: ReplicaDirectoryServers
+      - SubordinateReferences - A property of type System.String, derived from
+        the directory attribute: SubordinateReferences
+      - ADDomain - Represents a domain in AD DS or an instance in AD LDS; for
+        example, an Active Directory object of type domainDNS and is derived
+        from ADPartition. This class is not supported by AD LDS. An ADDomain
+        may contain the following properties in addition to those inherited
+        from its parent.
+        - AllowedDNSSuffixes - A property of type System.String, derived from
+          the directory attribute: msDS-AllowedDNSSuffixes
+        - ChildDomains - A property of type System.String, derived from the
+          directory attribute: ChildDomains
+        - ComputersContainer - A property of type System.String, derived from
+          the directory attribute: ComputersContainer
+        - DomainControllersContainer - A property of type System.String,
+          derived from the directory attribute: DomainControllersContainer
+        - DomainMode - A property of type System.Int32, derived from the
+          directory attribute: msDS-Behavior-Version
+        - DomainSID - A property of type
+          System.Security.Principal.SecurityIdentifier, derived from the
+          directory attribute: objectSid
+        - ForeignSecurityPrincipalsContainer - A property of type
+          System.String, derived from the directory attribute:
+          ForeignSecurityPrincipalsContainer
+        - Forest - A property of type System.String, derived from the directory
+          attribute: Forest
+        - InfrastructureMaster - A property of type System.String, derived from
+          the directory attribute: InfrastructureMaster
+        - LastLogonReplicationInterval - A property of type System.TimeSpan,
+          derived from the directory attribute: msDS-LogonTimeSyncInterval
+        - LinkedGroupPolicyObjects - A property of type System.String, derived
+          from the directory attribute: LinkedGroupPolicyObjects
+        - ManagedBy - A property of type System.String, derived from the
+          directory attribute: managedBy
+        - NetBIOSName - A property of type System.String, derived from the
+          directory attribute: NetBIOSName
+        - ParentDomain - A property of type System.String, derived from the
+          directory attribute: ParentDomain
+        - PDCEmulator - A property of type System.String, derived from the
+          directory attribute: PDCEmulator
+        - RIDMaster - A property of type System.String, derived from the
+          directory attribute: RIDMaster
+        - SystemsContainer - A property of type System.String, derived from the
+          directory attribute: SystemsContainer
+        - UsersContainer - A property of type System.String, derived from the
+          directory attribute: UsersContainer
+      - ADPrincipal - Represents a security principal, which is an Active
+        Directory object of type user, computer, group or iNetOrgPerson and is
+        derived from ADObject. An ADPrincipal may contain the following
+        properties in addition to those inherited from its parent.
+        - HomePage - A property of type System.String, derived from the
+          directory attribute: wWWHomePage
+        - MemberOf - A property of type System.String, derived from the
+          directory attribute: memberOf
+        - SamAccountName - A property of type System.String, derived from the
+          directory attribute: sAMAccountName. This property is not supported
+          for AD LDS.
+        - SID - A property of type
+          System.Security.Principal.SecurityIdentifier, derived from the
+          directory attribute: objectSid
+        - SIDHistory - A property of type
+          System.Security.Principal.SecurityIdentifier, derived from the
+          directory attribute: sIDHistory. This property is not supported for
+          AD LDS.
+        - ADAccount - Represents a security account; that is, an Active
+          Directory object of type user, computer or iNetOrgPerson and is
+          derived from ADPrincipal. An ADAccount may contain the following
+          properties in addition to those inherited from its parent.
+          - AccountExpirationDate - A property of type System.DateTime, derived
+            from the directory attribute: accountExpires
+          - AccountLockoutTime - A property of type System.DateTime, derived
+            from the directory attribute: lockoutTime
+          - AccountNotDelegated - A property of type System.Boolean, derived
+            from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - AllowReversiblePasswordEncryption - A property of type
+            System.Boolean, for AD DS it is derived from the directory
+            attribute: userAccountControl; for AD LDS it is derived from the
+            directory attribute: ms-DS-UserEncryptedTextPasswordAllowed
+          - BadLogonCount - A property of type System.Int32, derived from the
+            directory attribute: badPwdCount
+          - CannotChangePassword - A property of type System.Boolean, derived
+            from the directory attribute: nTSecurityDescriptor
+          - Certificates - A property of type
+            System.Security.Cryptography.X509Certificates.X509Certificate,
+            derived from the directory attribute: userCertificate
+          - DoesNotRequirePreAuth - A property of type System.Boolean, derived
+            from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - Enabled - A property of type System.Boolean, for AD DS it is
+            derived from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed; for AD LDS it is derived from
+            the directory attribute msDS-UserAccountDisabled
+          - HomedirRequired - A property of type System.Boolean, derived from
+            the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - LastBadPasswordAttempt - A property of type System.DateTime,
+            derived from the directory attribute: badPasswordTime
+          - LastLogonDate - A property of type System.DateTime, derived from
+            the directory attribute: lastLogonTimestamp
+          - LockedOut - A property of type System.Boolean, for AD DS it is
+            derived from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed, lockoutTime; for AD LDS it is
+            derived from the directory attribute msDS-UserAccountDisabled
+          - MNSLogonAccount - A property of type System.Boolean, derived from
+            the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - PasswordExpired - A property of type System.Boolean, for AD DS it
+            is derived from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed; for AD LDS it is derived from
+            the directory attribute msDS-UserPasswordExpired
+          - PasswordLastSet - A property of type System.DateTime, derived from
+            the directory attribute: pwdLastSet
+          - PasswordNeverExpires - A property of type System.Boolean, for AD
+            LDS it is derived from the directory attributes:
+            userAccountControl, msDS-User-Account-Control-Computed; for AD LDS
+            it is derived from the directory attribute:
+            msDS-UserDontExpirePassword
+          - PasswordNotRequired - A property of type System.Boolean, for AD DS
+            it is derived from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed; for AD LDS it is derived from
+            the directory attribute: ms-DS-UserPasswordNotRequired
+          - PrimaryGroup - A property of type System.String, derived from the
+            directory attributes: primaryGroupID, objectSid. This property is
+            not supported by AD LDS.
+          - ServicePrincipalNames - A property of type System.String, derived
+            from the directory attribute: servicePrincipalName. This property
+            is not supported by AD LDS.
+          - TrustedForDelegation - A property of type System.Boolean, derived
+            from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - TrustedToAuthForDelegation - A property of type System.Boolean,
+            derived from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - UseDESKeyOnly - A property of type System.Boolean, derived from the
+            directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - UserPrincipalName - A property of type System.String, derived from
+            the directory attribute: userPrincipalName
+          - ADComputer - Represents a computer and is derived from ADAccount.
+            An ADComputer may contain the following properties in addition to
+            those inherited from its parent.
+            - DNSHostName - A property of type System.String, derived from the
+              directory attribute: dNSHostName
+            - IPv4Address - A property of type System.String, derived from the
+              directory attribute: dNSHostName
+            - IPv6Address - A property of type System.String, derived from the
+              directory attribute: dNSHostName
+            - Location - A property of type System.String, derived from the
+              directory attribute: location
+            - ManagedBy - A property of type System.String, derived from the
+              directory attribute: managedBy
+            - OperatingSystem - A property of type System.String, derived from
+              the directory attribute: operatingSystem
+            - OperatingSystemHotfix - A property of type System.String, derived
+              from the directory attribute: operatingSystemHotfix
+            - OperatingSystemServicePack - A property of type System.String,
+              derived from the directory attribute: operatingSystemServicePack
+            - OperatingSystemVersion - A property of type System.String,
+              derived from the directory attribute: operatingSystemVersion
+            - ServiceAccount - A property of type System.String, derived from
+              the directory attribute: msDS-HostServiceAccount
+          - ADServiceAccount - Represents a managed service account; that is,
+            an Active Directory object of type msDS-ManagerdServiceAccount and
+            is derived from ADAccount. This class is not supported by AD LDS.
+            An ADServiceAccount may contain the following properties in
+            addition to those inherited from its parent.
+            - HostComputers - A property of type System.String, derived from
+              the directory attribute: msDS-HostServiceAccountBL
+          - ADUser - Represents a user (or iNetOrgPerson) and is derived from
+            ADAccount. An ADUser may contain the following properties in
+            addition to those inherited from its parent.
+            - City - A property of type System.String, derived from the
+              directory attribute: l
+            - Company - A property of type System.String, derived from the
+              directory attribute: company
+            - Country - A property of type System.String, derived from the
+              directory attribute: c
+            - Department - A property of type System.String, derived from the
+              directory attribute: department
+            - Division - A property of type System.String, derived from the
+              directory attribute: division
+            - EmailAddress - A property of type System.String, derived from the
+              directory attribute: mail
+            - EmployeeID - A property of type System.String, derived from the
+              directory attribute: employeeID
+            - EmployeeNumber - A property of type System.String, derived from
+              the directory attribute: employeeNumber
+            - Fax - A property of type System.String, derived from the
+              directory attribute: facsimileTelephoneNumber
+            - GivenName - A property of type System.String, derived from the
+              directory attribute: givenName
+            - HomeDirectory - A property of type System.String, derived from
+              the directory attribute: homeDirectory. This property is not
+              supported by AD LDS.
+            - HomeDrive - A property of type System.String, derived from the
+              directory attribute: homeDrive. This property is not supported by
+              AD LDS.
+            - HomePhone - A property of type System.String, derived from the
+              directory attribute: homePhone
+            - Initials - A property of type System.String, derived from the
+              directory attribute: initials
+            - LogonWorkstations - A property of type System.String, derived
+              from the directory attribute: userWorkstations. This property is
+              not supported by AD LDS.
+            - Manager - A property of type System.String, derived from the
+              directory attribute: manager
+            - MobilePhone - A property of type System.String, derived from the
+              directory attribute: mobile
+            - Office - A property of type System.String, derived from the
+              directory attribute: physicalDeliveryOfficeName
+            - OfficePhone - A property of type System.String, derived from the
+              directory attribute: telephoneNumber
+            - Organization - A property of type System.String, derived from the
+              directory attribute: o
+            - OtherName - A property of type System.String, derived from the
+              directory attribute: middleName
+            - POBox - A property of type System.String, derived from the
+              directory attribute: postOfficeBox
+            - PostalCode - A property of type System.String, derived from the
+              directory attribute: postalCode
+            - ProfilePath - A property of type System.String, derived from the
+              directory attribute: profilePath. This property is not supported
+              by AD LDS.
+            - ScriptPath - A property of type System.String, derived from the
+              directory attribute: scriptPath. This property is not supported
+              by AD LDS.
+            - SmartcardLogonRequired - A property of type System.Boolean,
+              derived from the directory attributes: userAccountControl,
+              msDS-User-Account-Control-Computed. This property is not
+              supported by AD LDS.
+            - State - A property of type System.String, derived from the
+              directory attribute: st
+            - StreetAddress - A property of type System.String, derived from
+              the directory attribute: streetAddress
+            - Surname - A property of type System.String, derived from the
+              directory attribute: sn
+            - Title - A property of type System.String, derived from the
+              directory attribute: title
+        - ADGroup -Represents a group and is derived from ADPrincipal. An
+          ADGroup may contain the following properties in addition to those
+          inherited from its parent.
+          - GroupCategory - A property of type
+            Microsoft.ActiveDirectory.Management.ADGroupCategory, derived from
+            the directory attribute: groupType
+          - GroupScope - A property of type
+            Microsoft.ActiveDirectory.Management.ADGroupScope, derived from the
+            directory attribute: groupType
+          - ManagedBy - A property of type System.String, derived from the
+            directory attribute: managedBy
+          - Members - A property of type System.String, derived from the
+            directory attribute: member
+  - ADDefaultDomainPasswordPolicy - Represents the domain-wide password policy
+    of an Active Directory domain and is derived from ADEntity. This class is
+    not supported by AD LDS. An ADDefaultDomainPasswordPolicy may contain the
+    following properties in addition to those inherited from its parent.
+    - ComplexityEnabled - A property of type System.Boolean, derived from the
+      directory attribute: pwdProperties
+    - DistinguishedName - A property of type System.String, derived from the
+      directory attribute: distinguishedName
+    - LockoutDuration - A property of type System.TimeSpan, derived from the
+      directory attribute: lockoutDuration
+    - LockoutObservationWindow - A property of type System.TimeSpan, derived
+      from the directory attribute: lockoutObservationWindow
+    - LockoutThreshold - A property of type System.Int32, derived from the
+      directory attribute: lockoutThreshold
+    - MaxPasswordAge - A property of type System.TimeSpan, derived from the
+      directory attribute: maxPwdAge
+    - MinPasswordAge - A property of type System.TimeSpan, derived from the
+      directory attribute: minPwdAge
+    - MinPasswordLength - A property of type System.Int32, derived from the
+      directory attribute: minPwdLength
+    - PasswordHistoryCount - A property of type System.Int32, derived from the
+      directory attribute: pwdHistoryLength
+    - ReversibleEncryptionEnabled - A property of type System.Boolean, derived
+      from the directory attribute: pwdProperties
+  - ADForest - Represents a Active Directory forest in AD DS or a Configuration
+    Set in AD LDS and is derived from ADEntity. This class is not supported by
+    AD LDS. An ADForest may contain the following properties in addition to
+    those inherited from its parent.
+    - ApplicationPartitions - A property of type System.String, derived from
+      the directory attribute: ApplicationPartitions
+    - CrossForestReferences - A property of type System.String, derived from
+      the directory attribute: CrossForestReferences
+    - DomainNamingMaster - A property of type System.String, derived from the
+      directory attribute: DomainNamingMaster
+    - Domains - A property of type System.String, derived from the directory
+      attribute: Domains
+    - ForestMode - A property of type System.Int32, derived from the directory
+      attribute: msDS-Behavior-Version
+    - GlobalCatalogs - A property of type System.String, derived from the
+      directory attribute: GlobalCatalogs
+    - Name - A property of type System.String, derived from the directory
+      attribute: name
+    - PartitionContainerName - A property of type System.String, derived from
+      the directory attribute: distinguishedName
+    - RootDomain - A property of type System.String, derived from the directory
+      attribute: RootDomain
+    - SchemaMaster - A property of type System.String, derived from the
+      directory attribute: SchemaMaster
+    - Sites - A property of type System.String, derived from the directory
+      attribute: Sites
+    - SPNSuffixes - A property of type System.String, derived from the
+      directory attribute: msDS-SPNSuffixes
+    - UPNSuffixes - A property of type System.String, derived from the
+      directory attribute: uPNSuffixes
+  - ADDirectoryServer - Represents a directory server used as either a domain
+    controller or an AD LDS instance and is derived from ADEntity. An
+    ADDirectoryServer may contain the following properties in addition to those
+    inherited from its parent.
+    - DefaultPartition - A property of type System.String, derived from the
+      directory attribute: DefaultPartition
+    - HostName - A property of type System.String, derived from the directory
+      attribute: HostName
+    - InvocationId - A property of type System.Guid, derived from the directory
+      attribute: InvocationId
+    - IPv4Address - A property of type System.String, derived from the
+      directory attribute: HostName
+    - IPv6Address - A property of type System.String, derived from the
+      directory attribute: HostName
+    - LdapPort - A property of type System.Int32, derived from the directory
+      attribute: LdapPort
+    - Name - A property of type System.String, derived from the directory
+      attribute: Name
+    - NTDSSettingsObjectDN - A property of type System.String, derived from the
+      directory attribute: NTDSSettingsObjectDN
+    - OperationMasterRoles - A property of type
+      Microsoft.ActiveDirectory.Management.ADOperationMasterRole, derived from
+      the directory attribute: OperationMasterRole
+    - Partitions - A property of type System.String, derived from the directory
+      attribute: Partitions
+    - ServerObjectDN - A property of type System.String, derived from the
+      directory attribute: ServerObjectDN
+    - ServerObjectGuid - A property of type System.Guid, derived from the
+      directory attribute: ServerObjectGuid
+    - Site - A property of type System.String, derived from the directory
+      attribute: Site
+    - SslPort - A property of type System.Int32, derived from the directory
+      attribute: SslPort
+    - ADDomainController - Represents a domain controller in AD DS and is
+      derived from ADDirectoryServer. An ADDomainController may contain the
+      following properties in addition to those inherited from its parent.
+      - ComputerObjectDN - A property of type System.String, derived from the
+        directory attribute: ComputerDN
+      - Domain - A property of type System.String, derived from the directory
+        attribute: Domain
+      - Enabled - A property of type System.Boolean, derived from the directory
+        attribute: Enabled
+      - Forest - A property of type System.String, derived from the directory
+        attribute: Forest
+      - IsGlobalCatalog - A property of type System.Boolean, derived from the
+        directory attribute: IsGlobalCatalog
+      - IsReadOnly - A property of type System.Boolean, derived from the
+        directory attribute: IsReadOnly
+      - OperatingSystem - A property of type System.String, derived from the
+        directory attribute: OSName
+      - OperatingSystemHotfix - A property of type System.String, derived from
+        the directory attribute: OSHotFix
+      - OperatingSystemServicePack - A property of type System.String, derived
+        from the directory attribute: OSServicepack
+      - OperatingSystemVersion - A property of type System.String, derived from
+        the directory attribute: OSVersion
diff --git a/docset/winserver2016-ps/activedirectory/About/About.md b/docset/winserver2016-ps/activedirectory/About/About.md
index adc76085b9..449df28850 100644
--- a/docset/winserver2016-ps/activedirectory/About/About.md
+++ b/docset/winserver2016-ps/activedirectory/About/About.md
@@ -2,7 +2,7 @@
 description: About articles for the ActiveDirectory module.
 Help Version: 3.1.0.0
 Locale: en-US
-ms.date: 04/22/2013
+ms.date: 07/03/2024
 title: About articles
 ---
 # About topics
@@ -13,5 +13,14 @@ About topics cover a range of concepts about PowerShell.
 
 ## About Topics
 
+### [about_ActiveDirectory](about_ActiveDirectory.md)
+The Active Directory module is a command line interface for managing Active Directory.
+
 ### [about_ActiveDirectory_Filter](about_ActiveDirectory_Filter.md)
 Describes the syntax and behavior of the search filter supported by the Active Directory module for Windows PowerShell.
+
+### [about_ActiveDirectory_Identity](about_ActiveDirectory_Identity.md)
+The Active Directory module for Windows PowerShell objects have a range of identifying attributes that are used for search and retrieval.
+
+### [about_ActiveDirectory_ObjectModel](about_ActiveDirectory_ObjectModel.md)
+Describes the object model of the Active Directory module for Windows PowerShell.
diff --git a/docset/winserver2016-ps/activedirectory/About/about_ActiveDirectory.md b/docset/winserver2016-ps/activedirectory/About/about_ActiveDirectory.md
new file mode 100644
index 0000000000..1b7183dcd2
--- /dev/null
+++ b/docset/winserver2016-ps/activedirectory/About/about_ActiveDirectory.md
@@ -0,0 +1,81 @@
+---
+title: about_ActiveDirectory
+ms.date: 04/22/2013
+description: The Active Directory module is a command line interface for managing Active Directory.
+Locale: en-US
+schema: 2.0.0
+---
+
+# about_ActiveDirectory
+
+## SHORT DESCRIPTION
+
+The Active Directory module is a command line interface for managing Active
+Directory.
+
+## LONG DESCRIPTION
+
+The Active Directory module for Windows PowerShell is for IT Professionals who
+are administering and interfacing with Active Directory. The Active Directory
+module provides an efficient way to complete many administrative,
+configuration, and diagnostic tasks across Active Directory Domain Services (AD
+DS) and Active Directory Lightweight Directory Services (AD LDS) instances in
+their environments. The Active Directory module includes a set of Windows
+PowerShell cmdlets and a provider. The provider exposes the Active Directory
+database through a hierarchical navigation system, which is very similar to the
+file system. As with drives in a file system, such as C:, you can connect
+Windows PowerShell drives to Active Directory domains and AD LDS, as well as
+Active Directory snapshots.
+
+### Coverage of Active Directory Module Cmdlets
+
+Create, Read, Update, and Delete actions are supported for Active Directory
+objects by cmdlets such as `New-ADUser`, `Get-ADOrganizationalUnit`,
+`Set-ADComputer`, and `Remove-ADUser`.
+
+Account and Password Policy Management are supported by cmdlets such as
+`Enable-ADAccount`, `Unlock-ADAccount`, `New-ADServiceAccount`,
+`Set-ADAccountControl`, and `Remove-ADFineGrainedPasswordPolicy`.
+
+Domain and Forest Management is supported by cmdlets such as `Get-ADForest`,
+`Set-ADForest`, `Set-ADForestMode`, `Enable-ADOptionalFeature`,
+`Get-ADDomainController`, and `Get-ADDomain`.
+
+### Listing the Active Directory Module Cmdlets
+
+To get a list of all of the Active Directory module cmdlets, run
+
+```powershell
+Get-Command -Module ActiveDirectory
+```
+
+### Getting Started
+
+Getting started with the Active Directory module for Windows PowerShell is as
+easy as clicking the following shortcut:
+
+Run the following command in any Windows PowerShell prompt to import the Active
+Directory module:
+
+```powershell
+Import-Module ActiveDirectory
+```
+
+### Overview and Conceptual Topics
+
+The first two of these topics offer a high level overview of the Active
+Directory module and the Active Directory Provider.
+
+- For a brief introduction to the Active Directory provider for Windows
+  PowerShell, see [ActiveDirectory](/powershell/module/activedirectory).
+- The following topics are conceptual support topics for the Active Directory
+  module cmdlets.
+  - For an introduction to the **Identity** parameter, which is used by the
+    Active Directory module cmdlets to identify objects in the directory, see
+    [about_ActiveDirectory_Identity](about_ActiveDirectory_Identity.md).
+  - For an introduction to the **Filter** parameter which is used by Active
+    Directory module cmdlets to search for objects in the directory, see
+    [about_ActiveDirectory_Filter](about_ActiveDirectory_Filter.md).
