# Computer provisioning {% hint style="info" %} Principal identifier: `SamAccountName` {% endhint %} {% hint style="info" %} Active Directory automatically appends `$` to computer SAMAccountNames. OpenIAM stores and handles the value without `$`, and the connector appends it silently when communicating with AD. {% endhint %} ## Parameters | Parameter | Description | Required | Type | | --------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------- | -------- | ------------ | | Name | Name of the computer object (LDAP: `name`). | Yes | String | | AccountExpirationDate | Account expiry date. Set to `0` for no expiry (LDAP: `accountExpires`). | No | DateTime | | AccountNotDelegated | Prevents Kerberos delegation for this account (sets `ADS_UF_NOT_DELEGATED`). | No | True / False | | AllowReversiblePasswordEncryption | Allows reversible password encryption (sets `ADS_UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED`). | No | True / False | | AuthenticationPolicy | AD DS authentication policy object. Accepts DN, GUID, or name. | No | String | | AuthenticationPolicySilo | AD DS authentication policy silo object. Accepts DN, GUID, or name. | No | String | | CannotChangePassword | Prevents the account password from being changed. | No | True / False | | ChangePasswordAtLogon | Forces a password change at next logon. | No | True / False | | CompoundIdentitySupported | Supports Kerberos service tickets containing device authorization data. | No | True / False | | Description | Description of the object (LDAP: `description`). | No | String | | DisplayName | Display name (LDAP: `displayName`). | No | String | | DNSHostName | Fully qualified domain name (FQDN) of the computer (LDAP: `dNSHostName`). | No | String | | Enabled | Enables or disables the account (sets `ADS_UF_ACCOUNTDISABLE`). | No | True / False | | HomePage | URL of the home page (LDAP: `wWWHomePage`). | No | String | | KerberosEncryptionType | Kerberos encryption types: `None`, `DES`, `RC4`, `AES128`, `AES256`. Note: DES is not supported by default since Windows Server 2008 R2. | No | String | | Location | Physical location of the computer, e.g. office number (LDAP: `location`). | No | String | | ManagedBy | User or group managing this object. Accepts DN, GUID, SID, or SAMAccountName (LDAP: `managedBy`). | No | String | | OperatingSystem | Operating system name (LDAP: `operatingSystem`). | No | String | | OperatingSystemHotfix | OS hotfix name (LDAP: `operatingSystemHotfix`). | No | String | | OperatingSystemServicePack | OS service pack name (LDAP: `operatingSystemServicePack`). | No | String | | OperatingSystemVersion | OS version (LDAP: `operatingSystemVersion`). | No | String | | PasswordNeverExpires | Password does not expire (sets `ADS_UF_DONT_EXPIRE_PASSWD`). | No | True / False | | PasswordNotRequired | Account does not require a password (sets `ADS_UF_PASSWD_NOTREQD`). | No | True / False | | Path | OU or container path (DN format) where the object is created. If not set, `BaseDN` is used. | No | String | | SamAccountName | SAM account name. Maximum 15 characters for computers (LDAP: `sAMAccountName`). | No | String | | TrustedForDelegation | Account trusted for Kerberos delegation (sets `ADS_UF_TRUSTED_FOR_DELEGATION`). | No | True / False | | UserPrincipalName | UPN in the format `user@DNS-domain-name`. | No | String | --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs-beta.openiam.com/application-onboarding/connectors/active-directory-powershell-connector/computer-provisioning.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.