+  - For an introduction to the .NET Framework-based object model implemented by
+    the Active Directory module, see
+    [about_ActiveDirectory_ObjectModel](about_ActiveDirectory_ObjectModel.md).
diff --git a/docset/winserver2016-ps/activedirectory/About/about_ActiveDirectory_Identity.md b/docset/winserver2016-ps/activedirectory/About/about_ActiveDirectory_Identity.md
new file mode 100644
index 0000000000..c007277b19
--- /dev/null
+++ b/docset/winserver2016-ps/activedirectory/About/about_ActiveDirectory_Identity.md
@@ -0,0 +1,196 @@
+---
+title: about_ActiveDirectory_Identity
+ms.date: 04/22/2013
+description: This article lists the identifying attributes that are used for search and retrieval supported by the Active Directory module for Windows PowerShell.
+Locale: en-US
+schema: 2.0.0
+---
+
+# about_ActiveDirectory_Identity
+
+## SHORT DESCRIPTION
+
+The Active Directory module for Windows PowerShell objects have a range of
+identifying attributes that are used for search and retrieval.
+
+## LONG DESCRIPTION
+
+In order to identify the objects in Active Directory, each object has
+attributes that can be used as identifiers. In the Active Directory module, the
+value of the identity of an object can be passed using the Identity parameter.
+Each object type has its own set of possible types and values for use by the
+Identity parameter. See the detailed description of the Identity parameter of
+the given cmdlet for more information about its usage.
+
+When searching with the Active Directory module cmdlets, the value of the
+Identity parameter, along with the values of the Server and Partition
+parameters, is used to uniquely identify a single object. The Server parameter
+is used to locate which server to connect with. The Partition parameter further
+narrows the search to a specific partition. The Identity parameter then
+resolves to a single unique object in the partition.
+
+Note that using the Security Accounts Manager (SAM) Account Name
+(**sAMAccountName**) when targeting a global catalog port, you will not find a
+user in a different domain if you are using the Identity parameter
+
+If more than one object is found using identity resolution, the Active
+Directory module throws an error.
+
+For more information about the Server and Partition parameters, see the help
+topics for the individual cmdlets where they are used, such as `Get-ADUser`, by
+typing:
+
+```powershell
+Get-Help Get-ADUser
+```
+
+### Objects and Identities
+
+Each object has a list of attributes that can be used as an identity for that
+object. Additionally, if the object inherits from another object, then the
+parent object's identities can also be used as the child object's identities.
+For more information on the Active Directory object hierarchy, see
+[about_ActiveDirectory_ObjectModel](about_ActiveDirectory_ObjectModel.md).
+
+> [!NOTE]
+> For Active Directory Provider cmdlets, only an object's 'Distinguished Name'
+> or 'Relative Distinguished Name' can be used as the identity. For a list of
+> Active Directory Provider cmdlets, see ActiveDirectory.
+
+### Identity Attributes
+
+The following is a list of identity attributes by object type.
+
+- ADAccount
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Security Identifier (objectSid)
+  - SAM Account Name (sAMAccountName)
+
+- ADComputer
+  - Distinguished Name
+  - GUID  (objectGUID)
+  - Security Identifier (objectSid)
+  - Security Accounts Manager Account Name (sAMAccountName)
+
+- ADDirectoryServer
+  - Name of the server object (name)
+    - For AD LDS instances the syntax of a name is `<computer-name>$<instance-name>`
+    - For other Active Directory instances, use the value of the name property.
+  - Distinguished Name of the NTDS Settings object
+  - Distinguished Name of the server object that represents the directory
+    server.
+  - GUID (objectGUID) of server object under the configuration partition.
+  - GUID (objectGUID) of NTDS settings object under the configuration partition
+
+- ADDomain
+  - Distinguished Name
+  - GUID
+  - Security Identifier
+  - DNS domain name
+  - NetBIOS domain name
+
+- ADDomainController
+  - GUID (objectGUID)
+  - IPV4Address
+  - Global IPV6Address
+  - DNS Host Name (dNSHostName)
+  - Name of the server object
+  - Distinguished Name of the NTDS Settings object
+  - Distinguished Name of the server object that represents the domain controller
+  - GUID of NTDS settings object under the configuration partition
+  - GUID of server object under the configuration partition
+  - Distinguished Name of the computer object that represents the domain controller.
+
+- ADFineGrainedPasswordPolicy
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Name (name)
+
+- ADForest
+  - Fully qualified domain name
+  - DNS host name
+  - NetBIOS name
+
+- ADGroup
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Security Identifier (objectSid)
+  - Security Accounts Manager (SAM) Account Name (sAMAccountName)
+
+- ADObject
+  - Distinguished Name
+  - GUID (objectGUID)
+
+- ADOptionalFeature
+  - Distinguished Name
+  - Name (name)
+  - Feature GUID (featureGUID)
+  - GUID (objectGUID)
+
+- ADOrganizationalUnit
+  - Distinguished Name
+  - GUID (objectGUID)
+
+- ADPrincipal
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Security Identifier (objectSid)
+  - SAM Account Name (sAMAccountName)
+
+- ADServiceAccount
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Security Identifier (objectSid)
+  - SAM Account Name (sAMAccountName)
+
+- ADUser
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Security Identifier (objectSid)
+  - SAM User Name (sAMUserName)
+
+
+### Identities Formats
+
+Active Directory module objects have a range of identity attributes. Below is a
+list of these, their types and formats.
+
+- Distinguished Name
+  - Example: CN=SaraDavis,CN=Europe,CN=Users, DC=corp,DC=contoso,DC=com
+
+- DNS domain name
+  - Example: redmond.corp.contoso.com
+
+- DNS Host Name (dNSHostName)
+  - Example: corp-DC01.corp.contoso.com
+
+- Feature GUID (featureGUID)
+  - Example: 599c3d2e-f72d-4d20-8a88-030d99495f20
+
+- Fully qualified domain name
+  - Example: corp.contoso.com
+
+- Global IPV6Address
+  - Example: 2001:4898:0:fff:200:5efe:157.59.132.61
+
+- GUID (objectGUID)
+  - Example: 599c3d2e-f72d-4d20-8a88-030d99495f20
+
+- IPV4Address
+  - Example:157.59.132.61
+
+- NetBIOS domain name
+  - Example: redmond
+
+- Name of the server object
+  - Example: corp-DC01$
+
+- SAM Account Name (sAMAccountName)
+  - Example: saradavisreports
+
+- Security Identifier (objectSid)
+  - Example: S-1-5-21-3165297888-301567370-576410423-1103
+
+- Name
+  - Example: Recycle Bin Feature
diff --git a/docset/winserver2016-ps/activedirectory/About/about_ActiveDirectory_ObjectModel.md b/docset/winserver2016-ps/activedirectory/About/about_ActiveDirectory_ObjectModel.md
new file mode 100644
index 0000000000..8535a97464
--- /dev/null
+++ b/docset/winserver2016-ps/activedirectory/About/about_ActiveDirectory_ObjectModel.md
@@ -0,0 +1,595 @@
+---
+title: about_ActiveDirectory_ObjectModel
+ms.date: 04/22/2013
+description: Describes the object model of the Active Directory module for Windows PowerShell.
+Locale: en-US
+schema: 2.0.0
+---
+
+# about_ActiveDirectory_ObjectModel
+
+## SHORT DESCRIPTION
+Describes the object model of the Active Directory module for Windows
+PowerShell.
+
+## LONG DESCRIPTION
+
+This topic explains the Active Directory module classes and their properties
+used to model actual Active Directory attributes. It also outlines the class
+hierarchy constructed from its Active Directory counterpart. The object model
+establishes a data foundation for all the operations supported by Active
+Directory module cmdlets.
+
+### Class Hierarchy
+
+The following list shows the class hierarchy defined in the Active Directory
+module object model, with class inheritance implied by indentation. This
+inheritance model allows for Active Directory cmdlets to accept a range of
+object types as input. This means, for example, that the cmdlet
+Get-ADPrincipalGroupMembership can accept as input any of the following
+objects: ADGroup, ADAccount, ADComputer, ADServiceAccount or ADUser. This works
+because of the inheritance model and guarantees that an ADUser object has all
+of the properties of an ADPrincipal object.
+
+```
+ADEntity
+  ADRootDSE
+  ADObject
+    ADFineGrainedPasswordPolicy
+    ADOptionalFeature
+    ADOrganizationalUnit
+    ADPartition
+      ADDomain
+    ADPrincipal
+      ADAccount
+        ADComputer
+        ADServiceAccount
+        ADUser
+      ADGroup
+  ADDefaultDomainPasswordPolicy
+  ADForest
+  ADDirectoryServer
+    ADDomainController
+```
+
+### Active Directory Module Classes
+
+The following listing shows every Active Directory module class from the class
+hierarchy listing. Each class defines a set of properties, some of which are
+LDAP attributes that are retrieved by default and some are new properties
+created specifically for the Active Directory module. These new properties are
+derived from one or more LDAP attributes as outlined in the class listings.
+
+
+- ADEntity - The base level class from which all other classes are derived.
+  - ADRootDSE - Represents the rootDSE and is derived from ADEntity. An
+    ADRootDSE may contain the following properties in addition to those
+    inherited from its parent.
+    - ConfigurationNamingContext - A property of type System.String, derived
+      from the directory attribute ConfigurationNamingContext
+    - CurrentTime - A property of type System.DateTime, derived from the
+      directory attribute CurrentTime
+    - DefaultNamingContext - A property of type System.String, derived from the
+      directory attribute DefaultNamingContext
+    - DnsHostName - A property of type System.String, derived from the
+      directory attribute DnsHostName
+    - DomainControllerFunctionality - A property of type
+      ADDomainControllerMode, derived from the directory attribute
+      DomainControllerFunctionality
+    - DomainFunctionality - A property of type ADDomainMode, derived from the
+      directory attribute DomainFunctionality
+    - DsServiceName - A property of type System.String, derived from the
+      directory attribute DsServiceName
+    - ForestFunctionality - A property of type ADForestMode, derived from the
+      directory attribute ForestFunctionality
+    - GlobalCatalogReady - A property of type System.Boolean, derived from the
+      directory attribute GlobalCatalogReady
+    - HighestCommittedUSN - A property of type System.Long, derived from the
+      directory attribute HighestCommittedUSN
+    - LdapServiceName - A property of type System.String, derived from the
+      directory attribute LdapServiceName
+    - NamingContexts - A property of type System.String, derived from the
+      directory attribute NamingContexts
+    - RootDomainNamingContext - A property of type System.String, derived from
+      the directory attribute RootDomainNamingContext
+    - SchemaNamingContext - A property of type System.String, derived from the
+      directory attribute SchemaNamingContext
+    - ServerName - A property of type System.String, derived from the directory
+      attribute ServerName
+    - SubschemaSubentry - A property of type ADObject, derived from the
+      directory attribute SubschemaSubentry
+    - SupportedCapabilities - A property of type ADObjectIdentifier, derived
+      from the directory attribute SupportedCapabilities
+    - SupportedControl - A property of type ADObjectIdentifier, derived from
+      the directory attribute SupportedControl
+    - SupportedLDAPPolicies - A property of type System.String, derived from
+      the directory attribute SupportedLDAPPolicies
+    - SupportedLDAPVersion - A property of type System.Int, derived from the
+      directory attribute SupportedLDAPVersion
+    - SupportedRootDSEOperations - A property of type
+      ADPropertyValueCollection, derived from the directory attribute
+      SupportedRootDSEOperations
+    - SupportedSASLMechanisms - A property of type System.String, derived from
+      the directory attribute SupportedSASLMechanisms
+    - Syncronized - A property of type System.Boolean, derived from the
+      directory attribute IsSynchronized.
+  - ADObject - Represents any object in Active Directory and is derived from
+    ADEntity. An ADObject may contain the following properties in addition to
+    those inherited from its parent.
+    - CanonicalName - A property of type System.String, derived from the
+      directory attribute: canonicalName
+    - CN - A property of type System.String, derived from the directory
+      attribute: cn
+    - Created - A property of type System.DateTime, derived from the directory
+      attribute: createTimeStamp
+    - Deleted - A property of type System.Boolean, derived from the directory
+      attribute: isDeleted
+    - Description - A property of type System.String, derived from the
+      directory attribute: description
+    - DisplayName - A property of type System.String, derived from the
+      directory attribute: displayName
+    - DistinguishedName - A property of type System.String, derived from the
+      directory attribute: distinguishedName
+    - LastKnownParent - A property of type System.String, derived from the
+      directory attribute: lastKnownParent
+    - Modified - A property of type System.DateTime, derived from the directory
+      attribute: modifyTimeStamp
+    - Name - A property of type System.String, derived from the directory
+      attribute: name
+    - ObjectCategory - A property of type System.String, derived from the
+      directory attribute: objectCategory
+    - ObjectClass - A property of type System.String, derived from the
+      directory attribute: objectClass
+    - ObjectGUID - A property of type System.Guid, derived from the directory
+      attribute: objectGUID
+    - ProtectedFromAccidentalDeletion - A property of type System.Boolean,
+      derived from the directory attributes: nTSecurityDescriptor,
+      sdRightsEffective, instanceType, isDeleted
+    - ADFineGrainedPasswordPolicy Represents a fine grained password policy
+      object; that is, an AD object of type msDS-PasswordSettings in AD DS and
+      is derived from ADObject. This class is not supported by AD LDS. An
+      ADFineGrainedPasswordPolicy may contain the following properties in
+      addition to those inherited from its parent.
+      - AppliesTo - A property of type System.String, derived from the
+        directory attribute: msDS-PSOAppliesTo
+      - ComplexityEnabled - A property of type System.Boolean, derived from the
+        directory attribute: msDS-PasswordComplexityEnabled
+      - LockoutDuration - A property of type System.TimeSpan, derived from the
+        directory attribute: msDS-LockoutDuration
+      - LockoutObservationWindow - A property of type System.TimeSpan, derived
+        from the directory attribute: msDS-LockoutObservationWindow
+      - LockoutThreshold - A property of type System.Int32, derived from the
+        directory attribute: msDS-LockoutThreshold
+      - MaxPasswordAge - A property of type System.TimeSpan, derived from the
+        directory attribute: msDS-MaximumPasswordAge
+      - MinPasswordAge - A property of type System.TimeSpan, derived from the
+        directory attribute: msDS-MinimumPasswordAge
+      - MinPasswordLength - A property of type System.Int32, derived from the
+        directory attribute: msDS-MinimumPasswordLength
+      - PasswordHistoryCount - A property of type System.Int32, derived from
+        the directory attribute: msDS-PasswordHistoryLength
+      - Precedence - A property of type System.Int32, derived from the
+        directory attribute: msDS-PasswordSettingsPrecedence
+      - ReversibleEncryptionEnabled - A property of type System.Boolean,
+        derived from the directory attribute:
+        msDS-PasswordReversibleEncryptionEnabled
+    - ADOptionalFeature Represents an optional feature, an Active Directory
+      object of type msDS-OptionalFeature, and is derived from ADObject. An
+      ADOptionalFeaturemay contain the following properties in addition to
+      those inherited from its parent.
+      - EnabledScopes - A property of type System.String, derived from the
+        directory attribute: msDS-EnabledFeatureBL
+      - FeatureGUID - A property of type System.Guid, derived from the
+        directory attribute: msDS-OptionalFeatureGUID
+      - FeatureScope - A property of type System.Int32, derived from the
+        directory attribute: msDS-OptionalFeatureFlags
+      - IsDisableable - A property of type System.Boolean, derived from the
+        directory attribute: msDS-OptionalFeatureFlags
+      - RequiredDomainMode - A property of type
+        Microsoft.ActiveDirectory.Management.ADDomainMode, derived from the
+        directory attribute: msDS-RequiredDomainBehaviorVersion
+      - RequiredForestMode - A property of type
+        Microsoft.ActiveDirectory.Management.ADForestMode, derived from the
+        directory attribute: msDS-RequiredForestBehaviorVersion
+    - ADOrganizationalUnit Represents an organizationalUnit (OU) object and is
+      derived from ADObject. An ADOrganizationalUnit may contain the following
+      properties in addition to those inherited from its parent.
+      - City - A property of type System.String, derived from the directory
+        attribute: l
+      - Country - A property of type System.String, derived from the directory
+        attribute: c
+      - LinkedGroupPolicyObjects - A property of type System.String, derived
+        from the directory attribute: gpLink. This property is not supported on
+        AD LDS.
+      - ManagedBy - A property of type System.String, derived from the
+        directory attribute: managedBy
+      - PostalCode - A property of type System.String, derived from the
+        directory attribute: postalCode
+      - State - A property of type System.String, derived from the directory
+        attribute: st
+      - StreetAddress - A property of type System.String, derived from the
+        directory attribute: street
+    - ADPartition - Represents a naming context, Configuration, Schema, Domain
+      or Application Partition(ND NC) and is derived from ADObject. This class
+      is not supported by AD LDS. An ADPartition may contain the following
+      properties in addition to those inherited from its parent.
+      - DeletedObjectsContainer - A property of type System.String, derived
+        from the directory attribute: DeletedObjectsContainer
+      - DNSRoot - A property of type System.String, derived from the directory
+        attribute: DNSRoot
+      - LostAndFoundContainer - A property of type System.String, derived from
+        the directory attribute: LostAndFoundContainer
+      - QuotasContainer - A property of type System.String, derived from the
+        directory attribute: QuotasContainer
+      - ReadOnlyReplicaDirectoryServers - A property of type System.String,
+        derived from the directory attribute: ReadOnlyReplicaDirectoryServers
+      - ReplicaDirectoryServers - A property of type System.String, derived
+        from the directory attribute: ReplicaDirectoryServers
+      - SubordinateReferences - A property of type System.String, derived from
+        the directory attribute: SubordinateReferences
+      - ADDomain - Represents a domain in AD DS or an instance in AD LDS; for
+        example, an Active Directory object of type domainDNS and is derived
+        from ADPartition. This class is not supported by AD LDS. An ADDomain
+        may contain the following properties in addition to those inherited
+        from its parent.
+        - AllowedDNSSuffixes - A property of type System.String, derived from
+          the directory attribute: msDS-AllowedDNSSuffixes
+        - ChildDomains - A property of type System.String, derived from the
+          directory attribute: ChildDomains
+        - ComputersContainer - A property of type System.String, derived from
+          the directory attribute: ComputersContainer
+        - DomainControllersContainer - A property of type System.String,
+          derived from the directory attribute: DomainControllersContainer
+        - DomainMode - A property of type System.Int32, derived from the
+          directory attribute: msDS-Behavior-Version
+        - DomainSID - A property of type
+          System.Security.Principal.SecurityIdentifier, derived from the
+          directory attribute: objectSid
+        - ForeignSecurityPrincipalsContainer - A property of type
+          System.String, derived from the directory attribute:
+          ForeignSecurityPrincipalsContainer
+        - Forest - A property of type System.String, derived from the directory
+          attribute: Forest
+        - InfrastructureMaster - A property of type System.String, derived from
+          the directory attribute: InfrastructureMaster
+        - LastLogonReplicationInterval - A property of type System.TimeSpan,
+          derived from the directory attribute: msDS-LogonTimeSyncInterval
+        - LinkedGroupPolicyObjects - A property of type System.String, derived
+          from the directory attribute: LinkedGroupPolicyObjects
+        - ManagedBy - A property of type System.String, derived from the
+          directory attribute: managedBy
+        - NetBIOSName - A property of type System.String, derived from the
+          directory attribute: NetBIOSName
+        - ParentDomain - A property of type System.String, derived from the
+          directory attribute: ParentDomain
+        - PDCEmulator - A property of type System.String, derived from the
+          directory attribute: PDCEmulator
+        - RIDMaster - A property of type System.String, derived from the
+          directory attribute: RIDMaster
+        - SystemsContainer - A property of type System.String, derived from the
+          directory attribute: SystemsContainer
+        - UsersContainer - A property of type System.String, derived from the
+          directory attribute: UsersContainer
+      - ADPrincipal - Represents a security principal, which is an Active
+        Directory object of type user, computer, group or iNetOrgPerson and is
+        derived from ADObject. An ADPrincipal may contain the following
+        properties in addition to those inherited from its parent.
+        - HomePage - A property of type System.String, derived from the
+          directory attribute: wWWHomePage
+        - MemberOf - A property of type System.String, derived from the
+          directory attribute: memberOf
+        - SamAccountName - A property of type System.String, derived from the
+          directory attribute: sAMAccountName. This property is not supported
+          for AD LDS.
+        - SID - A property of type
+          System.Security.Principal.SecurityIdentifier, derived from the
+          directory attribute: objectSid
+        - SIDHistory - A property of type
+          System.Security.Principal.SecurityIdentifier, derived from the
+          directory attribute: sIDHistory. This property is not supported for
+          AD LDS.
+        - ADAccount - Represents a security account; that is, an Active
+          Directory object of type user, computer or iNetOrgPerson and is
+          derived from ADPrincipal. An ADAccount may contain the following
+          properties in addition to those inherited from its parent.
+          - AccountExpirationDate - A property of type System.DateTime, derived
+            from the directory attribute: accountExpires
+          - AccountLockoutTime - A property of type System.DateTime, derived
+            from the directory attribute: lockoutTime
+          - AccountNotDelegated - A property of type System.Boolean, derived
+            from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - AllowReversiblePasswordEncryption - A property of type
+            System.Boolean, for AD DS it is derived from the directory
+            attribute: userAccountControl; for AD LDS it is derived from the
+            directory attribute: ms-DS-UserEncryptedTextPasswordAllowed
+          - BadLogonCount - A property of type System.Int32, derived from the
+            directory attribute: badPwdCount
+          - CannotChangePassword - A property of type System.Boolean, derived
+            from the directory attribute: nTSecurityDescriptor
+          - Certificates - A property of type
+            System.Security.Cryptography.X509Certificates.X509Certificate,
+            derived from the directory attribute: userCertificate
+          - DoesNotRequirePreAuth - A property of type System.Boolean, derived
+            from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - Enabled - A property of type System.Boolean, for AD DS it is
+            derived from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed; for AD LDS it is derived from
+            the directory attribute msDS-UserAccountDisabled
+          - HomedirRequired - A property of type System.Boolean, derived from
+            the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - LastBadPasswordAttempt - A property of type System.DateTime,
+            derived from the directory attribute: badPasswordTime
+          - LastLogonDate - A property of type System.DateTime, derived from
+            the directory attribute: lastLogonTimestamp
+          - LockedOut - A property of type System.Boolean, for AD DS it is
+            derived from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed, lockoutTime; for AD LDS it is
+            derived from the directory attribute msDS-UserAccountDisabled
+          - MNSLogonAccount - A property of type System.Boolean, derived from
+            the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - PasswordExpired - A property of type System.Boolean, for AD DS it
+            is derived from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed; for AD LDS it is derived from
+            the directory attribute msDS-UserPasswordExpired
+          - PasswordLastSet - A property of type System.DateTime, derived from
+            the directory attribute: pwdLastSet
+          - PasswordNeverExpires - A property of type System.Boolean, for AD
+            LDS it is derived from the directory attributes:
+            userAccountControl, msDS-User-Account-Control-Computed; for AD LDS
+            it is derived from the directory attribute:
+            msDS-UserDontExpirePassword
+          - PasswordNotRequired - A property of type System.Boolean, for AD DS
+            it is derived from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed; for AD LDS it is derived from
+            the directory attribute: ms-DS-UserPasswordNotRequired
+          - PrimaryGroup - A property of type System.String, derived from the
+            directory attributes: primaryGroupID, objectSid. This property is
+            not supported by AD LDS.
+          - ServicePrincipalNames - A property of type System.String, derived
+            from the directory attribute: servicePrincipalName. This property
+            is not supported by AD LDS.
+          - TrustedForDelegation - A property of type System.Boolean, derived
+            from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - TrustedToAuthForDelegation - A property of type System.Boolean,
+            derived from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - UseDESKeyOnly - A property of type System.Boolean, derived from the
+            directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - UserPrincipalName - A property of type System.String, derived from
+            the directory attribute: userPrincipalName
+          - ADComputer - Represents a computer and is derived from ADAccount.
+            An ADComputer may contain the following properties in addition to
+            those inherited from its parent.
+            - DNSHostName - A property of type System.String, derived from the
+              directory attribute: dNSHostName
+            - IPv4Address - A property of type System.String, derived from the
+              directory attribute: dNSHostName
+            - IPv6Address - A property of type System.String, derived from the
+              directory attribute: dNSHostName
+            - Location - A property of type System.String, derived from the
+              directory attribute: location
+            - ManagedBy - A property of type System.String, derived from the
+              directory attribute: managedBy
+            - OperatingSystem - A property of type System.String, derived from
+              the directory attribute: operatingSystem
+            - OperatingSystemHotfix - A property of type System.String, derived
+              from the directory attribute: operatingSystemHotfix
+            - OperatingSystemServicePack - A property of type System.String,
+              derived from the directory attribute: operatingSystemServicePack
+            - OperatingSystemVersion - A property of type System.String,
+              derived from the directory attribute: operatingSystemVersion
+            - ServiceAccount - A property of type System.String, derived from
+              the directory attribute: msDS-HostServiceAccount
+          - ADServiceAccount - Represents a managed service account; that is,
+            an Active Directory object of type msDS-ManagerdServiceAccount and
+            is derived from ADAccount. This class is not supported by AD LDS.
+            An ADServiceAccount may contain the following properties in
+            addition to those inherited from its parent.
+            - HostComputers - A property of type System.String, derived from
+              the directory attribute: msDS-HostServiceAccountBL
+          - ADUser - Represents a user (or iNetOrgPerson) and is derived from
+            ADAccount. An ADUser may contain the following properties in
+            addition to those inherited from its parent.
+            - City - A property of type System.String, derived from the
+              directory attribute: l
+            - Company - A property of type System.String, derived from the
+              directory attribute: company
+            - Country - A property of type System.String, derived from the
+              directory attribute: c
+            - Department - A property of type System.String, derived from the
+              directory attribute: department
+            - Division - A property of type System.String, derived from the
+              directory attribute: division
+            - EmailAddress - A property of type System.String, derived from the
+              directory attribute: mail
+            - EmployeeID - A property of type System.String, derived from the
+              directory attribute: employeeID
+            - EmployeeNumber - A property of type System.String, derived from
+              the directory attribute: employeeNumber
+            - Fax - A property of type System.String, derived from the
+              directory attribute: facsimileTelephoneNumber
+            - GivenName - A property of type System.String, derived from the
+              directory attribute: givenName
+            - HomeDirectory - A property of type System.String, derived from
+              the directory attribute: homeDirectory. This property is not
+              supported by AD LDS.
+            - HomeDrive - A property of type System.String, derived from the
+              directory attribute: homeDrive. This property is not supported by
+              AD LDS.
+            - HomePhone - A property of type System.String, derived from the
+              directory attribute: homePhone
+            - Initials - A property of type System.String, derived from the
+              directory attribute: initials
+            - LogonWorkstations - A property of type System.String, derived
+              from the directory attribute: userWorkstations. This property is
+              not supported by AD LDS.
+            - Manager - A property of type System.String, derived from the
+              directory attribute: manager
+            - MobilePhone - A property of type System.String, derived from the
+              directory attribute: mobile
+            - Office - A property of type System.String, derived from the
+              directory attribute: physicalDeliveryOfficeName
+            - OfficePhone - A property of type System.String, derived from the
+              directory attribute: telephoneNumber
+            - Organization - A property of type System.String, derived from the
+              directory attribute: o
+            - OtherName - A property of type System.String, derived from the
+              directory attribute: middleName
+            - POBox - A property of type System.String, derived from the
+              directory attribute: postOfficeBox
+            - PostalCode - A property of type System.String, derived from the
+              directory attribute: postalCode
+            - ProfilePath - A property of type System.String, derived from the
+              directory attribute: profilePath. This property is not supported
+              by AD LDS.
+            - ScriptPath - A property of type System.String, derived from the
+              directory attribute: scriptPath. This property is not supported
+              by AD LDS.
+            - SmartcardLogonRequired - A property of type System.Boolean,
+              derived from the directory attributes: userAccountControl,
+              msDS-User-Account-Control-Computed. This property is not
+              supported by AD LDS.
+            - State - A property of type System.String, derived from the
+              directory attribute: st
+            - StreetAddress - A property of type System.String, derived from
+              the directory attribute: streetAddress
+            - Surname - A property of type System.String, derived from the
+              directory attribute: sn
+            - Title - A property of type System.String, derived from the
+              directory attribute: title
+        - ADGroup -Represents a group and is derived from ADPrincipal. An
+          ADGroup may contain the following properties in addition to those
+          inherited from its parent.
+          - GroupCategory - A property of type
+            Microsoft.ActiveDirectory.Management.ADGroupCategory, derived from
+            the directory attribute: groupType
+          - GroupScope - A property of type
+            Microsoft.ActiveDirectory.Management.ADGroupScope, derived from the
+            directory attribute: groupType
+          - ManagedBy - A property of type System.String, derived from the
+            directory attribute: managedBy
+          - Members - A property of type System.String, derived from the
+            directory attribute: member
+  - ADDefaultDomainPasswordPolicy - Represents the domain-wide password policy
+    of an Active Directory domain and is derived from ADEntity. This class is
+    not supported by AD LDS. An ADDefaultDomainPasswordPolicy may contain the
+    following properties in addition to those inherited from its parent.
+    - ComplexityEnabled - A property of type System.Boolean, derived from the
+      directory attribute: pwdProperties
+    - DistinguishedName - A property of type System.String, derived from the
+      directory attribute: distinguishedName
+    - LockoutDuration - A property of type System.TimeSpan, derived from the
+      directory attribute: lockoutDuration
+    - LockoutObservationWindow - A property of type System.TimeSpan, derived
+      from the directory attribute: lockoutObservationWindow
+    - LockoutThreshold - A property of type System.Int32, derived from the
+      directory attribute: lockoutThreshold
+    - MaxPasswordAge - A property of type System.TimeSpan, derived from the
+      directory attribute: maxPwdAge
+    - MinPasswordAge - A property of type System.TimeSpan, derived from the
+      directory attribute: minPwdAge
+    - MinPasswordLength - A property of type System.Int32, derived from the
+      directory attribute: minPwdLength
+    - PasswordHistoryCount - A property of type System.Int32, derived from the
+      directory attribute: pwdHistoryLength
+    - ReversibleEncryptionEnabled - A property of type System.Boolean, derived
+      from the directory attribute: pwdProperties
+  - ADForest - Represents a Active Directory forest in AD DS or a Configuration
+    Set in AD LDS and is derived from ADEntity. This class is not supported by
+    AD LDS. An ADForest may contain the following properties in addition to
+    those inherited from its parent.
+    - ApplicationPartitions - A property of type System.String, derived from
+      the directory attribute: ApplicationPartitions
+    - CrossForestReferences - A property of type System.String, derived from
+      the directory attribute: CrossForestReferences
+    - DomainNamingMaster - A property of type System.String, derived from the
+      directory attribute: DomainNamingMaster
+    - Domains - A property of type System.String, derived from the directory
+      attribute: Domains
+    - ForestMode - A property of type System.Int32, derived from the directory
+      attribute: msDS-Behavior-Version
+    - GlobalCatalogs - A property of type System.String, derived from the
+      directory attribute: GlobalCatalogs
+    - Name - A property of type System.String, derived from the directory
+      attribute: name
+    - PartitionContainerName - A property of type System.String, derived from
+      the directory attribute: distinguishedName
+    - RootDomain - A property of type System.String, derived from the directory
+      attribute: RootDomain
+    - SchemaMaster - A property of type System.String, derived from the
+      directory attribute: SchemaMaster
+    - Sites - A property of type System.String, derived from the directory
+      attribute: Sites
+    - SPNSuffixes - A property of type System.String, derived from the
+      directory attribute: msDS-SPNSuffixes
+    - UPNSuffixes - A property of type System.String, derived from the
+      directory attribute: uPNSuffixes
+  - ADDirectoryServer - Represents a directory server used as either a domain
+    controller or an AD LDS instance and is derived from ADEntity. An
+    ADDirectoryServer may contain the following properties in addition to those
+    inherited from its parent.
+    - DefaultPartition - A property of type System.String, derived from the
+      directory attribute: DefaultPartition
+    - HostName - A property of type System.String, derived from the directory
+      attribute: HostName
+    - InvocationId - A property of type System.Guid, derived from the directory
+      attribute: InvocationId
+    - IPv4Address - A property of type System.String, derived from the
+      directory attribute: HostName
+    - IPv6Address - A property of type System.String, derived from the
+      directory attribute: HostName
+    - LdapPort - A property of type System.Int32, derived from the directory
+      attribute: LdapPort
+    - Name - A property of type System.String, derived from the directory
+      attribute: Name
+    - NTDSSettingsObjectDN - A property of type System.String, derived from the
+      directory attribute: NTDSSettingsObjectDN
+    - OperationMasterRoles - A property of type
+      Microsoft.ActiveDirectory.Management.ADOperationMasterRole, derived from
+      the directory attribute: OperationMasterRole
+    - Partitions - A property of type System.String, derived from the directory
+      attribute: Partitions
+    - ServerObjectDN - A property of type System.String, derived from the
+      directory attribute: ServerObjectDN
+    - ServerObjectGuid - A property of type System.Guid, derived from the
+      directory attribute: ServerObjectGuid
+    - Site - A property of type System.String, derived from the directory
+      attribute: Site
+    - SslPort - A property of type System.Int32, derived from the directory
+      attribute: SslPort
+    - ADDomainController - Represents a domain controller in AD DS and is
+      derived from ADDirectoryServer. An ADDomainController may contain the
+      following properties in addition to those inherited from its parent.
+      - ComputerObjectDN - A property of type System.String, derived from the
+        directory attribute: ComputerDN
+      - Domain - A property of type System.String, derived from the directory
+        attribute: Domain
+      - Enabled - A property of type System.Boolean, derived from the directory
+        attribute: Enabled
+      - Forest - A property of type System.String, derived from the directory
+        attribute: Forest
+      - IsGlobalCatalog - A property of type System.Boolean, derived from the
+        directory attribute: IsGlobalCatalog
+      - IsReadOnly - A property of type System.Boolean, derived from the
+        directory attribute: IsReadOnly
+      - OperatingSystem - A property of type System.String, derived from the
+        directory attribute: OSName
+      - OperatingSystemHotfix - A property of type System.String, derived from
+        the directory attribute: OSHotFix
+      - OperatingSystemServicePack - A property of type System.String, derived
+        from the directory attribute: OSServicepack
+      - OperatingSystemVersion - A property of type System.String, derived from
+        the directory attribute: OSVersion
diff --git a/docset/winserver2019-ps/activedirectory/About/About.md b/docset/winserver2019-ps/activedirectory/About/About.md
index adc76085b9..449df28850 100644
--- a/docset/winserver2019-ps/activedirectory/About/About.md
+++ b/docset/winserver2019-ps/activedirectory/About/About.md
@@ -2,7 +2,7 @@
 description: About articles for the ActiveDirectory module.
 Help Version: 3.1.0.0
 Locale: en-US
-ms.date: 04/22/2013
+ms.date: 07/03/2024
 title: About articles
 ---
 # About topics
@@ -13,5 +13,14 @@ About topics cover a range of concepts about PowerShell.
 
 ## About Topics
 
+### [about_ActiveDirectory](about_ActiveDirectory.md)
+The Active Directory module is a command line interface for managing Active Directory.
+
 ### [about_ActiveDirectory_Filter](about_ActiveDirectory_Filter.md)
 Describes the syntax and behavior of the search filter supported by the Active Directory module for Windows PowerShell.
+
+### [about_ActiveDirectory_Identity](about_ActiveDirectory_Identity.md)
+The Active Directory module for Windows PowerShell objects have a range of identifying attributes that are used for search and retrieval.
+
+### [about_ActiveDirectory_ObjectModel](about_ActiveDirectory_ObjectModel.md)
+Describes the object model of the Active Directory module for Windows PowerShell.
diff --git a/docset/winserver2019-ps/activedirectory/About/about_ActiveDirectory.md b/docset/winserver2019-ps/activedirectory/About/about_ActiveDirectory.md
new file mode 100644
index 0000000000..1b7183dcd2
--- /dev/null
+++ b/docset/winserver2019-ps/activedirectory/About/about_ActiveDirectory.md
@@ -0,0 +1,81 @@
+---
+title: about_ActiveDirectory
+ms.date: 04/22/2013
+description: The Active Directory module is a command line interface for managing Active Directory.
+Locale: en-US
+schema: 2.0.0
+---
+
+# about_ActiveDirectory
+
+## SHORT DESCRIPTION
+
+The Active Directory module is a command line interface for managing Active
+Directory.
+
+## LONG DESCRIPTION
+
+The Active Directory module for Windows PowerShell is for IT Professionals who
+are administering and interfacing with Active Directory. The Active Directory
+module provides an efficient way to complete many administrative,
+configuration, and diagnostic tasks across Active Directory Domain Services (AD
+DS) and Active Directory Lightweight Directory Services (AD LDS) instances in
+their environments. The Active Directory module includes a set of Windows
+PowerShell cmdlets and a provider. The provider exposes the Active Directory
+database through a hierarchical navigation system, which is very similar to the
+file system. As with drives in a file system, such as C:, you can connect
+Windows PowerShell drives to Active Directory domains and AD LDS, as well as
+Active Directory snapshots.
+
+### Coverage of Active Directory Module Cmdlets
+
+Create, Read, Update, and Delete actions are supported for Active Directory
+objects by cmdlets such as `New-ADUser`, `Get-ADOrganizationalUnit`,
+`Set-ADComputer`, and `Remove-ADUser`.
+
+Account and Password Policy Management are supported by cmdlets such as
+`Enable-ADAccount`, `Unlock-ADAccount`, `New-ADServiceAccount`,
+`Set-ADAccountControl`, and `Remove-ADFineGrainedPasswordPolicy`.
+
+Domain and Forest Management is supported by cmdlets such as `Get-ADForest`,
+`Set-ADForest`, `Set-ADForestMode`, `Enable-ADOptionalFeature`,
+`Get-ADDomainController`, and `Get-ADDomain`.
+
+### Listing the Active Directory Module Cmdlets
+
+To get a list of all of the Active Directory module cmdlets, run
+
+```powershell
+Get-Command -Module ActiveDirectory
+```
+
+### Getting Started
+
+Getting started with the Active Directory module for Windows PowerShell is as
+easy as clicking the following shortcut:
+
+Run the following command in any Windows PowerShell prompt to import the Active
+Directory module:
+
+```powershell
+Import-Module ActiveDirectory
+```
+
+### Overview and Conceptual Topics
+
+The first two of these topics offer a high level overview of the Active
+Directory module and the Active Directory Provider.
+
+- For a brief introduction to the Active Directory provider for Windows
+  PowerShell, see [ActiveDirectory](/powershell/module/activedirectory).
+- The following topics are conceptual support topics for the Active Directory
+  module cmdlets.
+  - For an introduction to the **Identity** parameter, which is used by the
+    Active Directory module cmdlets to identify objects in the directory, see
+    [about_ActiveDirectory_Identity](about_ActiveDirectory_Identity.md).
+  - For an introduction to the **Filter** parameter which is used by Active
+    Directory module cmdlets to search for objects in the directory, see
+    [about_ActiveDirectory_Filter](about_ActiveDirectory_Filter.md).
+  - For an introduction to the .NET Framework-based object model implemented by
+    the Active Directory module, see
+    [about_ActiveDirectory_ObjectModel](about_ActiveDirectory_ObjectModel.md).
diff --git a/docset/winserver2019-ps/activedirectory/About/about_ActiveDirectory_Identity.md b/docset/winserver2019-ps/activedirectory/About/about_ActiveDirectory_Identity.md
new file mode 100644
index 0000000000..c007277b19
--- /dev/null
+++ b/docset/winserver2019-ps/activedirectory/About/about_ActiveDirectory_Identity.md
@@ -0,0 +1,196 @@
+---
+title: about_ActiveDirectory_Identity
+ms.date: 04/22/2013
+description: This article lists the identifying attributes that are used for search and retrieval supported by the Active Directory module for Windows PowerShell.
+Locale: en-US
+schema: 2.0.0
+---
+
+# about_ActiveDirectory_Identity
+
+## SHORT DESCRIPTION
+
+The Active Directory module for Windows PowerShell objects have a range of
+identifying attributes that are used for search and retrieval.
+
+## LONG DESCRIPTION
+
+In order to identify the objects in Active Directory, each object has
+attributes that can be used as identifiers. In the Active Directory module, the
+value of the identity of an object can be passed using the Identity parameter.
+Each object type has its own set of possible types and values for use by the
+Identity parameter. See the detailed description of the Identity parameter of
+the given cmdlet for more information about its usage.
+
+When searching with the Active Directory module cmdlets, the value of the
+Identity parameter, along with the values of the Server and Partition
+parameters, is used to uniquely identify a single object. The Server parameter
+is used to locate which server to connect with. The Partition parameter further
+narrows the search to a specific partition. The Identity parameter then
+resolves to a single unique object in the partition.
+
+Note that using the Security Accounts Manager (SAM) Account Name
+(**sAMAccountName**) when targeting a global catalog port, you will not find a
+user in a different domain if you are using the Identity parameter
+
+If more than one object is found using identity resolution, the Active
+Directory module throws an error.
+
+For more information about the Server and Partition parameters, see the help
+topics for the individual cmdlets where they are used, such as `Get-ADUser`, by
+typing:
+
+```powershell
+Get-Help Get-ADUser
+```
+
+### Objects and Identities
+
+Each object has a list of attributes that can be used as an identity for that
+object. Additionally, if the object inherits from another object, then the
+parent object's identities can also be used as the child object's identities.
+For more information on the Active Directory object hierarchy, see
+[about_ActiveDirectory_ObjectModel](about_ActiveDirectory_ObjectModel.md).
+
+> [!NOTE]
+> For Active Directory Provider cmdlets, only an object's 'Distinguished Name'
+> or 'Relative Distinguished Name' can be used as the identity. For a list of
+> Active Directory Provider cmdlets, see ActiveDirectory.
+
+### Identity Attributes
+
+The following is a list of identity attributes by object type.
+
+- ADAccount
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Security Identifier (objectSid)
+  - SAM Account Name (sAMAccountName)
+
+- ADComputer
+  - Distinguished Name
+  - GUID  (objectGUID)
+  - Security Identifier (objectSid)
+  - Security Accounts Manager Account Name (sAMAccountName)
+
+- ADDirectoryServer
+  - Name of the server object (name)
+    - For AD LDS instances the syntax of a name is `<computer-name>$<instance-name>`
+    - For other Active Directory instances, use the value of the name property.
+  - Distinguished Name of the NTDS Settings object
+  - Distinguished Name of the server object that represents the directory
+    server.
+  - GUID (objectGUID) of server object under the configuration partition.
+  - GUID (objectGUID) of NTDS settings object under the configuration partition
+
+- ADDomain
+  - Distinguished Name
+  - GUID
+  - Security Identifier
+  - DNS domain name
+  - NetBIOS domain name
+
+- ADDomainController
+  - GUID (objectGUID)
+  - IPV4Address
+  - Global IPV6Address
+  - DNS Host Name (dNSHostName)
+  - Name of the server object
+  - Distinguished Name of the NTDS Settings object
+  - Distinguished Name of the server object that represents the domain controller
+  - GUID of NTDS settings object under the configuration partition
+  - GUID of server object under the configuration partition
+  - Distinguished Name of the computer object that represents the domain controller.
+
+- ADFineGrainedPasswordPolicy
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Name (name)
+
+- ADForest
+  - Fully qualified domain name
+  - DNS host name
+  - NetBIOS name
+
+- ADGroup
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Security Identifier (objectSid)
+  - Security Accounts Manager (SAM) Account Name (sAMAccountName)
+
+- ADObject
+  - Distinguished Name
+  - GUID (objectGUID)
+
+- ADOptionalFeature
+  - Distinguished Name
+  - Name (name)
+  - Feature GUID (featureGUID)
+  - GUID (objectGUID)
+
+- ADOrganizationalUnit
+  - Distinguished Name
+  - GUID (objectGUID)
+
+- ADPrincipal
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Security Identifier (objectSid)
+  - SAM Account Name (sAMAccountName)
+
+- ADServiceAccount
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Security Identifier (objectSid)
+  - SAM Account Name (sAMAccountName)
+
+- ADUser
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Security Identifier (objectSid)
+  - SAM User Name (sAMUserName)
+
+
+### Identities Formats
+
+Active Directory module objects have a range of identity attributes. Below is a
+list of these, their types and formats.
+
+- Distinguished Name
+  - Example: CN=SaraDavis,CN=Europe,CN=Users, DC=corp,DC=contoso,DC=com
+
+- DNS domain name
+  - Example: redmond.corp.contoso.com
+
+- DNS Host Name (dNSHostName)
+  - Example: corp-DC01.corp.contoso.com
+
+- Feature GUID (featureGUID)
+  - Example: 599c3d2e-f72d-4d20-8a88-030d99495f20
+
+- Fully qualified domain name
+  - Example: corp.contoso.com
+
+- Global IPV6Address
+  - Example: 2001:4898:0:fff:200:5efe:157.59.132.61
+
+- GUID (objectGUID)
+  - Example: 599c3d2e-f72d-4d20-8a88-030d99495f20
+
+- IPV4Address
+  - Example:157.59.132.61
+
+- NetBIOS domain name
+  - Example: redmond
+
+- Name of the server object
+  - Example: corp-DC01$
+
+- SAM Account Name (sAMAccountName)
+  - Example: saradavisreports
+
+- Security Identifier (objectSid)
+  - Example: S-1-5-21-3165297888-301567370-576410423-1103
+
+- Name
+  - Example: Recycle Bin Feature
diff --git a/docset/winserver2019-ps/activedirectory/About/about_ActiveDirectory_ObjectModel.md b/docset/winserver2019-ps/activedirectory/About/about_ActiveDirectory_ObjectModel.md
new file mode 100644
index 0000000000..8535a97464
--- /dev/null
+++ b/docset/winserver2019-ps/activedirectory/About/about_ActiveDirectory_ObjectModel.md
@@ -0,0 +1,595 @@
+---
+title: about_ActiveDirectory_ObjectModel
+ms.date: 04/22/2013
+description: Describes the object model of the Active Directory module for Windows PowerShell.
+Locale: en-US
+schema: 2.0.0
+---
+
+# about_ActiveDirectory_ObjectModel
+
+## SHORT DESCRIPTION
+Describes the object model of the Active Directory module for Windows
+PowerShell.
+
+## LONG DESCRIPTION
+
+This topic explains the Active Directory module classes and their properties
+used to model actual Active Directory attributes. It also outlines the class
+hierarchy constructed from its Active Directory counterpart. The object model
+establishes a data foundation for all the operations supported by Active
+Directory module cmdlets.
+
+### Class Hierarchy
+
+The following list shows the class hierarchy defined in the Active Directory
+module object model, with class inheritance implied by indentation. This
+inheritance model allows for Active Directory cmdlets to accept a range of
+object types as input. This means, for example, that the cmdlet
+Get-ADPrincipalGroupMembership can accept as input any of the following
+objects: ADGroup, ADAccount, ADComputer, ADServiceAccount or ADUser. This works
+because of the inheritance model and guarantees that an ADUser object has all
+of the properties of an ADPrincipal object.
+
+```
+ADEntity
+  ADRootDSE
+  ADObject
+    ADFineGrainedPasswordPolicy
+    ADOptionalFeature
+    ADOrganizationalUnit
+    ADPartition
+      ADDomain
+    ADPrincipal
+      ADAccount
+        ADComputer
+        ADServiceAccount
+        ADUser
+      ADGroup
+  ADDefaultDomainPasswordPolicy
+  ADForest
+  ADDirectoryServer
+    ADDomainController
+```
+
+### Active Directory Module Classes
+
+The following listing shows every Active Directory module class from the class
+hierarchy listing. Each class defines a set of properties, some of which are
+LDAP attributes that are retrieved by default and some are new properties
+created specifically for the Active Directory module. These new properties are
+derived from one or more LDAP attributes as outlined in the class listings.
+
+
+- ADEntity - The base level class from which all other classes are derived.
+  - ADRootDSE - Represents the rootDSE and is derived from ADEntity. An
+    ADRootDSE may contain the following properties in addition to those
+    inherited from its parent.
+    - ConfigurationNamingContext - A property of type System.String, derived
+      from the directory attribute ConfigurationNamingContext
+    - CurrentTime - A property of type System.DateTime, derived from the
+      directory attribute CurrentTime
+    - DefaultNamingContext - A property of type System.String, derived from the
+      directory attribute DefaultNamingContext
+    - DnsHostName - A property of type System.String, derived from the
+      directory attribute DnsHostName
+    - DomainControllerFunctionality - A property of type
+      ADDomainControllerMode, derived from the directory attribute
+      DomainControllerFunctionality
+    - DomainFunctionality - A property of type ADDomainMode, derived from the
+      directory attribute DomainFunctionality
+    - DsServiceName - A property of type System.String, derived from the
+      directory attribute DsServiceName
+    - ForestFunctionality - A property of type ADForestMode, derived from the
+      directory attribute ForestFunctionality
+    - GlobalCatalogReady - A property of type System.Boolean, derived from the
+      directory attribute GlobalCatalogReady
+    - HighestCommittedUSN - A property of type System.Long, derived from the
+      directory attribute HighestCommittedUSN
+    - LdapServiceName - A property of type System.String, derived from the
+      directory attribute LdapServiceName
+    - NamingContexts - A property of type System.String, derived from the
+      directory attribute NamingContexts
+    - RootDomainNamingContext - A property of type System.String, derived from
+      the directory attribute RootDomainNamingContext
+    - SchemaNamingContext - A property of type System.String, derived from the
+      directory attribute SchemaNamingContext
+    - ServerName - A property of type System.String, derived from the directory
+      attribute ServerName
+    - SubschemaSubentry - A property of type ADObject, derived from the
+      directory attribute SubschemaSubentry
+    - SupportedCapabilities - A property of type ADObjectIdentifier, derived
+      from the directory attribute SupportedCapabilities
+    - SupportedControl - A property of type ADObjectIdentifier, derived from
+      the directory attribute SupportedControl
+    - SupportedLDAPPolicies - A property of type System.String, derived from
+      the directory attribute SupportedLDAPPolicies
+    - SupportedLDAPVersion - A property of type System.Int, derived from the
+      directory attribute SupportedLDAPVersion
+    - SupportedRootDSEOperations - A property of type
+      ADPropertyValueCollection, derived from the directory attribute
+      SupportedRootDSEOperations
+    - SupportedSASLMechanisms - A property of type System.String, derived from
+      the directory attribute SupportedSASLMechanisms
+    - Syncronized - A property of type System.Boolean, derived from the
+      directory attribute IsSynchronized.
+  - ADObject - Represents any object in Active Directory and is derived from
+    ADEntity. An ADObject may contain the following properties in addition to
+    those inherited from its parent.
+    - CanonicalName - A property of type System.String, derived from the
+      directory attribute: canonicalName
+    - CN - A property of type System.String, derived from the directory
+      attribute: cn
+    - Created - A property of type System.DateTime, derived from the directory
+      attribute: createTimeStamp
+    - Deleted - A property of type System.Boolean, derived from the directory
+      attribute: isDeleted
+    - Description - A property of type System.String, derived from the
+      directory attribute: description
+    - DisplayName - A property of type System.String, derived from the
+      directory attribute: displayName
+    - DistinguishedName - A property of type System.String, derived from the
+      directory attribute: distinguishedName
+    - LastKnownParent - A property of type System.String, derived from the
+      directory attribute: lastKnownParent
+    - Modified - A property of type System.DateTime, derived from the directory
+      attribute: modifyTimeStamp
+    - Name - A property of type System.String, derived from the directory
+      attribute: name
+    - ObjectCategory - A property of type System.String, derived from the
+      directory attribute: objectCategory
+    - ObjectClass - A property of type System.String, derived from the
+      directory attribute: objectClass
+    - ObjectGUID - A property of type System.Guid, derived from the directory
+      attribute: objectGUID
+    - ProtectedFromAccidentalDeletion - A property of type System.Boolean,
+      derived from the directory attributes: nTSecurityDescriptor,
+      sdRightsEffective, instanceType, isDeleted
+    - ADFineGrainedPasswordPolicy Represents a fine grained password policy
+      object; that is, an AD object of type msDS-PasswordSettings in AD DS and
+      is derived from ADObject. This class is not supported by AD LDS. An
+      ADFineGrainedPasswordPolicy may contain the following properties in
+      addition to those inherited from its parent.
+      - AppliesTo - A property of type System.String, derived from the
+        directory attribute: msDS-PSOAppliesTo
+      - ComplexityEnabled - A property of type System.Boolean, derived from the
+        directory attribute: msDS-PasswordComplexityEnabled
+      - LockoutDuration - A property of type System.TimeSpan, derived from the
+        directory attribute: msDS-LockoutDuration
+      - LockoutObservationWindow - A property of type System.TimeSpan, derived
+        from the directory attribute: msDS-LockoutObservationWindow
+      - LockoutThreshold - A property of type System.Int32, derived from the
+        directory attribute: msDS-LockoutThreshold
+      - MaxPasswordAge - A property of type System.TimeSpan, derived from the
+        directory attribute: msDS-MaximumPasswordAge
+      - MinPasswordAge - A property of type System.TimeSpan, derived from the
+        directory attribute: msDS-MinimumPasswordAge
+      - MinPasswordLength - A property of type System.Int32, derived from the
+        directory attribute: msDS-MinimumPasswordLength
+      - PasswordHistoryCount - A property of type System.Int32, derived from
+        the directory attribute: msDS-PasswordHistoryLength
+      - Precedence - A property of type System.Int32, derived from the
+        directory attribute: msDS-PasswordSettingsPrecedence
+      - ReversibleEncryptionEnabled - A property of type System.Boolean,
+        derived from the directory attribute:
+        msDS-PasswordReversibleEncryptionEnabled
+    - ADOptionalFeature Represents an optional feature, an Active Directory
+      object of type msDS-OptionalFeature, and is derived from ADObject. An
+      ADOptionalFeaturemay contain the following properties in addition to
+      those inherited from its parent.
+      - EnabledScopes - A property of type System.String, derived from the
+        directory attribute: msDS-EnabledFeatureBL
+      - FeatureGUID - A property of type System.Guid, derived from the
+        directory attribute: msDS-OptionalFeatureGUID
+      - FeatureScope - A property of type System.Int32, derived from the
+        directory attribute: msDS-OptionalFeatureFlags
+      - IsDisableable - A property of type System.Boolean, derived from the
+        directory attribute: msDS-OptionalFeatureFlags
+      - RequiredDomainMode - A property of type
+        Microsoft.ActiveDirectory.Management.ADDomainMode, derived from the
+        directory attribute: msDS-RequiredDomainBehaviorVersion
+      - RequiredForestMode - A property of type
+        Microsoft.ActiveDirectory.Management.ADForestMode, derived from the
+        directory attribute: msDS-RequiredForestBehaviorVersion
+    - ADOrganizationalUnit Represents an organizationalUnit (OU) object and is
+      derived from ADObject. An ADOrganizationalUnit may contain the following
+      properties in addition to those inherited from its parent.
+      - City - A property of type System.String, derived from the directory
+        attribute: l
+      - Country - A property of type System.String, derived from the directory
+        attribute: c
+      - LinkedGroupPolicyObjects - A property of type System.String, derived
+        from the directory attribute: gpLink. This property is not supported on
+        AD LDS.
+      - ManagedBy - A property of type System.String, derived from the
+        directory attribute: managedBy
+      - PostalCode - A property of type System.String, derived from the
+        directory attribute: postalCode
+      - State - A property of type System.String, derived from the directory
+        attribute: st
+      - StreetAddress - A property of type System.String, derived from the
+        directory attribute: street
+    - ADPartition - Represents a naming context, Configuration, Schema, Domain
+      or Application Partition(ND NC) and is derived from ADObject. This class
+      is not supported by AD LDS. An ADPartition may contain the following
+      properties in addition to those inherited from its parent.
+      - DeletedObjectsContainer - A property of type System.String, derived
+        from the directory attribute: DeletedObjectsContainer
+      - DNSRoot - A property of type System.String, derived from the directory
+        attribute: DNSRoot
+      - LostAndFoundContainer - A property of type System.String, derived from
+        the directory attribute: LostAndFoundContainer
+      - QuotasContainer - A property of type System.String, derived from the
+        directory attribute: QuotasContainer
+      - ReadOnlyReplicaDirectoryServers - A property of type System.String,
+        derived from the directory attribute: ReadOnlyReplicaDirectoryServers
+      - ReplicaDirectoryServers - A property of type System.String, derived
+        from the directory attribute: ReplicaDirectoryServers
+      - SubordinateReferences - A property of type System.String, derived from
+        the directory attribute: SubordinateReferences
+      - ADDomain - Represents a domain in AD DS or an instance in AD LDS; for
+        example, an Active Directory object of type domainDNS and is derived
+        from ADPartition. This class is not supported by AD LDS. An ADDomain
+        may contain the following properties in addition to those inherited
+        from its parent.
+        - AllowedDNSSuffixes - A property of type System.String, derived from
+          the directory attribute: msDS-AllowedDNSSuffixes
+        - ChildDomains - A property of type System.String, derived from the
+          directory attribute: ChildDomains
+        - ComputersContainer - A property of type System.String, derived from
+          the directory attribute: ComputersContainer
+        - DomainControllersContainer - A property of type System.String,
+          derived from the directory attribute: DomainControllersContainer
+        - DomainMode - A property of type System.Int32, derived from the
+          directory attribute: msDS-Behavior-Version
+        - DomainSID - A property of type
+          System.Security.Principal.SecurityIdentifier, derived from the
+          directory attribute: objectSid
+        - ForeignSecurityPrincipalsContainer - A property of type
+          System.String, derived from the directory attribute:
+          ForeignSecurityPrincipalsContainer
+        - Forest - A property of type System.String, derived from the directory
+          attribute: Forest
+        - InfrastructureMaster - A property of type System.String, derived from
+          the directory attribute: InfrastructureMaster
+        - LastLogonReplicationInterval - A property of type System.TimeSpan,
+          derived from the directory attribute: msDS-LogonTimeSyncInterval
+        - LinkedGroupPolicyObjects - A property of type System.String, derived
+          from the directory attribute: LinkedGroupPolicyObjects
+        - ManagedBy - A property of type System.String, derived from the
+          directory attribute: managedBy
+        - NetBIOSName - A property of type System.String, derived from the
+          directory attribute: NetBIOSName
+        - ParentDomain - A property of type System.String, derived from the
+          directory attribute: ParentDomain
+        - PDCEmulator - A property of type System.String, derived from the
+          directory attribute: PDCEmulator
+        - RIDMaster - A property of type System.String, derived from the
+          directory attribute: RIDMaster
+        - SystemsContainer - A property of type System.String, derived from the
+          directory attribute: SystemsContainer
+        - UsersContainer - A property of type System.String, derived from the
+          directory attribute: UsersContainer
+      - ADPrincipal - Represents a security principal, which is an Active
+        Directory object of type user, computer, group or iNetOrgPerson and is
+        derived from ADObject. An ADPrincipal may contain the following
+        properties in addition to those inherited from its parent.
+        - HomePage - A property of type System.String, derived from the
+          directory attribute: wWWHomePage
+        - MemberOf - A property of type System.String, derived from the
+          directory attribute: memberOf
+        - SamAccountName - A property of type System.String, derived from the
+          directory attribute: sAMAccountName. This property is not supported
+          for AD LDS.
+        - SID - A property of type
+          System.Security.Principal.SecurityIdentifier, derived from the
+          directory attribute: objectSid
+        - SIDHistory - A property of type
+          System.Security.Principal.SecurityIdentifier, derived from the
+          directory attribute: sIDHistory. This property is not supported for
+          AD LDS.
+        - ADAccount - Represents a security account; that is, an Active
+          Directory object of type user, computer or iNetOrgPerson and is
+          derived from ADPrincipal. An ADAccount may contain the following
+          properties in addition to those inherited from its parent.
+          - AccountExpirationDate - A property of type System.DateTime, derived
+            from the directory attribute: accountExpires
+          - AccountLockoutTime - A property of type System.DateTime, derived
+            from the directory attribute: lockoutTime
+          - AccountNotDelegated - A property of type System.Boolean, derived
+            from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - AllowReversiblePasswordEncryption - A property of type
+            System.Boolean, for AD DS it is derived from the directory
+            attribute: userAccountControl; for AD LDS it is derived from the
+            directory attribute: ms-DS-UserEncryptedTextPasswordAllowed
+          - BadLogonCount - A property of type System.Int32, derived from the
+            directory attribute: badPwdCount
+          - CannotChangePassword - A property of type System.Boolean, derived
+            from the directory attribute: nTSecurityDescriptor
+          - Certificates - A property of type
+            System.Security.Cryptography.X509Certificates.X509Certificate,
+            derived from the directory attribute: userCertificate
+          - DoesNotRequirePreAuth - A property of type System.Boolean, derived
+            from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - Enabled - A property of type System.Boolean, for AD DS it is
+            derived from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed; for AD LDS it is derived from
+            the directory attribute msDS-UserAccountDisabled
+          - HomedirRequired - A property of type System.Boolean, derived from
+            the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - LastBadPasswordAttempt - A property of type System.DateTime,
+            derived from the directory attribute: badPasswordTime
+          - LastLogonDate - A property of type System.DateTime, derived from
+            the directory attribute: lastLogonTimestamp
+          - LockedOut - A property of type System.Boolean, for AD DS it is
+            derived from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed, lockoutTime; for AD LDS it is
+            derived from the directory attribute msDS-UserAccountDisabled
+          - MNSLogonAccount - A property of type System.Boolean, derived from
+            the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - PasswordExpired - A property of type System.Boolean, for AD DS it
+            is derived from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed; for AD LDS it is derived from
+            the directory attribute msDS-UserPasswordExpired
+          - PasswordLastSet - A property of type System.DateTime, derived from
+            the directory attribute: pwdLastSet
+          - PasswordNeverExpires - A property of type System.Boolean, for AD
+            LDS it is derived from the directory attributes:
+            userAccountControl, msDS-User-Account-Control-Computed; for AD LDS
+            it is derived from the directory attribute:
+            msDS-UserDontExpirePassword
+          - PasswordNotRequired - A property of type System.Boolean, for AD DS
+            it is derived from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed; for AD LDS it is derived from
+            the directory attribute: ms-DS-UserPasswordNotRequired
+          - PrimaryGroup - A property of type System.String, derived from the
+            directory attributes: primaryGroupID, objectSid. This property is
+            not supported by AD LDS.
+          - ServicePrincipalNames - A property of type System.String, derived
+            from the directory attribute: servicePrincipalName. This property
+            is not supported by AD LDS.
+          - TrustedForDelegation - A property of type System.Boolean, derived
+            from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - TrustedToAuthForDelegation - A property of type System.Boolean,
+            derived from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - UseDESKeyOnly - A property of type System.Boolean, derived from the
+            directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - UserPrincipalName - A property of type System.String, derived from
+            the directory attribute: userPrincipalName
+          - ADComputer - Represents a computer and is derived from ADAccount.
+            An ADComputer may contain the following properties in addition to
+            those inherited from its parent.
+            - DNSHostName - A property of type System.String, derived from the
+              directory attribute: dNSHostName
+            - IPv4Address - A property of type System.String, derived from the
+              directory attribute: dNSHostName
+            - IPv6Address - A property of type System.String, derived from the
+              directory attribute: dNSHostName
+            - Location - A property of type System.String, derived from the
+              directory attribute: location
+            - ManagedBy - A property of type System.String, derived from the
+              directory attribute: managedBy
+            - OperatingSystem - A property of type System.String, derived from
+              the directory attribute: operatingSystem
+            - OperatingSystemHotfix - A property of type System.String, derived
+              from the directory attribute: operatingSystemHotfix
+            - OperatingSystemServicePack - A property of type System.String,
+              derived from the directory attribute: operatingSystemServicePack
+            - OperatingSystemVersion - A property of type System.String,
+              derived from the directory attribute: operatingSystemVersion
+            - ServiceAccount - A property of type System.String, derived from
+              the directory attribute: msDS-HostServiceAccount
+          - ADServiceAccount - Represents a managed service account; that is,
+            an Active Directory object of type msDS-ManagerdServiceAccount and
+            is derived from ADAccount. This class is not supported by AD LDS.
+            An ADServiceAccount may contain the following properties in
+            addition to those inherited from its parent.
+            - HostComputers - A property of type System.String, derived from
+              the directory attribute: msDS-HostServiceAccountBL
+          - ADUser - Represents a user (or iNetOrgPerson) and is derived from
+            ADAccount. An ADUser may contain the following properties in
+            addition to those inherited from its parent.
+            - City - A property of type System.String, derived from the
+              directory attribute: l
+            - Company - A property of type System.String, derived from the
+              directory attribute: company
+            - Country - A property of type System.String, derived from the
+              directory attribute: c
+            - Department - A property of type System.String, derived from the
+              directory attribute: department
+            - Division - A property of type System.String, derived from the
+              directory attribute: division
+            - EmailAddress - A property of type System.String, derived from the
+              directory attribute: mail
+            - EmployeeID - A property of type System.String, derived from the
+              directory attribute: employeeID
+            - EmployeeNumber - A property of type System.String, derived from
+              the directory attribute: employeeNumber
+            - Fax - A property of type System.String, derived from the
+              directory attribute: facsimileTelephoneNumber
+            - GivenName - A property of type System.String, derived from the
+              directory attribute: givenName
+            - HomeDirectory - A property of type System.String, derived from
+              the directory attribute: homeDirectory. This property is not
+              supported by AD LDS.
+            - HomeDrive - A property of type System.String, derived from the
+              directory attribute: homeDrive. This property is not supported by
+              AD LDS.
+            - HomePhone - A property of type System.String, derived from the
+              directory attribute: homePhone
+            - Initials - A property of type System.String, derived from the
+              directory attribute: initials
+            - LogonWorkstations - A property of type System.String, derived
+              from the directory attribute: userWorkstations. This property is
+              not supported by AD LDS.
+            - Manager - A property of type System.String, derived from the
+              directory attribute: manager
+            - MobilePhone - A property of type System.String, derived from the
+              directory attribute: mobile
+            - Office - A property of type System.String, derived from the
+              directory attribute: physicalDeliveryOfficeName
+            - OfficePhone - A property of type System.String, derived from the
+              directory attribute: telephoneNumber
+            - Organization - A property of type System.String, derived from the
+              directory attribute: o
+            - OtherName - A property of type System.String, derived from the
+              directory attribute: middleName
+            - POBox - A property of type System.String, derived from the
+              directory attribute: postOfficeBox
+            - PostalCode - A property of type System.String, derived from the
+              directory attribute: postalCode
+            - ProfilePath - A property of type System.String, derived from the
+              directory attribute: profilePath. This property is not supported
+              by AD LDS.
+            - ScriptPath - A property of type System.String, derived from the
+              directory attribute: scriptPath. This property is not supported
+              by AD LDS.
+            - SmartcardLogonRequired - A property of type System.Boolean,
+              derived from the directory attributes: userAccountControl,
+              msDS-User-Account-Control-Computed. This property is not
+              supported by AD LDS.
+            - State - A property of type System.String, derived from the
+              directory attribute: st
+            - StreetAddress - A property of type System.String, derived from
+              the directory attribute: streetAddress
+            - Surname - A property of type System.String, derived from the
+              directory attribute: sn
+            - Title - A property of type System.String, derived from the
+              directory attribute: title
+        - ADGroup -Represents a group and is derived from ADPrincipal. An
+          ADGroup may contain the following properties in addition to those
+          inherited from its parent.
+          - GroupCategory - A property of type
+            Microsoft.ActiveDirectory.Management.ADGroupCategory, derived from
+            the directory attribute: groupType
+          - GroupScope - A property of type
+            Microsoft.ActiveDirectory.Management.ADGroupScope, derived from the
+            directory attribute: groupType
+          - ManagedBy - A property of type System.String, derived from the
+            directory attribute: managedBy
+          - Members - A property of type System.String, derived from the
+            directory attribute: member
+  - ADDefaultDomainPasswordPolicy - Represents the domain-wide password policy
+    of an Active Directory domain and is derived from ADEntity. This class is
+    not supported by AD LDS. An ADDefaultDomainPasswordPolicy may contain the
+    following properties in addition to those inherited from its parent.
+    - ComplexityEnabled - A property of type System.Boolean, derived from the
+      directory attribute: pwdProperties
+    - DistinguishedName - A property of type System.String, derived from the
+      directory attribute: distinguishedName
+    - LockoutDuration - A property of type System.TimeSpan, derived from the
+      directory attribute: lockoutDuration
+    - LockoutObservationWindow - A property of type System.TimeSpan, derived
+      from the directory attribute: lockoutObservationWindow
+    - LockoutThreshold - A property of type System.Int32, derived from the
+      directory attribute: lockoutThreshold
+    - MaxPasswordAge - A property of type System.TimeSpan, derived from the
+      directory attribute: maxPwdAge
+    - MinPasswordAge - A property of type System.TimeSpan, derived from the
+      directory attribute: minPwdAge
+    - MinPasswordLength - A property of type System.Int32, derived from the
+      directory attribute: minPwdLength
+    - PasswordHistoryCount - A property of type System.Int32, derived from the
+      directory attribute: pwdHistoryLength
+    - ReversibleEncryptionEnabled - A property of type System.Boolean, derived
+      from the directory attribute: pwdProperties
+  - ADForest - Represents a Active Directory forest in AD DS or a Configuration
+    Set in AD LDS and is derived from ADEntity. This class is not supported by
+    AD LDS. An ADForest may contain the following properties in addition to
+    those inherited from its parent.
+    - ApplicationPartitions - A property of type System.String, derived from
+      the directory attribute: ApplicationPartitions
+    - CrossForestReferences - A property of type System.String, derived from
+      the directory attribute: CrossForestReferences
+    - DomainNamingMaster - A property of type System.String, derived from the
+      directory attribute: DomainNamingMaster
+    - Domains - A property of type System.String, derived from the directory
+      attribute: Domains
+    - ForestMode - A property of type System.Int32, derived from the directory
+      attribute: msDS-Behavior-Version
+    - GlobalCatalogs - A property of type System.String, derived from the
+      directory attribute: GlobalCatalogs
+    - Name - A property of type System.String, derived from the directory
+      attribute: name
+    - PartitionContainerName - A property of type System.String, derived from
+      the directory attribute: distinguishedName
+    - RootDomain - A property of type System.String, derived from the directory
+      attribute: RootDomain
+    - SchemaMaster - A property of type System.String, derived from the
+      directory attribute: SchemaMaster
+    - Sites - A property of type System.String, derived from the directory
+      attribute: Sites
+    - SPNSuffixes - A property of type System.String, derived from the
+      directory attribute: msDS-SPNSuffixes
+    - UPNSuffixes - A property of type System.String, derived from the
+      directory attribute: uPNSuffixes
+  - ADDirectoryServer - Represents a directory server used as either a domain
+    controller or an AD LDS instance and is derived from ADEntity. An
+    ADDirectoryServer may contain the following properties in addition to those
+    inherited from its parent.
+    - DefaultPartition - A property of type System.String, derived from the
+      directory attribute: DefaultPartition
+    - HostName - A property of type System.String, derived from the directory
+      attribute: HostName
+    - InvocationId - A property of type System.Guid, derived from the directory
+      attribute: InvocationId
+    - IPv4Address - A property of type System.String, derived from the
+      directory attribute: HostName
+    - IPv6Address - A property of type System.String, derived from the
+      directory attribute: HostName
+    - LdapPort - A property of type System.Int32, derived from the directory
+      attribute: LdapPort
+    - Name - A property of type System.String, derived from the directory
+      attribute: Name
+    - NTDSSettingsObjectDN - A property of type System.String, derived from the
+      directory attribute: NTDSSettingsObjectDN
+    - OperationMasterRoles - A property of type
+      Microsoft.ActiveDirectory.Management.ADOperationMasterRole, derived from
+      the directory attribute: OperationMasterRole
+    - Partitions - A property of type System.String, derived from the directory
+      attribute: Partitions
+    - ServerObjectDN - A property of type System.String, derived from the
+      directory attribute: ServerObjectDN
+    - ServerObjectGuid - A property of type System.Guid, derived from the
+      directory attribute: ServerObjectGuid
+    - Site - A property of type System.String, derived from the directory
+      attribute: Site
+    - SslPort - A property of type System.Int32, derived from the directory
+      attribute: SslPort
+    - ADDomainController - Represents a domain controller in AD DS and is
+      derived from ADDirectoryServer. An ADDomainController may contain the
+      following properties in addition to those inherited from its parent.
+      - ComputerObjectDN - A property of type System.String, derived from the
+        directory attribute: ComputerDN
+      - Domain - A property of type System.String, derived from the directory
+        attribute: Domain
+      - Enabled - A property of type System.Boolean, derived from the directory
+        attribute: Enabled
+      - Forest - A property of type System.String, derived from the directory
+        attribute: Forest
+      - IsGlobalCatalog - A property of type System.Boolean, derived from the
+        directory attribute: IsGlobalCatalog
+      - IsReadOnly - A property of type System.Boolean, derived from the
+        directory attribute: IsReadOnly
+      - OperatingSystem - A property of type System.String, derived from the
+        directory attribute: OSName
+      - OperatingSystemHotfix - A property of type System.String, derived from
+        the directory attribute: OSHotFix
+      - OperatingSystemServicePack - A property of type System.String, derived
+        from the directory attribute: OSServicepack
+      - OperatingSystemVersion - A property of type System.String, derived from
+        the directory attribute: OSVersion
diff --git a/docset/winserver2022-ps/activedirectory/About/About.md b/docset/winserver2022-ps/activedirectory/About/About.md
index adc76085b9..449df28850 100644
--- a/docset/winserver2022-ps/activedirectory/About/About.md
+++ b/docset/winserver2022-ps/activedirectory/About/About.md
@@ -2,7 +2,7 @@
 description: About articles for the ActiveDirectory module.
 Help Version: 3.1.0.0
 Locale: en-US
-ms.date: 04/22/2013
+ms.date: 07/03/2024
 title: About articles
 ---
 # About topics
@@ -13,5 +13,14 @@ About topics cover a range of concepts about PowerShell.
 
 ## About Topics
 
+### [about_ActiveDirectory](about_ActiveDirectory.md)
+The Active Directory module is a command line interface for managing Active Directory.
+
 ### [about_ActiveDirectory_Filter](about_ActiveDirectory_Filter.md)
 Describes the syntax and behavior of the search filter supported by the Active Directory module for Windows PowerShell.
+
+### [about_ActiveDirectory_Identity](about_ActiveDirectory_Identity.md)
+The Active Directory module for Windows PowerShell objects have a range of identifying attributes that are used for search and retrieval.
+
+### [about_ActiveDirectory_ObjectModel](about_ActiveDirectory_ObjectModel.md)
+Describes the object model of the Active Directory module for Windows PowerShell.
diff --git a/docset/winserver2022-ps/activedirectory/About/about_ActiveDirectory.md b/docset/winserver2022-ps/activedirectory/About/about_ActiveDirectory.md
new file mode 100644
index 0000000000..1b7183dcd2
--- /dev/null
+++ b/docset/winserver2022-ps/activedirectory/About/about_ActiveDirectory.md
@@ -0,0 +1,81 @@
+---
+title: about_ActiveDirectory
+ms.date: 04/22/2013
+description: The Active Directory module is a command line interface for managing Active Directory.
+Locale: en-US
+schema: 2.0.0
+---
+
+# about_ActiveDirectory
+
+## SHORT DESCRIPTION
+
+The Active Directory module is a command line interface for managing Active
+Directory.
+
+## LONG DESCRIPTION
+
+The Active Directory module for Windows PowerShell is for IT Professionals who
+are administering and interfacing with Active Directory. The Active Directory
+module provides an efficient way to complete many administrative,
+configuration, and diagnostic tasks across Active Directory Domain Services (AD
+DS) and Active Directory Lightweight Directory Services (AD LDS) instances in
+their environments. The Active Directory module includes a set of Windows
+PowerShell cmdlets and a provider. The provider exposes the Active Directory
+database through a hierarchical navigation system, which is very similar to the
+file system. As with drives in a file system, such as C:, you can connect
+Windows PowerShell drives to Active Directory domains and AD LDS, as well as
+Active Directory snapshots.
+
+### Coverage of Active Directory Module Cmdlets
+
+Create, Read, Update, and Delete actions are supported for Active Directory
+objects by cmdlets such as `New-ADUser`, `Get-ADOrganizationalUnit`,
+`Set-ADComputer`, and `Remove-ADUser`.
+
+Account and Password Policy Management are supported by cmdlets such as
+`Enable-ADAccount`, `Unlock-ADAccount`, `New-ADServiceAccount`,
+`Set-ADAccountControl`, and `Remove-ADFineGrainedPasswordPolicy`.
+
+Domain and Forest Management is supported by cmdlets such as `Get-ADForest`,
+`Set-ADForest`, `Set-ADForestMode`, `Enable-ADOptionalFeature`,
+`Get-ADDomainController`, and `Get-ADDomain`.
+
+### Listing the Active Directory Module Cmdlets
+
+To get a list of all of the Active Directory module cmdlets, run
+
+```powershell
+Get-Command -Module ActiveDirectory
+```
+
+### Getting Started
+
+Getting started with the Active Directory module for Windows PowerShell is as
+easy as clicking the following shortcut:
+
+Run the following command in any Windows PowerShell prompt to import the Active
+Directory module:
+
+```powershell
+Import-Module ActiveDirectory
+```
+
+### Overview and Conceptual Topics
+
+The first two of these topics offer a high level overview of the Active
+Directory module and the Active Directory Provider.
+
+- For a brief introduction to the Active Directory provider for Windows
+  PowerShell, see [ActiveDirectory](/powershell/module/activedirectory).
+- The following topics are conceptual support topics for the Active Directory
+  module cmdlets.
+  - For an introduction to the **Identity** parameter, which is used by the
+    Active Directory module cmdlets to identify objects in the directory, see
+    [about_ActiveDirectory_Identity](about_ActiveDirectory_Identity.md).
+  - For an introduction to the **Filter** parameter which is used by Active
+    Directory module cmdlets to search for objects in the directory, see
+    [about_ActiveDirectory_Filter](about_ActiveDirectory_Filter.md).
+  - For an introduction to the .NET Framework-based object model implemented by
+    the Active Directory module, see
+    [about_ActiveDirectory_ObjectModel](about_ActiveDirectory_ObjectModel.md).
diff --git a/docset/winserver2022-ps/activedirectory/About/about_ActiveDirectory_Identity.md b/docset/winserver2022-ps/activedirectory/About/about_ActiveDirectory_Identity.md
new file mode 100644
index 0000000000..c007277b19
--- /dev/null
+++ b/docset/winserver2022-ps/activedirectory/About/about_ActiveDirectory_Identity.md
@@ -0,0 +1,196 @@
+---
+title: about_ActiveDirectory_Identity
+ms.date: 04/22/2013
+description: This article lists the identifying attributes that are used for search and retrieval supported by the Active Directory module for Windows PowerShell.
+Locale: en-US
+schema: 2.0.0
+---
+
+# about_ActiveDirectory_Identity
+
+## SHORT DESCRIPTION
+
+The Active Directory module for Windows PowerShell objects have a range of
+identifying attributes that are used for search and retrieval.
+
+## LONG DESCRIPTION
+
+In order to identify the objects in Active Directory, each object has
+attributes that can be used as identifiers. In the Active Directory module, the
+value of the identity of an object can be passed using the Identity parameter.
+Each object type has its own set of possible types and values for use by the
+Identity parameter. See the detailed description of the Identity parameter of
+the given cmdlet for more information about its usage.
+
+When searching with the Active Directory module cmdlets, the value of the
+Identity parameter, along with the values of the Server and Partition
+parameters, is used to uniquely identify a single object. The Server parameter
+is used to locate which server to connect with. The Partition parameter further
+narrows the search to a specific partition. The Identity parameter then
+resolves to a single unique object in the partition.
+
+Note that using the Security Accounts Manager (SAM) Account Name
+(**sAMAccountName**) when targeting a global catalog port, you will not find a
+user in a different domain if you are using the Identity parameter
+
+If more than one object is found using identity resolution, the Active
+Directory module throws an error.
+
+For more information about the Server and Partition parameters, see the help
+topics for the individual cmdlets where they are used, such as `Get-ADUser`, by
+typing:
+
+```powershell
+Get-Help Get-ADUser
+```
+
+### Objects and Identities
+
+Each object has a list of attributes that can be used as an identity for that
+object. Additionally, if the object inherits from another object, then the
+parent object's identities can also be used as the child object's identities.
+For more information on the Active Directory object hierarchy, see
+[about_ActiveDirectory_ObjectModel](about_ActiveDirectory_ObjectModel.md).
+
+> [!NOTE]
+> For Active Directory Provider cmdlets, only an object's 'Distinguished Name'
+> or 'Relative Distinguished Name' can be used as the identity. For a list of
+> Active Directory Provider cmdlets, see ActiveDirectory.
+
+### Identity Attributes
+
+The following is a list of identity attributes by object type.
+
+- ADAccount
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Security Identifier (objectSid)
+  - SAM Account Name (sAMAccountName)
+
+- ADComputer
+  - Distinguished Name
+  - GUID  (objectGUID)
+  - Security Identifier (objectSid)
+  - Security Accounts Manager Account Name (sAMAccountName)
+
+- ADDirectoryServer
+  - Name of the server object (name)
+    - For AD LDS instances the syntax of a name is `<computer-name>$<instance-name>`
+    - For other Active Directory instances, use the value of the name property.
+  - Distinguished Name of the NTDS Settings object
+  - Distinguished Name of the server object that represents the directory
+    server.
+  - GUID (objectGUID) of server object under the configuration partition.
+  - GUID (objectGUID) of NTDS settings object under the configuration partition
+
+- ADDomain
+  - Distinguished Name
+  - GUID
+  - Security Identifier
+  - DNS domain name
+  - NetBIOS domain name
+
+- ADDomainController
+  - GUID (objectGUID)
+  - IPV4Address
+  - Global IPV6Address
+  - DNS Host Name (dNSHostName)
+  - Name of the server object
+  - Distinguished Name of the NTDS Settings object
+  - Distinguished Name of the server object that represents the domain controller
+  - GUID of NTDS settings object under the configuration partition
+  - GUID of server object under the configuration partition
+  - Distinguished Name of the computer object that represents the domain controller.
+
+- ADFineGrainedPasswordPolicy
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Name (name)
+
+- ADForest
+  - Fully qualified domain name
+  - DNS host name
+  - NetBIOS name
+
+- ADGroup
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Security Identifier (objectSid)
+  - Security Accounts Manager (SAM) Account Name (sAMAccountName)
+
+- ADObject
+  - Distinguished Name
+  - GUID (objectGUID)
+
+- ADOptionalFeature
+  - Distinguished Name
+  - Name (name)
+  - Feature GUID (featureGUID)
+  - GUID (objectGUID)
+
+- ADOrganizationalUnit
+  - Distinguished Name
+  - GUID (objectGUID)
+
+- ADPrincipal
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Security Identifier (objectSid)
+  - SAM Account Name (sAMAccountName)
+
+- ADServiceAccount
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Security Identifier (objectSid)
+  - SAM Account Name (sAMAccountName)
+
+- ADUser
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Security Identifier (objectSid)
+  - SAM User Name (sAMUserName)
+
+
+### Identities Formats
+
+Active Directory module objects have a range of identity attributes. Below is a
+list of these, their types and formats.
+
+- Distinguished Name
+  - Example: CN=SaraDavis,CN=Europe,CN=Users, DC=corp,DC=contoso,DC=com
+
+- DNS domain name
+  - Example: redmond.corp.contoso.com
+
+- DNS Host Name (dNSHostName)
+  - Example: corp-DC01.corp.contoso.com
+
+- Feature GUID (featureGUID)
+  - Example: 599c3d2e-f72d-4d20-8a88-030d99495f20
+
+- Fully qualified domain name
+  - Example: corp.contoso.com
+
+- Global IPV6Address
+  - Example: 2001:4898:0:fff:200:5efe:157.59.132.61
+
+- GUID (objectGUID)
+  - Example: 599c3d2e-f72d-4d20-8a88-030d99495f20
+
+- IPV4Address
+  - Example:157.59.132.61
+
+- NetBIOS domain name
+  - Example: redmond
+
+- Name of the server object
+  - Example: corp-DC01$
+
+- SAM Account Name (sAMAccountName)
+  - Example: saradavisreports
+
+- Security Identifier (objectSid)
+  - Example: S-1-5-21-3165297888-301567370-576410423-1103
+
+- Name
+  - Example: Recycle Bin Feature
diff --git a/docset/winserver2022-ps/activedirectory/About/about_ActiveDirectory_ObjectModel.md b/docset/winserver2022-ps/activedirectory/About/about_ActiveDirectory_ObjectModel.md
new file mode 100644
index 0000000000..8535a97464
--- /dev/null
+++ b/docset/winserver2022-ps/activedirectory/About/about_ActiveDirectory_ObjectModel.md
@@ -0,0 +1,595 @@
+---
+title: about_ActiveDirectory_ObjectModel
+ms.date: 04/22/2013
+description: Describes the object model of the Active Directory module for Windows PowerShell.
+Locale: en-US
+schema: 2.0.0
+---
+
+# about_ActiveDirectory_ObjectModel
+
+## SHORT DESCRIPTION
+Describes the object model of the Active Directory module for Windows
+PowerShell.
+
+## LONG DESCRIPTION
+
+This topic explains the Active Directory module classes and their properties
+used to model actual Active Directory attributes. It also outlines the class
+hierarchy constructed from its Active Directory counterpart. The object model
+establishes a data foundation for all the operations supported by Active
+Directory module cmdlets.
+
+### Class Hierarchy
+
+The following list shows the class hierarchy defined in the Active Directory
+module object model, with class inheritance implied by indentation. This
+inheritance model allows for Active Directory cmdlets to accept a range of
+object types as input. This means, for example, that the cmdlet
+Get-ADPrincipalGroupMembership can accept as input any of the following
+objects: ADGroup, ADAccount, ADComputer, ADServiceAccount or ADUser. This works
+because of the inheritance model and guarantees that an ADUser object has all
+of the properties of an ADPrincipal object.
+
+```
+ADEntity
+  ADRootDSE
+  ADObject
+    ADFineGrainedPasswordPolicy
+    ADOptionalFeature
+    ADOrganizationalUnit
+    ADPartition
+      ADDomain
+    ADPrincipal
+      ADAccount
+        ADComputer
+        ADServiceAccount
+        ADUser
+      ADGroup
+  ADDefaultDomainPasswordPolicy
+  ADForest
+  ADDirectoryServer
+    ADDomainController
+```
+
+### Active Directory Module Classes
+
+The following listing shows every Active Directory module class from the class
+hierarchy listing. Each class defines a set of properties, some of which are
+LDAP attributes that are retrieved by default and some are new properties
+created specifically for the Active Directory module. These new properties are
+derived from one or more LDAP attributes as outlined in the class listings.
+
+
+- ADEntity - The base level class from which all other classes are derived.
+  - ADRootDSE - Represents the rootDSE and is derived from ADEntity. An
+    ADRootDSE may contain the following properties in addition to those
+    inherited from its parent.
+    - ConfigurationNamingContext - A property of type System.String, derived
+      from the directory attribute ConfigurationNamingContext
+    - CurrentTime - A property of type System.DateTime, derived from the
+      directory attribute CurrentTime
+    - DefaultNamingContext - A property of type System.String, derived from the
+      directory attribute DefaultNamingContext
+    - DnsHostName - A property of type System.String, derived from the
+      directory attribute DnsHostName
+    - DomainControllerFunctionality - A property of type
+      ADDomainControllerMode, derived from the directory attribute
+      DomainControllerFunctionality
+    - DomainFunctionality - A property of type ADDomainMode, derived from the
+      directory attribute DomainFunctionality
+    - DsServiceName - A property of type System.String, derived from the
+      directory attribute DsServiceName
+    - ForestFunctionality - A property of type ADForestMode, derived from the
+      directory attribute ForestFunctionality
+    - GlobalCatalogReady - A property of type System.Boolean, derived from the
+      directory attribute GlobalCatalogReady
+    - HighestCommittedUSN - A property of type System.Long, derived from the
+      directory attribute HighestCommittedUSN
+    - LdapServiceName - A property of type System.String, derived from the
+      directory attribute LdapServiceName
+    - NamingContexts - A property of type System.String, derived from the
+      directory attribute NamingContexts
+    - RootDomainNamingContext - A property of type System.String, derived from
+      the directory attribute RootDomainNamingContext
+    - SchemaNamingContext - A property of type System.String, derived from the
+      directory attribute SchemaNamingContext
+    - ServerName - A property of type System.String, derived from the directory
+      attribute ServerName
+    - SubschemaSubentry - A property of type ADObject, derived from the
+      directory attribute SubschemaSubentry
+    - SupportedCapabilities - A property of type ADObjectIdentifier, derived
+      from the directory attribute SupportedCapabilities
+    - SupportedControl - A property of type ADObjectIdentifier, derived from
+      the directory attribute SupportedControl
+    - SupportedLDAPPolicies - A property of type System.String, derived from
+      the directory attribute SupportedLDAPPolicies
+    - SupportedLDAPVersion - A property of type System.Int, derived from the
+      directory attribute SupportedLDAPVersion
+    - SupportedRootDSEOperations - A property of type
+      ADPropertyValueCollection, derived from the directory attribute
+      SupportedRootDSEOperations
+    - SupportedSASLMechanisms - A property of type System.String, derived from
+      the directory attribute SupportedSASLMechanisms
+    - Syncronized - A property of type System.Boolean, derived from the
+      directory attribute IsSynchronized.
+  - ADObject - Represents any object in Active Directory and is derived from
+    ADEntity. An ADObject may contain the following properties in addition to
+    those inherited from its parent.
+    - CanonicalName - A property of type System.String, derived from the
+      directory attribute: canonicalName
+    - CN - A property of type System.String, derived from the directory
+      attribute: cn
+    - Created - A property of type System.DateTime, derived from the directory
+      attribute: createTimeStamp
+    - Deleted - A property of type System.Boolean, derived from the directory
+      attribute: isDeleted
+    - Description - A property of type System.String, derived from the
+      directory attribute: description
+    - DisplayName - A property of type System.String, derived from the
+      directory attribute: displayName
+    - DistinguishedName - A property of type System.String, derived from the
+      directory attribute: distinguishedName
+    - LastKnownParent - A property of type System.String, derived from the
+      directory attribute: lastKnownParent
+    - Modified - A property of type System.DateTime, derived from the directory
+      attribute: modifyTimeStamp
+    - Name - A property of type System.String, derived from the directory
+      attribute: name
+    - ObjectCategory - A property of type System.String, derived from the
+      directory attribute: objectCategory
+    - ObjectClass - A property of type System.String, derived from the
+      directory attribute: objectClass
+    - ObjectGUID - A property of type System.Guid, derived from the directory
+      attribute: objectGUID
+    - ProtectedFromAccidentalDeletion - A property of type System.Boolean,
+      derived from the directory attributes: nTSecurityDescriptor,
+      sdRightsEffective, instanceType, isDeleted
+    - ADFineGrainedPasswordPolicy Represents a fine grained password policy
+      object; that is, an AD object of type msDS-PasswordSettings in AD DS and
+      is derived from ADObject. This class is not supported by AD LDS. An
+      ADFineGrainedPasswordPolicy may contain the following properties in
+      addition to those inherited from its parent.
+      - AppliesTo - A property of type System.String, derived from the
+        directory attribute: msDS-PSOAppliesTo
+      - ComplexityEnabled - A property of type System.Boolean, derived from the
+        directory attribute: msDS-PasswordComplexityEnabled
+      - LockoutDuration - A property of type System.TimeSpan, derived from the
+        directory attribute: msDS-LockoutDuration
+      - LockoutObservationWindow - A property of type System.TimeSpan, derived
+        from the directory attribute: msDS-LockoutObservationWindow
+      - LockoutThreshold - A property of type System.Int32, derived from the
+        directory attribute: msDS-LockoutThreshold
+      - MaxPasswordAge - A property of type System.TimeSpan, derived from the
+        directory attribute: msDS-MaximumPasswordAge
+      - MinPasswordAge - A property of type System.TimeSpan, derived from the
+        directory attribute: msDS-MinimumPasswordAge
+      - MinPasswordLength - A property of type System.Int32, derived from the
+        directory attribute: msDS-MinimumPasswordLength
+      - PasswordHistoryCount - A property of type System.Int32, derived from
+        the directory attribute: msDS-PasswordHistoryLength
+      - Precedence - A property of type System.Int32, derived from the
+        directory attribute: msDS-PasswordSettingsPrecedence
+      - ReversibleEncryptionEnabled - A property of type System.Boolean,
+        derived from the directory attribute:
+        msDS-PasswordReversibleEncryptionEnabled
+    - ADOptionalFeature Represents an optional feature, an Active Directory
+      object of type msDS-OptionalFeature, and is derived from ADObject. An
+      ADOptionalFeaturemay contain the following properties in addition to
+      those inherited from its parent.
+      - EnabledScopes - A property of type System.String, derived from the
+        directory attribute: msDS-EnabledFeatureBL
+      - FeatureGUID - A property of type System.Guid, derived from the
+        directory attribute: msDS-OptionalFeatureGUID
+      - FeatureScope - A property of type System.Int32, derived from the
+        directory attribute: msDS-OptionalFeatureFlags
+      - IsDisableable - A property of type System.Boolean, derived from the
+        directory attribute: msDS-OptionalFeatureFlags
+      - RequiredDomainMode - A property of type
+        Microsoft.ActiveDirectory.Management.ADDomainMode, derived from the
+        directory attribute: msDS-RequiredDomainBehaviorVersion
+      - RequiredForestMode - A property of type
+        Microsoft.ActiveDirectory.Management.ADForestMode, derived from the
+        directory attribute: msDS-RequiredForestBehaviorVersion
+    - ADOrganizationalUnit Represents an organizationalUnit (OU) object and is
+      derived from ADObject. An ADOrganizationalUnit may contain the following
+      properties in addition to those inherited from its parent.
+      - City - A property of type System.String, derived from the directory
+        attribute: l
+      - Country - A property of type System.String, derived from the directory
+        attribute: c
+      - LinkedGroupPolicyObjects - A property of type System.String, derived
+        from the directory attribute: gpLink. This property is not supported on
+        AD LDS.
+      - ManagedBy - A property of type System.String, derived from the
+        directory attribute: managedBy
+      - PostalCode - A property of type System.String, derived from the
+        directory attribute: postalCode
+      - State - A property of type System.String, derived from the directory
+        attribute: st
+      - StreetAddress - A property of type System.String, derived from the
+        directory attribute: street
+    - ADPartition - Represents a naming context, Configuration, Schema, Domain
+      or Application Partition(ND NC) and is derived from ADObject. This class
+      is not supported by AD LDS. An ADPartition may contain the following
+      properties in addition to those inherited from its parent.
+      - DeletedObjectsContainer - A property of type System.String, derived
+        from the directory attribute: DeletedObjectsContainer
+      - DNSRoot - A property of type System.String, derived from the directory
+        attribute: DNSRoot
+      - LostAndFoundContainer - A property of type System.String, derived from
+        the directory attribute: LostAndFoundContainer
+      - QuotasContainer - A property of type System.String, derived from the
+        directory attribute: QuotasContainer
+      - ReadOnlyReplicaDirectoryServers - A property of type System.String,
+        derived from the directory attribute: ReadOnlyReplicaDirectoryServers
+      - ReplicaDirectoryServers - A property of type System.String, derived
+        from the directory attribute: ReplicaDirectoryServers
+      - SubordinateReferences - A property of type System.String, derived from
+        the directory attribute: SubordinateReferences
+      - ADDomain - Represents a domain in AD DS or an instance in AD LDS; for
+        example, an Active Directory object of type domainDNS and is derived
+        from ADPartition. This class is not supported by AD LDS. An ADDomain
+        may contain the following properties in addition to those inherited
+        from its parent.
+        - AllowedDNSSuffixes - A property of type System.String, derived from
+          the directory attribute: msDS-AllowedDNSSuffixes
+        - ChildDomains - A property of type System.String, derived from the
+          directory attribute: ChildDomains
+        - ComputersContainer - A property of type System.String, derived from
+          the directory attribute: ComputersContainer
+        - DomainControllersContainer - A property of type System.String,
+          derived from the directory attribute: DomainControllersContainer
+        - DomainMode - A property of type System.Int32, derived from the
+          directory attribute: msDS-Behavior-Version
+        - DomainSID - A property of type
+          System.Security.Principal.SecurityIdentifier, derived from the
+          directory attribute: objectSid
+        - ForeignSecurityPrincipalsContainer - A property of type
+          System.String, derived from the directory attribute:
+          ForeignSecurityPrincipalsContainer
+        - Forest - A property of type System.String, derived from the directory
+          attribute: Forest
+        - InfrastructureMaster - A property of type System.String, derived from
+          the directory attribute: InfrastructureMaster
+        - LastLogonReplicationInterval - A property of type System.TimeSpan,
+          derived from the directory attribute: msDS-LogonTimeSyncInterval
+        - LinkedGroupPolicyObjects - A property of type System.String, derived
+          from the directory attribute: LinkedGroupPolicyObjects
+        - ManagedBy - A property of type System.String, derived from the
+          directory attribute: managedBy
+        - NetBIOSName - A property of type System.String, derived from the
+          directory attribute: NetBIOSName
+        - ParentDomain - A property of type System.String, derived from the
+          directory attribute: ParentDomain
+        - PDCEmulator - A property of type System.String, derived from the
+          directory attribute: PDCEmulator
+        - RIDMaster - A property of type System.String, derived from the
+          directory attribute: RIDMaster
+        - SystemsContainer - A property of type System.String, derived from the
+          directory attribute: SystemsContainer
+        - UsersContainer - A property of type System.String, derived from the
+          directory attribute: UsersContainer
+      - ADPrincipal - Represents a security principal, which is an Active
+        Directory object of type user, computer, group or iNetOrgPerson and is
+        derived from ADObject. An ADPrincipal may contain the following
+        properties in addition to those inherited from its parent.
+        - HomePage - A property of type System.String, derived from the
+          directory attribute: wWWHomePage
+        - MemberOf - A property of type System.String, derived from the
+          directory attribute: memberOf
+        - SamAccountName - A property of type System.String, derived from the
+          directory attribute: sAMAccountName. This property is not supported
+          for AD LDS.
+        - SID - A property of type
+          System.Security.Principal.SecurityIdentifier, derived from the
+          directory attribute: objectSid
+        - SIDHistory - A property of type
+          System.Security.Principal.SecurityIdentifier, derived from the
+          directory attribute: sIDHistory. This property is not supported for
+          AD LDS.
+        - ADAccount - Represents a security account; that is, an Active
+          Directory object of type user, computer or iNetOrgPerson and is
+          derived from ADPrincipal. An ADAccount may contain the following
+          properties in addition to those inherited from its parent.
+          - AccountExpirationDate - A property of type System.DateTime, derived
+            from the directory attribute: accountExpires
+          - AccountLockoutTime - A property of type System.DateTime, derived
+            from the directory attribute: lockoutTime
+          - AccountNotDelegated - A property of type System.Boolean, derived
+            from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - AllowReversiblePasswordEncryption - A property of type
+            System.Boolean, for AD DS it is derived from the directory
+            attribute: userAccountControl; for AD LDS it is derived from the
+            directory attribute: ms-DS-UserEncryptedTextPasswordAllowed
+          - BadLogonCount - A property of type System.Int32, derived from the
+            directory attribute: badPwdCount
+          - CannotChangePassword - A property of type System.Boolean, derived
+            from the directory attribute: nTSecurityDescriptor
+          - Certificates - A property of type
+            System.Security.Cryptography.X509Certificates.X509Certificate,
+            derived from the directory attribute: userCertificate
+          - DoesNotRequirePreAuth - A property of type System.Boolean, derived
+            from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - Enabled - A property of type System.Boolean, for AD DS it is
+            derived from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed; for AD LDS it is derived from
+            the directory attribute msDS-UserAccountDisabled
+          - HomedirRequired - A property of type System.Boolean, derived from
+            the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - LastBadPasswordAttempt - A property of type System.DateTime,
+            derived from the directory attribute: badPasswordTime
+          - LastLogonDate - A property of type System.DateTime, derived from
+            the directory attribute: lastLogonTimestamp
+          - LockedOut - A property of type System.Boolean, for AD DS it is
+            derived from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed, lockoutTime; for AD LDS it is
+            derived from the directory attribute msDS-UserAccountDisabled
+          - MNSLogonAccount - A property of type System.Boolean, derived from
+            the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - PasswordExpired - A property of type System.Boolean, for AD DS it
+            is derived from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed; for AD LDS it is derived from
+            the directory attribute msDS-UserPasswordExpired
+          - PasswordLastSet - A property of type System.DateTime, derived from
+            the directory attribute: pwdLastSet
+          - PasswordNeverExpires - A property of type System.Boolean, for AD
+            LDS it is derived from the directory attributes:
+            userAccountControl, msDS-User-Account-Control-Computed; for AD LDS
+            it is derived from the directory attribute:
+            msDS-UserDontExpirePassword
+          - PasswordNotRequired - A property of type System.Boolean, for AD DS
+            it is derived from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed; for AD LDS it is derived from
+            the directory attribute: ms-DS-UserPasswordNotRequired
+          - PrimaryGroup - A property of type System.String, derived from the
+            directory attributes: primaryGroupID, objectSid. This property is
+            not supported by AD LDS.
+          - ServicePrincipalNames - A property of type System.String, derived
+            from the directory attribute: servicePrincipalName. This property
+            is not supported by AD LDS.
+          - TrustedForDelegation - A property of type System.Boolean, derived
+            from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - TrustedToAuthForDelegation - A property of type System.Boolean,
+            derived from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - UseDESKeyOnly - A property of type System.Boolean, derived from the
+            directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - UserPrincipalName - A property of type System.String, derived from
+            the directory attribute: userPrincipalName
+          - ADComputer - Represents a computer and is derived from ADAccount.
+            An ADComputer may contain the following properties in addition to
+            those inherited from its parent.
+            - DNSHostName - A property of type System.String, derived from the
+              directory attribute: dNSHostName
+            - IPv4Address - A property of type System.String, derived from the
+              directory attribute: dNSHostName
+            - IPv6Address - A property of type System.String, derived from the
+              directory attribute: dNSHostName
+            - Location - A property of type System.String, derived from the
+              directory attribute: location
+            - ManagedBy - A property of type System.String, derived from the
+              directory attribute: managedBy
+            - OperatingSystem - A property of type System.String, derived from
+              the directory attribute: operatingSystem
+            - OperatingSystemHotfix - A property of type System.String, derived
+              from the directory attribute: operatingSystemHotfix
+            - OperatingSystemServicePack - A property of type System.String,
+              derived from the directory attribute: operatingSystemServicePack
+            - OperatingSystemVersion - A property of type System.String,
+              derived from the directory attribute: operatingSystemVersion
+            - ServiceAccount - A property of type System.String, derived from
+              the directory attribute: msDS-HostServiceAccount
+          - ADServiceAccount - Represents a managed service account; that is,
+            an Active Directory object of type msDS-ManagerdServiceAccount and
+            is derived from ADAccount. This class is not supported by AD LDS.
+            An ADServiceAccount may contain the following properties in
+            addition to those inherited from its parent.
+            - HostComputers - A property of type System.String, derived from
+              the directory attribute: msDS-HostServiceAccountBL
+          - ADUser - Represents a user (or iNetOrgPerson) and is derived from
+            ADAccount. An ADUser may contain the following properties in
+            addition to those inherited from its parent.
+            - City - A property of type System.String, derived from the
+              directory attribute: l
+            - Company - A property of type System.String, derived from the
+              directory attribute: company
+            - Country - A property of type System.String, derived from the
+              directory attribute: c
+            - Department - A property of type System.String, derived from the
+              directory attribute: department
+            - Division - A property of type System.String, derived from the
+              directory attribute: division
+            - EmailAddress - A property of type System.String, derived from the
+              directory attribute: mail
+            - EmployeeID - A property of type System.String, derived from the
+              directory attribute: employeeID
+            - EmployeeNumber - A property of type System.String, derived from
+              the directory attribute: employeeNumber
+            - Fax - A property of type System.String, derived from the
+              directory attribute: facsimileTelephoneNumber
+            - GivenName - A property of type System.String, derived from the
+              directory attribute: givenName
+            - HomeDirectory - A property of type System.String, derived from
+              the directory attribute: homeDirectory. This property is not
+              supported by AD LDS.
+            - HomeDrive - A property of type System.String, derived from the
+              directory attribute: homeDrive. This property is not supported by
+              AD LDS.
+            - HomePhone - A property of type System.String, derived from the
+              directory attribute: homePhone
+            - Initials - A property of type System.String, derived from the
+              directory attribute: initials
+            - LogonWorkstations - A property of type System.String, derived
+              from the directory attribute: userWorkstations. This property is
+              not supported by AD LDS.
+            - Manager - A property of type System.String, derived from the
+              directory attribute: manager
+            - MobilePhone - A property of type System.String, derived from the
+              directory attribute: mobile
+            - Office - A property of type System.String, derived from the
+              directory attribute: physicalDeliveryOfficeName
+            - OfficePhone - A property of type System.String, derived from the
+              directory attribute: telephoneNumber
+            - Organization - A property of type System.String, derived from the
+              directory attribute: o
+            - OtherName - A property of type System.String, derived from the
+              directory attribute: middleName
+            - POBox - A property of type System.String, derived from the
+              directory attribute: postOfficeBox
+            - PostalCode - A property of type System.String, derived from the
+              directory attribute: postalCode
+            - ProfilePath - A property of type System.String, derived from the
+              directory attribute: profilePath. This property is not supported
+              by AD LDS.
+            - ScriptPath - A property of type System.String, derived from the
+              directory attribute: scriptPath. This property is not supported
+              by AD LDS.
+            - SmartcardLogonRequired - A property of type System.Boolean,
+              derived from the directory attributes: userAccountControl,
+              msDS-User-Account-Control-Computed. This property is not
+              supported by AD LDS.
+            - State - A property of type System.String, derived from the
+              directory attribute: st
+            - StreetAddress - A property of type System.String, derived from
+              the directory attribute: streetAddress
+            - Surname - A property of type System.String, derived from the
+              directory attribute: sn
+            - Title - A property of type System.String, derived from the
+              directory attribute: title
+        - ADGroup -Represents a group and is derived from ADPrincipal. An
+          ADGroup may contain the following properties in addition to those
+          inherited from its parent.
+          - GroupCategory - A property of type
+            Microsoft.ActiveDirectory.Management.ADGroupCategory, derived from
+            the directory attribute: groupType
+          - GroupScope - A property of type
+            Microsoft.ActiveDirectory.Management.ADGroupScope, derived from the
+            directory attribute: groupType
+          - ManagedBy - A property of type System.String, derived from the
+            directory attribute: managedBy
+          - Members - A property of type System.String, derived from the
+            directory attribute: member
+  - ADDefaultDomainPasswordPolicy - Represents the domain-wide password policy
+    of an Active Directory domain and is derived from ADEntity. This class is
+    not supported by AD LDS. An ADDefaultDomainPasswordPolicy may contain the
+    following properties in addition to those inherited from its parent.
+    - ComplexityEnabled - A property of type System.Boolean, derived from the
+      directory attribute: pwdProperties
+    - DistinguishedName - A property of type System.String, derived from the
+      directory attribute: distinguishedName
+    - LockoutDuration - A property of type System.TimeSpan, derived from the
+      directory attribute: lockoutDuration
+    - LockoutObservationWindow - A property of type System.TimeSpan, derived
+      from the directory attribute: lockoutObservationWindow
+    - LockoutThreshold - A property of type System.Int32, derived from the
+      directory attribute: lockoutThreshold
+    - MaxPasswordAge - A property of type System.TimeSpan, derived from the
+      directory attribute: maxPwdAge
+    - MinPasswordAge - A property of type System.TimeSpan, derived from the
+      directory attribute: minPwdAge
+    - MinPasswordLength - A property of type System.Int32, derived from the
+      directory attribute: minPwdLength
+    - PasswordHistoryCount - A property of type System.Int32, derived from the
+      directory attribute: pwdHistoryLength
+    - ReversibleEncryptionEnabled - A property of type System.Boolean, derived
+      from the directory attribute: pwdProperties
+  - ADForest - Represents a Active Directory forest in AD DS or a Configuration
+    Set in AD LDS and is derived from ADEntity. This class is not supported by
+    AD LDS. An ADForest may contain the following properties in addition to
+    those inherited from its parent.
+    - ApplicationPartitions - A property of type System.String, derived from
+      the directory attribute: ApplicationPartitions
+    - CrossForestReferences - A property of type System.String, derived from
+      the directory attribute: CrossForestReferences
+    - DomainNamingMaster - A property of type System.String, derived from the
+      directory attribute: DomainNamingMaster
+    - Domains - A property of type System.String, derived from the directory
+      attribute: Domains
+    - ForestMode - A property of type System.Int32, derived from the directory
+      attribute: msDS-Behavior-Version
+    - GlobalCatalogs - A property of type System.String, derived from the
+      directory attribute: GlobalCatalogs
+    - Name - A property of type System.String, derived from the directory
+      attribute: name
+    - PartitionContainerName - A property of type System.String, derived from
+      the directory attribute: distinguishedName
+    - RootDomain - A property of type System.String, derived from the directory
+      attribute: RootDomain
+    - SchemaMaster - A property of type System.String, derived from the
+      directory attribute: SchemaMaster
+    - Sites - A property of type System.String, derived from the directory
+      attribute: Sites
+    - SPNSuffixes - A property of type System.String, derived from the
+      directory attribute: msDS-SPNSuffixes
+    - UPNSuffixes - A property of type System.String, derived from the
+      directory attribute: uPNSuffixes
+  - ADDirectoryServer - Represents a directory server used as either a domain
+    controller or an AD LDS instance and is derived from ADEntity. An
+    ADDirectoryServer may contain the following properties in addition to those
+    inherited from its parent.
+    - DefaultPartition - A property of type System.String, derived from the
+      directory attribute: DefaultPartition
+    - HostName - A property of type System.String, derived from the directory
+      attribute: HostName
+    - InvocationId - A property of type System.Guid, derived from the directory
+      attribute: InvocationId
+    - IPv4Address - A property of type System.String, derived from the
+      directory attribute: HostName
+    - IPv6Address - A property of type System.String, derived from the
+      directory attribute: HostName
+    - LdapPort - A property of type System.Int32, derived from the directory
+      attribute: LdapPort
+    - Name - A property of type System.String, derived from the directory
+      attribute: Name
+    - NTDSSettingsObjectDN - A property of type System.String, derived from the
+      directory attribute: NTDSSettingsObjectDN
+    - OperationMasterRoles - A property of type
+      Microsoft.ActiveDirectory.Management.ADOperationMasterRole, derived from
+      the directory attribute: OperationMasterRole
+    - Partitions - A property of type System.String, derived from the directory
+      attribute: Partitions
+    - ServerObjectDN - A property of type System.String, derived from the
+      directory attribute: ServerObjectDN
+    - ServerObjectGuid - A property of type System.Guid, derived from the
+      directory attribute: ServerObjectGuid
+    - Site - A property of type System.String, derived from the directory
+      attribute: Site
+    - SslPort - A property of type System.Int32, derived from the directory
+      attribute: SslPort
+    - ADDomainController - Represents a domain controller in AD DS and is
+      derived from ADDirectoryServer. An ADDomainController may contain the
+      following properties in addition to those inherited from its parent.
+      - ComputerObjectDN - A property of type System.String, derived from the
+        directory attribute: ComputerDN
+      - Domain - A property of type System.String, derived from the directory
+        attribute: Domain
+      - Enabled - A property of type System.Boolean, derived from the directory
+        attribute: Enabled
+      - Forest - A property of type System.String, derived from the directory
+        attribute: Forest
+      - IsGlobalCatalog - A property of type System.Boolean, derived from the
+        directory attribute: IsGlobalCatalog
+      - IsReadOnly - A property of type System.Boolean, derived from the
+        directory attribute: IsReadOnly
+      - OperatingSystem - A property of type System.String, derived from the
+        directory attribute: OSName
+      - OperatingSystemHotfix - A property of type System.String, derived from
+        the directory attribute: OSHotFix
+      - OperatingSystemServicePack - A property of type System.String, derived
+        from the directory attribute: OSServicepack
+      - OperatingSystemVersion - A property of type System.String, derived from
+        the directory attribute: OSVersion
diff --git a/docset/winserver2025-ps/activedirectory/About/About.md b/docset/winserver2025-ps/activedirectory/About/About.md
index adc76085b9..449df28850 100644
--- a/docset/winserver2025-ps/activedirectory/About/About.md
+++ b/docset/winserver2025-ps/activedirectory/About/About.md
@@ -2,7 +2,7 @@
 description: About articles for the ActiveDirectory module.
 Help Version: 3.1.0.0
 Locale: en-US
-ms.date: 04/22/2013
+ms.date: 07/03/2024
 title: About articles
 ---
 # About topics
@@ -13,5 +13,14 @@ About topics cover a range of concepts about PowerShell.
 
 ## About Topics
 
+### [about_ActiveDirectory](about_ActiveDirectory.md)
+The Active Directory module is a command line interface for managing Active Directory.
+
 ### [about_ActiveDirectory_Filter](about_ActiveDirectory_Filter.md)
 Describes the syntax and behavior of the search filter supported by the Active Directory module for Windows PowerShell.
+
+### [about_ActiveDirectory_Identity](about_ActiveDirectory_Identity.md)
+The Active Directory module for Windows PowerShell objects have a range of identifying attributes that are used for search and retrieval.
+
+### [about_ActiveDirectory_ObjectModel](about_ActiveDirectory_ObjectModel.md)
+Describes the object model of the Active Directory module for Windows PowerShell.
diff --git a/docset/winserver2025-ps/activedirectory/About/about_ActiveDirectory.md b/docset/winserver2025-ps/activedirectory/About/about_ActiveDirectory.md
new file mode 100644
index 0000000000..1b7183dcd2
--- /dev/null
+++ b/docset/winserver2025-ps/activedirectory/About/about_ActiveDirectory.md
@@ -0,0 +1,81 @@
+---
+title: about_ActiveDirectory
+ms.date: 04/22/2013
+description: The Active Directory module is a command line interface for managing Active Directory.
+Locale: en-US
+schema: 2.0.0
+---
+
+# about_ActiveDirectory
+
+## SHORT DESCRIPTION
+
+The Active Directory module is a command line interface for managing Active
+Directory.
+
+## LONG DESCRIPTION
+
+The Active Directory module for Windows PowerShell is for IT Professionals who
+are administering and interfacing with Active Directory. The Active Directory
+module provides an efficient way to complete many administrative,
+configuration, and diagnostic tasks across Active Directory Domain Services (AD
+DS) and Active Directory Lightweight Directory Services (AD LDS) instances in
+their environments. The Active Directory module includes a set of Windows
+PowerShell cmdlets and a provider. The provider exposes the Active Directory
+database through a hierarchical navigation system, which is very similar to the
+file system. As with drives in a file system, such as C:, you can connect
+Windows PowerShell drives to Active Directory domains and AD LDS, as well as
+Active Directory snapshots.
+
+### Coverage of Active Directory Module Cmdlets
+
+Create, Read, Update, and Delete actions are supported for Active Directory
+objects by cmdlets such as `New-ADUser`, `Get-ADOrganizationalUnit`,
+`Set-ADComputer`, and `Remove-ADUser`.
+
+Account and Password Policy Management are supported by cmdlets such as
+`Enable-ADAccount`, `Unlock-ADAccount`, `New-ADServiceAccount`,
+`Set-ADAccountControl`, and `Remove-ADFineGrainedPasswordPolicy`.
+
+Domain and Forest Management is supported by cmdlets such as `Get-ADForest`,
+`Set-ADForest`, `Set-ADForestMode`, `Enable-ADOptionalFeature`,
+`Get-ADDomainController`, and `Get-ADDomain`.
+
+### Listing the Active Directory Module Cmdlets
+
+To get a list of all of the Active Directory module cmdlets, run
+
+```powershell
+Get-Command -Module ActiveDirectory
+```
+
+### Getting Started
+
+Getting started with the Active Directory module for Windows PowerShell is as
+easy as clicking the following shortcut:
+
+Run the following command in any Windows PowerShell prompt to import the Active
+Directory module:
+
+```powershell
+Import-Module ActiveDirectory
+```
+
+### Overview and Conceptual Topics
+
+The first two of these topics offer a high level overview of the Active
+Directory module and the Active Directory Provider.
+
+- For a brief introduction to the Active Directory provider for Windows
+  PowerShell, see [ActiveDirectory](/powershell/module/activedirectory).
+- The following topics are conceptual support topics for the Active Directory
+  module cmdlets.
+  - For an introduction to the **Identity** parameter, which is used by the
+    Active Directory module cmdlets to identify objects in the directory, see
+    [about_ActiveDirectory_Identity](about_ActiveDirectory_Identity.md).
+  - For an introduction to the **Filter** parameter which is used by Active
+    Directory module cmdlets to search for objects in the directory, see
+    [about_ActiveDirectory_Filter](about_ActiveDirectory_Filter.md).
+  - For an introduction to the .NET Framework-based object model implemented by
+    the Active Directory module, see
+    [about_ActiveDirectory_ObjectModel](about_ActiveDirectory_ObjectModel.md).
diff --git a/docset/winserver2025-ps/activedirectory/About/about_ActiveDirectory_Identity.md b/docset/winserver2025-ps/activedirectory/About/about_ActiveDirectory_Identity.md
new file mode 100644
index 0000000000..c007277b19
--- /dev/null
+++ b/docset/winserver2025-ps/activedirectory/About/about_ActiveDirectory_Identity.md
@@ -0,0 +1,196 @@
+---
+title: about_ActiveDirectory_Identity
+ms.date: 04/22/2013
+description: This article lists the identifying attributes that are used for search and retrieval supported by the Active Directory module for Windows PowerShell.
+Locale: en-US
+schema: 2.0.0
+---
+
+# about_ActiveDirectory_Identity
+
+## SHORT DESCRIPTION
+
+The Active Directory module for Windows PowerShell objects have a range of
+identifying attributes that are used for search and retrieval.
+
+## LONG DESCRIPTION
+
+In order to identify the objects in Active Directory, each object has
+attributes that can be used as identifiers. In the Active Directory module, the
+value of the identity of an object can be passed using the Identity parameter.
+Each object type has its own set of possible types and values for use by the
+Identity parameter. See the detailed description of the Identity parameter of
+the given cmdlet for more information about its usage.
+
+When searching with the Active Directory module cmdlets, the value of the
+Identity parameter, along with the values of the Server and Partition
+parameters, is used to uniquely identify a single object. The Server parameter
+is used to locate which server to connect with. The Partition parameter further
+narrows the search to a specific partition. The Identity parameter then
+resolves to a single unique object in the partition.
+
+Note that using the Security Accounts Manager (SAM) Account Name
+(**sAMAccountName**) when targeting a global catalog port, you will not find a
+user in a different domain if you are using the Identity parameter
+
+If more than one object is found using identity resolution, the Active
+Directory module throws an error.
+
+For more information about the Server and Partition parameters, see the help
+topics for the individual cmdlets where they are used, such as `Get-ADUser`, by
+typing:
+
+```powershell
+Get-Help Get-ADUser
+```
+
+### Objects and Identities
+
+Each object has a list of attributes that can be used as an identity for that
+object. Additionally, if the object inherits from another object, then the
+parent object's identities can also be used as the child object's identities.
+For more information on the Active Directory object hierarchy, see
+[about_ActiveDirectory_ObjectModel](about_ActiveDirectory_ObjectModel.md).
+
+> [!NOTE]
+> For Active Directory Provider cmdlets, only an object's 'Distinguished Name'
+> or 'Relative Distinguished Name' can be used as the identity. For a list of
+> Active Directory Provider cmdlets, see ActiveDirectory.
+
+### Identity Attributes
+
+The following is a list of identity attributes by object type.
+
+- ADAccount
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Security Identifier (objectSid)
+  - SAM Account Name (sAMAccountName)
+
+- ADComputer
+  - Distinguished Name
+  - GUID  (objectGUID)
+  - Security Identifier (objectSid)
+  - Security Accounts Manager Account Name (sAMAccountName)
+
+- ADDirectoryServer
+  - Name of the server object (name)
+    - For AD LDS instances the syntax of a name is `<computer-name>$<instance-name>`
+    - For other Active Directory instances, use the value of the name property.
+  - Distinguished Name of the NTDS Settings object
+  - Distinguished Name of the server object that represents the directory
+    server.
+  - GUID (objectGUID) of server object under the configuration partition.
+  - GUID (objectGUID) of NTDS settings object under the configuration partition
+
+- ADDomain
+  - Distinguished Name
+  - GUID
+  - Security Identifier
+  - DNS domain name
+  - NetBIOS domain name
+
+- ADDomainController
+  - GUID (objectGUID)
+  - IPV4Address
+  - Global IPV6Address
+  - DNS Host Name (dNSHostName)
+  - Name of the server object
+  - Distinguished Name of the NTDS Settings object
+  - Distinguished Name of the server object that represents the domain controller
+  - GUID of NTDS settings object under the configuration partition
+  - GUID of server object under the configuration partition
+  - Distinguished Name of the computer object that represents the domain controller.
+
+- ADFineGrainedPasswordPolicy
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Name (name)
+
+- ADForest
+  - Fully qualified domain name
+  - DNS host name
+  - NetBIOS name
+
+- ADGroup
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Security Identifier (objectSid)
+  - Security Accounts Manager (SAM) Account Name (sAMAccountName)
+
+- ADObject
+  - Distinguished Name
+  - GUID (objectGUID)
+
+- ADOptionalFeature
+  - Distinguished Name
+  - Name (name)
+  - Feature GUID (featureGUID)
+  - GUID (objectGUID)
+
+- ADOrganizationalUnit
+  - Distinguished Name
+  - GUID (objectGUID)
+
+- ADPrincipal
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Security Identifier (objectSid)
+  - SAM Account Name (sAMAccountName)
+
+- ADServiceAccount
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Security Identifier (objectSid)
+  - SAM Account Name (sAMAccountName)
+
+- ADUser
+  - Distinguished Name
+  - GUID (objectGUID)
+  - Security Identifier (objectSid)
+  - SAM User Name (sAMUserName)
+
+
+### Identities Formats
+
+Active Directory module objects have a range of identity attributes. Below is a
+list of these, their types and formats.
+
+- Distinguished Name
+  - Example: CN=SaraDavis,CN=Europe,CN=Users, DC=corp,DC=contoso,DC=com
+
+- DNS domain name
+  - Example: redmond.corp.contoso.com
+
+- DNS Host Name (dNSHostName)
+  - Example: corp-DC01.corp.contoso.com
+
+- Feature GUID (featureGUID)
+  - Example: 599c3d2e-f72d-4d20-8a88-030d99495f20
+
+- Fully qualified domain name
+  - Example: corp.contoso.com
+
+- Global IPV6Address
+  - Example: 2001:4898:0:fff:200:5efe:157.59.132.61
+
+- GUID (objectGUID)
+  - Example: 599c3d2e-f72d-4d20-8a88-030d99495f20
+
+- IPV4Address
+  - Example:157.59.132.61
+
+- NetBIOS domain name
+  - Example: redmond
+
+- Name of the server object
+  - Example: corp-DC01$
+
+- SAM Account Name (sAMAccountName)
+  - Example: saradavisreports
+
+- Security Identifier (objectSid)
+  - Example: S-1-5-21-3165297888-301567370-576410423-1103
+
+- Name
+  - Example: Recycle Bin Feature
diff --git a/docset/winserver2025-ps/activedirectory/About/about_ActiveDirectory_ObjectModel.md b/docset/winserver2025-ps/activedirectory/About/about_ActiveDirectory_ObjectModel.md
new file mode 100644
index 0000000000..8535a97464
--- /dev/null
+++ b/docset/winserver2025-ps/activedirectory/About/about_ActiveDirectory_ObjectModel.md
@@ -0,0 +1,595 @@
+---
+title: about_ActiveDirectory_ObjectModel
+ms.date: 04/22/2013
+description: Describes the object model of the Active Directory module for Windows PowerShell.
+Locale: en-US
+schema: 2.0.0
+---
+
+# about_ActiveDirectory_ObjectModel
+
+## SHORT DESCRIPTION
+Describes the object model of the Active Directory module for Windows
+PowerShell.
+
+## LONG DESCRIPTION
+
+This topic explains the Active Directory module classes and their properties
+used to model actual Active Directory attributes. It also outlines the class
+hierarchy constructed from its Active Directory counterpart. The object model
+establishes a data foundation for all the operations supported by Active
+Directory module cmdlets.
+
+### Class Hierarchy
+
+The following list shows the class hierarchy defined in the Active Directory
+module object model, with class inheritance implied by indentation. This
+inheritance model allows for Active Directory cmdlets to accept a range of
+object types as input. This means, for example, that the cmdlet
+Get-ADPrincipalGroupMembership can accept as input any of the following
+objects: ADGroup, ADAccount, ADComputer, ADServiceAccount or ADUser. This works
+because of the inheritance model and guarantees that an ADUser object has all
+of the properties of an ADPrincipal object.
+
+```
+ADEntity
+  ADRootDSE
+  ADObject
+    ADFineGrainedPasswordPolicy
+    ADOptionalFeature
+    ADOrganizationalUnit
+    ADPartition
+      ADDomain
+    ADPrincipal
+      ADAccount
+        ADComputer
+        ADServiceAccount
+        ADUser
+      ADGroup
+  ADDefaultDomainPasswordPolicy
+  ADForest
+  ADDirectoryServer
+    ADDomainController
+```
+
+### Active Directory Module Classes
+
+The following listing shows every Active Directory module class from the class
+hierarchy listing. Each class defines a set of properties, some of which are
+LDAP attributes that are retrieved by default and some are new properties
+created specifically for the Active Directory module. These new properties are
+derived from one or more LDAP attributes as outlined in the class listings.
+
+
+- ADEntity - The base level class from which all other classes are derived.
+  - ADRootDSE - Represents the rootDSE and is derived from ADEntity. An
+    ADRootDSE may contain the following properties in addition to those
+    inherited from its parent.
+    - ConfigurationNamingContext - A property of type System.String, derived
+      from the directory attribute ConfigurationNamingContext
+    - CurrentTime - A property of type System.DateTime, derived from the
+      directory attribute CurrentTime
+    - DefaultNamingContext - A property of type System.String, derived from the
+      directory attribute DefaultNamingContext
+    - DnsHostName - A property of type System.String, derived from the
+      directory attribute DnsHostName
+    - DomainControllerFunctionality - A property of type
+      ADDomainControllerMode, derived from the directory attribute
+      DomainControllerFunctionality
+    - DomainFunctionality - A property of type ADDomainMode, derived from the
+      directory attribute DomainFunctionality
+    - DsServiceName - A property of type System.String, derived from the
+      directory attribute DsServiceName
+    - ForestFunctionality - A property of type ADForestMode, derived from the
+      directory attribute ForestFunctionality
+    - GlobalCatalogReady - A property of type System.Boolean, derived from the
+      directory attribute GlobalCatalogReady
+    - HighestCommittedUSN - A property of type System.Long, derived from the
+      directory attribute HighestCommittedUSN
+    - LdapServiceName - A property of type System.String, derived from the
+      directory attribute LdapServiceName
+    - NamingContexts - A property of type System.String, derived from the
+      directory attribute NamingContexts
+    - RootDomainNamingContext - A property of type System.String, derived from
+      the directory attribute RootDomainNamingContext
+    - SchemaNamingContext - A property of type System.String, derived from the
+      directory attribute SchemaNamingContext
+    - ServerName - A property of type System.String, derived from the directory
+      attribute ServerName
+    - SubschemaSubentry - A property of type ADObject, derived from the
+      directory attribute SubschemaSubentry
+    - SupportedCapabilities - A property of type ADObjectIdentifier, derived
+      from the directory attribute SupportedCapabilities
+    - SupportedControl - A property of type ADObjectIdentifier, derived from
+      the directory attribute SupportedControl
+    - SupportedLDAPPolicies - A property of type System.String, derived from
+      the directory attribute SupportedLDAPPolicies
+    - SupportedLDAPVersion - A property of type System.Int, derived from the
+      directory attribute SupportedLDAPVersion
+    - SupportedRootDSEOperations - A property of type
+      ADPropertyValueCollection, derived from the directory attribute
+      SupportedRootDSEOperations
+    - SupportedSASLMechanisms - A property of type System.String, derived from
+      the directory attribute SupportedSASLMechanisms
+    - Syncronized - A property of type System.Boolean, derived from the
+      directory attribute IsSynchronized.
+  - ADObject - Represents any object in Active Directory and is derived from
+    ADEntity. An ADObject may contain the following properties in addition to
+    those inherited from its parent.
+    - CanonicalName - A property of type System.String, derived from the
+      directory attribute: canonicalName
+    - CN - A property of type System.String, derived from the directory
+      attribute: cn
+    - Created - A property of type System.DateTime, derived from the directory
+      attribute: createTimeStamp
+    - Deleted - A property of type System.Boolean, derived from the directory
+      attribute: isDeleted
+    - Description - A property of type System.String, derived from the
+      directory attribute: description
+    - DisplayName - A property of type System.String, derived from the
+      directory attribute: displayName
+    - DistinguishedName - A property of type System.String, derived from the
+      directory attribute: distinguishedName
+    - LastKnownParent - A property of type System.String, derived from the
+      directory attribute: lastKnownParent
+    - Modified - A property of type System.DateTime, derived from the directory
+      attribute: modifyTimeStamp
+    - Name - A property of type System.String, derived from the directory
+      attribute: name
+    - ObjectCategory - A property of type System.String, derived from the
+      directory attribute: objectCategory
+    - ObjectClass - A property of type System.String, derived from the
+      directory attribute: objectClass
+    - ObjectGUID - A property of type System.Guid, derived from the directory
+      attribute: objectGUID
+    - ProtectedFromAccidentalDeletion - A property of type System.Boolean,
+      derived from the directory attributes: nTSecurityDescriptor,
+      sdRightsEffective, instanceType, isDeleted
+    - ADFineGrainedPasswordPolicy Represents a fine grained password policy
+      object; that is, an AD object of type msDS-PasswordSettings in AD DS and
+      is derived from ADObject. This class is not supported by AD LDS. An
+      ADFineGrainedPasswordPolicy may contain the following properties in
+      addition to those inherited from its parent.
+      - AppliesTo - A property of type System.String, derived from the
+        directory attribute: msDS-PSOAppliesTo
+      - ComplexityEnabled - A property of type System.Boolean, derived from the
+        directory attribute: msDS-PasswordComplexityEnabled
+      - LockoutDuration - A property of type System.TimeSpan, derived from the
+        directory attribute: msDS-LockoutDuration
+      - LockoutObservationWindow - A property of type System.TimeSpan, derived
+        from the directory attribute: msDS-LockoutObservationWindow
+      - LockoutThreshold - A property of type System.Int32, derived from the
+        directory attribute: msDS-LockoutThreshold
+      - MaxPasswordAge - A property of type System.TimeSpan, derived from the
+        directory attribute: msDS-MaximumPasswordAge
+      - MinPasswordAge - A property of type System.TimeSpan, derived from the
+        directory attribute: msDS-MinimumPasswordAge
+      - MinPasswordLength - A property of type System.Int32, derived from the
+        directory attribute: msDS-MinimumPasswordLength
+      - PasswordHistoryCount - A property of type System.Int32, derived from
+        the directory attribute: msDS-PasswordHistoryLength
+      - Precedence - A property of type System.Int32, derived from the
+        directory attribute: msDS-PasswordSettingsPrecedence
+      - ReversibleEncryptionEnabled - A property of type System.Boolean,
+        derived from the directory attribute:
+        msDS-PasswordReversibleEncryptionEnabled
+    - ADOptionalFeature Represents an optional feature, an Active Directory
+      object of type msDS-OptionalFeature, and is derived from ADObject. An
+      ADOptionalFeaturemay contain the following properties in addition to
+      those inherited from its parent.
+      - EnabledScopes - A property of type System.String, derived from the
+        directory attribute: msDS-EnabledFeatureBL
+      - FeatureGUID - A property of type System.Guid, derived from the
+        directory attribute: msDS-OptionalFeatureGUID
+      - FeatureScope - A property of type System.Int32, derived from the
+        directory attribute: msDS-OptionalFeatureFlags
+      - IsDisableable - A property of type System.Boolean, derived from the
+        directory attribute: msDS-OptionalFeatureFlags
+      - RequiredDomainMode - A property of type
+        Microsoft.ActiveDirectory.Management.ADDomainMode, derived from the
+        directory attribute: msDS-RequiredDomainBehaviorVersion
+      - RequiredForestMode - A property of type
+        Microsoft.ActiveDirectory.Management.ADForestMode, derived from the
+        directory attribute: msDS-RequiredForestBehaviorVersion
+    - ADOrganizationalUnit Represents an organizationalUnit (OU) object and is
+      derived from ADObject. An ADOrganizationalUnit may contain the following
+      properties in addition to those inherited from its parent.
+      - City - A property of type System.String, derived from the directory
+        attribute: l
+      - Country - A property of type System.String, derived from the directory
+        attribute: c
+      - LinkedGroupPolicyObjects - A property of type System.String, derived
+        from the directory attribute: gpLink. This property is not supported on
+        AD LDS.
+      - ManagedBy - A property of type System.String, derived from the
+        directory attribute: managedBy
+      - PostalCode - A property of type System.String, derived from the
+        directory attribute: postalCode
+      - State - A property of type System.String, derived from the directory
+        attribute: st
+      - StreetAddress - A property of type System.String, derived from the
+        directory attribute: street
+    - ADPartition - Represents a naming context, Configuration, Schema, Domain
+      or Application Partition(ND NC) and is derived from ADObject. This class
+      is not supported by AD LDS. An ADPartition may contain the following
+      properties in addition to those inherited from its parent.
+      - DeletedObjectsContainer - A property of type System.String, derived
+        from the directory attribute: DeletedObjectsContainer
+      - DNSRoot - A property of type System.String, derived from the directory
+        attribute: DNSRoot
+      - LostAndFoundContainer - A property of type System.String, derived from
+        the directory attribute: LostAndFoundContainer
+      - QuotasContainer - A property of type System.String, derived from the
+        directory attribute: QuotasContainer
+      - ReadOnlyReplicaDirectoryServers - A property of type System.String,
+        derived from the directory attribute: ReadOnlyReplicaDirectoryServers
+      - ReplicaDirectoryServers - A property of type System.String, derived
+        from the directory attribute: ReplicaDirectoryServers
+      - SubordinateReferences - A property of type System.String, derived from
+        the directory attribute: SubordinateReferences
+      - ADDomain - Represents a domain in AD DS or an instance in AD LDS; for
+        example, an Active Directory object of type domainDNS and is derived
+        from ADPartition. This class is not supported by AD LDS. An ADDomain
+        may contain the following properties in addition to those inherited
+        from its parent.
+        - AllowedDNSSuffixes - A property of type System.String, derived from
+          the directory attribute: msDS-AllowedDNSSuffixes
+        - ChildDomains - A property of type System.String, derived from the
+          directory attribute: ChildDomains
+        - ComputersContainer - A property of type System.String, derived from
+          the directory attribute: ComputersContainer
+        - DomainControllersContainer - A property of type System.String,
+          derived from the directory attribute: DomainControllersContainer
+        - DomainMode - A property of type System.Int32, derived from the
+          directory attribute: msDS-Behavior-Version
+        - DomainSID - A property of type
+          System.Security.Principal.SecurityIdentifier, derived from the
+          directory attribute: objectSid
+        - ForeignSecurityPrincipalsContainer - A property of type
+          System.String, derived from the directory attribute:
+          ForeignSecurityPrincipalsContainer
+        - Forest - A property of type System.String, derived from the directory
+          attribute: Forest
+        - InfrastructureMaster - A property of type System.String, derived from
+          the directory attribute: InfrastructureMaster
+        - LastLogonReplicationInterval - A property of type System.TimeSpan,
+          derived from the directory attribute: msDS-LogonTimeSyncInterval
+        - LinkedGroupPolicyObjects - A property of type System.String, derived
+          from the directory attribute: LinkedGroupPolicyObjects
+        - ManagedBy - A property of type System.String, derived from the
+          directory attribute: managedBy
+        - NetBIOSName - A property of type System.String, derived from the
+          directory attribute: NetBIOSName
+        - ParentDomain - A property of type System.String, derived from the
+          directory attribute: ParentDomain
+        - PDCEmulator - A property of type System.String, derived from the
+          directory attribute: PDCEmulator
+        - RIDMaster - A property of type System.String, derived from the
+          directory attribute: RIDMaster
+        - SystemsContainer - A property of type System.String, derived from the
+          directory attribute: SystemsContainer
+        - UsersContainer - A property of type System.String, derived from the
+          directory attribute: UsersContainer
+      - ADPrincipal - Represents a security principal, which is an Active
+        Directory object of type user, computer, group or iNetOrgPerson and is
+        derived from ADObject. An ADPrincipal may contain the following
+        properties in addition to those inherited from its parent.
+        - HomePage - A property of type System.String, derived from the
+          directory attribute: wWWHomePage
+        - MemberOf - A property of type System.String, derived from the
+          directory attribute: memberOf
+        - SamAccountName - A property of type System.String, derived from the
+          directory attribute: sAMAccountName. This property is not supported
+          for AD LDS.
+        - SID - A property of type
+          System.Security.Principal.SecurityIdentifier, derived from the
+          directory attribute: objectSid
+        - SIDHistory - A property of type
+          System.Security.Principal.SecurityIdentifier, derived from the
+          directory attribute: sIDHistory. This property is not supported for
+          AD LDS.
+        - ADAccount - Represents a security account; that is, an Active
+          Directory object of type user, computer or iNetOrgPerson and is
+          derived from ADPrincipal. An ADAccount may contain the following
+          properties in addition to those inherited from its parent.
+          - AccountExpirationDate - A property of type System.DateTime, derived
+            from the directory attribute: accountExpires
+          - AccountLockoutTime - A property of type System.DateTime, derived
+            from the directory attribute: lockoutTime
+          - AccountNotDelegated - A property of type System.Boolean, derived
+            from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - AllowReversiblePasswordEncryption - A property of type
+            System.Boolean, for AD DS it is derived from the directory
+            attribute: userAccountControl; for AD LDS it is derived from the
+            directory attribute: ms-DS-UserEncryptedTextPasswordAllowed
+          - BadLogonCount - A property of type System.Int32, derived from the
+            directory attribute: badPwdCount
+          - CannotChangePassword - A property of type System.Boolean, derived
+            from the directory attribute: nTSecurityDescriptor
+          - Certificates - A property of type
+            System.Security.Cryptography.X509Certificates.X509Certificate,
+            derived from the directory attribute: userCertificate
+          - DoesNotRequirePreAuth - A property of type System.Boolean, derived
+            from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - Enabled - A property of type System.Boolean, for AD DS it is
+            derived from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed; for AD LDS it is derived from
+            the directory attribute msDS-UserAccountDisabled
+          - HomedirRequired - A property of type System.Boolean, derived from
+            the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - LastBadPasswordAttempt - A property of type System.DateTime,
+            derived from the directory attribute: badPasswordTime
+          - LastLogonDate - A property of type System.DateTime, derived from
+            the directory attribute: lastLogonTimestamp
+          - LockedOut - A property of type System.Boolean, for AD DS it is
+            derived from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed, lockoutTime; for AD LDS it is
+            derived from the directory attribute msDS-UserAccountDisabled
+          - MNSLogonAccount - A property of type System.Boolean, derived from
+            the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - PasswordExpired - A property of type System.Boolean, for AD DS it
+            is derived from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed; for AD LDS it is derived from
+            the directory attribute msDS-UserPasswordExpired
+          - PasswordLastSet - A property of type System.DateTime, derived from
+            the directory attribute: pwdLastSet
+          - PasswordNeverExpires - A property of type System.Boolean, for AD
+            LDS it is derived from the directory attributes:
+            userAccountControl, msDS-User-Account-Control-Computed; for AD LDS
+            it is derived from the directory attribute:
+            msDS-UserDontExpirePassword
+          - PasswordNotRequired - A property of type System.Boolean, for AD DS
+            it is derived from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed; for AD LDS it is derived from
+            the directory attribute: ms-DS-UserPasswordNotRequired
+          - PrimaryGroup - A property of type System.String, derived from the
+            directory attributes: primaryGroupID, objectSid. This property is
+            not supported by AD LDS.
+          - ServicePrincipalNames - A property of type System.String, derived
+            from the directory attribute: servicePrincipalName. This property
+            is not supported by AD LDS.
+          - TrustedForDelegation - A property of type System.Boolean, derived
+            from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - TrustedToAuthForDelegation - A property of type System.Boolean,
+            derived from the directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - UseDESKeyOnly - A property of type System.Boolean, derived from the
+            directory attributes: userAccountControl,
+            msDS-User-Account-Control-Computed. This property is not supported
+            by AD LDS.
+          - UserPrincipalName - A property of type System.String, derived from
+            the directory attribute: userPrincipalName
+          - ADComputer - Represents a computer and is derived from ADAccount.
+            An ADComputer may contain the following properties in addition to
+            those inherited from its parent.
+            - DNSHostName - A property of type System.String, derived from the
+              directory attribute: dNSHostName
+            - IPv4Address - A property of type System.String, derived from the
+              directory attribute: dNSHostName
+            - IPv6Address - A property of type System.String, derived from the
+              directory attribute: dNSHostName
+            - Location - A property of type System.String, derived from the
+              directory attribute: location
+            - ManagedBy - A property of type System.String, derived from the
+              directory attribute: managedBy
+            - OperatingSystem - A property of type System.String, derived from
+              the directory attribute: operatingSystem
+            - OperatingSystemHotfix - A property of type System.String, derived
+              from the directory attribute: operatingSystemHotfix
+            - OperatingSystemServicePack - A property of type System.String,
+              derived from the directory attribute: operatingSystemServicePack
+            - OperatingSystemVersion - A property of type System.String,
+              derived from the directory attribute: operatingSystemVersion
+            - ServiceAccount - A property of type System.String, derived from
+              the directory attribute: msDS-HostServiceAccount
+          - ADServiceAccount - Represents a managed service account; that is,
+            an Active Directory object of type msDS-ManagerdServiceAccount and
+            is derived from ADAccount. This class is not supported by AD LDS.
+            An ADServiceAccount may contain the following properties in
+            addition to those inherited from its parent.
+            - HostComputers - A property of type System.String, derived from
+              the directory attribute: msDS-HostServiceAccountBL
+          - ADUser - Represents a user (or iNetOrgPerson) and is derived from
+            ADAccount. An ADUser may contain the following properties in
+            addition to those inherited from its parent.
+            - City - A property of type System.String, derived from the
+              directory attribute: l
+            - Company - A property of type System.String, derived from the
+              directory attribute: company
+            - Country - A property of type System.String, derived from the
+              directory attribute: c
+            - Department - A property of type System.String, derived from the
+              directory attribute: department
+            - Division - A property of type System.String, derived from the
+              directory attribute: division
+            - EmailAddress - A property of type System.String, derived from the
+              directory attribute: mail
+            - EmployeeID - A property of type System.String, derived from the
+              directory attribute: employeeID
+            - EmployeeNumber - A property of type System.String, derived from
+              the directory attribute: employeeNumber
+            - Fax - A property of type System.String, derived from the
+              directory attribute: facsimileTelephoneNumber
+            - GivenName - A property of type System.String, derived from the
+              directory attribute: givenName
+            - HomeDirectory - A property of type System.String, derived from
+              the directory attribute: homeDirectory. This property is not
+              supported by AD LDS.
+            - HomeDrive - A property of type System.String, derived from the
+              directory attribute: homeDrive. This property is not supported by
+              AD LDS.
+            - HomePhone - A property of type System.String, derived from the
+              directory attribute: homePhone
+            - Initials - A property of type System.String, derived from the
+              directory attribute: initials
+            - LogonWorkstations - A property of type System.String, derived
+              from the directory attribute: userWorkstations. This property is
+              not supported by AD LDS.
+            - Manager - A property of type System.String, derived from the
+              directory attribute: manager
+            - MobilePhone - A property of type System.String, derived from the
+              directory attribute: mobile
+            - Office - A property of type System.String, derived from the
+              directory attribute: physicalDeliveryOfficeName
+            - OfficePhone - A property of type System.String, derived from the
+              directory attribute: telephoneNumber
+            - Organization - A property of type System.String, derived from the
+              directory attribute: o
+            - OtherName - A property of type System.String, derived from the
+              directory attribute: middleName
+            - POBox - A property of type System.String, derived from the
+              directory attribute: postOfficeBox
+            - PostalCode - A property of type System.String, derived from the
+              directory attribute: postalCode
+            - ProfilePath - A property of type System.String, derived from the
+              directory attribute: profilePath. This property is not supported
+              by AD LDS.
+            - ScriptPath - A property of type System.String, derived from the
+              directory attribute: scriptPath. This property is not supported
+              by AD LDS.
+            - SmartcardLogonRequired - A property of type System.Boolean,
+              derived from the directory attributes: userAccountControl,
+              msDS-User-Account-Control-Computed. This property is not
+              supported by AD LDS.
+            - State - A property of type System.String, derived from the
+              directory attribute: st
+            - StreetAddress - A property of type System.String, derived from
+              the directory attribute: streetAddress
+            - Surname - A property of type System.String, derived from the
+              directory attribute: sn
+            - Title - A property of type System.String, derived from the
+              directory attribute: title
+        - ADGroup -Represents a group and is derived from ADPrincipal. An
+          ADGroup may contain the following properties in addition to those
+          inherited from its parent.
+          - GroupCategory - A property of type
+            Microsoft.ActiveDirectory.Management.ADGroupCategory, derived from
+            the directory attribute: groupType
+          - GroupScope - A property of type
+            Microsoft.ActiveDirectory.Management.ADGroupScope, derived from the
+            directory attribute: groupType
+          - ManagedBy - A property of type System.String, derived from the
+            directory attribute: managedBy
+          - Members - A property of type System.String, derived from the
+            directory attribute: member
+  - ADDefaultDomainPasswordPolicy - Represents the domain-wide password policy
+    of an Active Directory domain and is derived from ADEntity. This class is
+    not supported by AD LDS. An ADDefaultDomainPasswordPolicy may contain the
+    following properties in addition to those inherited from its parent.
+    - ComplexityEnabled - A property of type System.Boolean, derived from the
+      directory attribute: pwdProperties
+    - DistinguishedName - A property of type System.String, derived from the
+      directory attribute: distinguishedName
+    - LockoutDuration - A property of type System.TimeSpan, derived from the
+      directory attribute: lockoutDuration
+    - LockoutObservationWindow - A property of type System.TimeSpan, derived
+      from the directory attribute: lockoutObservationWindow
+    - LockoutThreshold - A property of type System.Int32, derived from the
+      directory attribute: lockoutThreshold
+    - MaxPasswordAge - A property of type System.TimeSpan, derived from the
+      directory attribute: maxPwdAge
+    - MinPasswordAge - A property of type System.TimeSpan, derived from the
+      directory attribute: minPwdAge
+    - MinPasswordLength - A property of type System.Int32, derived from the
+      directory attribute: minPwdLength
+    - PasswordHistoryCount - A property of type System.Int32, derived from the
+      directory attribute: pwdHistoryLength
+    - ReversibleEncryptionEnabled - A property of type System.Boolean, derived
+      from the directory attribute: pwdProperties
+  - ADForest - Represents a Active Directory forest in AD DS or a Configuration
+    Set in AD LDS and is derived from ADEntity. This class is not supported by
+    AD LDS. An ADForest may contain the following properties in addition to
+    those inherited from its parent.
+    - ApplicationPartitions - A property of type System.String, derived from
+      the directory attribute: ApplicationPartitions
+    - CrossForestReferences - A property of type System.String, derived from
+      the directory attribute: CrossForestReferences
+    - DomainNamingMaster - A property of type System.String, derived from the
+      directory attribute: DomainNamingMaster
+    - Domains - A property of type System.String, derived from the directory
+      attribute: Domains
+    - ForestMode - A property of type System.Int32, derived from the directory
+      attribute: msDS-Behavior-Version
+    - GlobalCatalogs - A property of type System.String, derived from the
+      directory attribute: GlobalCatalogs
+    - Name - A property of type System.String, derived from the directory
+      attribute: name
+    - PartitionContainerName - A property of type System.String, derived from
+      the directory attribute: distinguishedName
+    - RootDomain - A property of type System.String, derived from the directory
+      attribute: RootDomain
+    - SchemaMaster - A property of type System.String, derived from the
+      directory attribute: SchemaMaster
+    - Sites - A property of type System.String, derived from the directory
+      attribute: Sites
+    - SPNSuffixes - A property of type System.String, derived from the
+      directory attribute: msDS-SPNSuffixes
+    - UPNSuffixes - A property of type System.String, derived from the
+      directory attribute: uPNSuffixes
+  - ADDirectoryServer - Represents a directory server used as either a domain
+    controller or an AD LDS instance and is derived from ADEntity. An
+    ADDirectoryServer may contain the following properties in addition to those
+    inherited from its parent.
+    - DefaultPartition - A property of type System.String, derived from the
+      directory attribute: DefaultPartition
+    - HostName - A property of type System.String, derived from the directory
+      attribute: HostName
+    - InvocationId - A property of type System.Guid, derived from the directory
+      attribute: InvocationId
+    - IPv4Address - A property of type System.String, derived from the
+      directory attribute: HostName
+    - IPv6Address - A property of type System.String, derived from the
+      directory attribute: HostName
+    - LdapPort - A property of type System.Int32, derived from the directory
+      attribute: LdapPort
+    - Name - A property of type System.String, derived from the directory
+      attribute: Name
+    - NTDSSettingsObjectDN - A property of type System.String, derived from the
+      directory attribute: NTDSSettingsObjectDN
+    - OperationMasterRoles - A property of type
+      Microsoft.ActiveDirectory.Management.ADOperationMasterRole, derived from
+      the directory attribute: OperationMasterRole
+    - Partitions - A property of type System.String, derived from the directory
+      attribute: Partitions
+    - ServerObjectDN - A property of type System.String, derived from the
+      directory attribute: ServerObjectDN
+    - ServerObjectGuid - A property of type System.Guid, derived from the
+      directory attribute: ServerObjectGuid
+    - Site - A property of type System.String, derived from the directory
+      attribute: Site
+    - SslPort - A property of type System.Int32, derived from the directory
+      attribute: SslPort
+    - ADDomainController - Represents a domain controller in AD DS and is
+      derived from ADDirectoryServer. An ADDomainController may contain the
+      following properties in addition to those inherited from its parent.
+      - ComputerObjectDN - A property of type System.String, derived from the
+        directory attribute: ComputerDN
+      - Domain - A property of type System.String, derived from the directory
+        attribute: Domain
+      - Enabled - A property of type System.Boolean, derived from the directory
+        attribute: Enabled
+      - Forest - A property of type System.String, derived from the directory
+        attribute: Forest
+      - IsGlobalCatalog - A property of type System.Boolean, derived from the
+        directory attribute: IsGlobalCatalog
+      - IsReadOnly - A property of type System.Boolean, derived from the
+        directory attribute: IsReadOnly
+      - OperatingSystem - A property of type System.String, derived from the
+        directory attribute: OSName
+      - OperatingSystemHotfix - A property of type System.String, derived from
+        the directory attribute: OSHotFix
+      - OperatingSystemServicePack - A property of type System.String, derived
+        from the directory attribute: OSServicepack
+      - OperatingSystemVersion - A property of type System.String, derived from
+        the directory attribute: OSVersion