Object picker UI

  • Article

Updated: July 3, 2014

Applies To: Windows 8.1, Windows RT 8.1, Windows Server 2012 R2

If you are trying to solve an issue with your personal computer, you should check the help page at How can we help you?

This topic contains examples of object types that you can select when configuring access to various types of computer objects (for example, ownership and permissions).

Use the Object Picker control to type the object names that you want to find on the network or the local computer. You can search for multiple objects by separating each name with a semicolon. For information about Active Directory objects that you can specify in this dialog box when your computer is part of a domain, see Active Directory Domain Services objects later in this topic.

Object Type Details Examples

Built-in security principal

Represents default built-in groups and security principals.

To view built-in principals, type Users on the Start screen, click Edit local users and groups, and then double-click Groups or Users.

Users:

  • Administrator

  • Guest

Groups:

  • Administrators

  • Guests

  • Users

  • Power Users

  • Everyone

  • Authenticated Users

Computer

Represents a computer's access to network resources.

The computer name was established when the operating system was installed. The computer name is recorded on the computer information page in Windows 8.1. To view it, type System on the Start screen.

CarrollB-HomeComputer

Group

Can contain users, computers, and other groups as members.

To view these security principals, type Groups on the Start screen, click Edit local users and groups, and then double-click Groups.

Client operating system groups:

  • Administrators

  • Users

  • Power Users

  • Guests

Server operating system groups:

  • Administrators

  • System Operators

  • Users

  • Power Users

  • Everyone

  • Authenticated Users

  • Anonymous Logon

  • Guests

  • System

Users

Allows people to access network resources.

To view users who currently have accounts on this local computer, type Users on the Start screen, click Edit local users and groups, and then double-click Users.

CarrollB

HomeServer\CarrollB

Contact

Locates information about people. Contact objects cannot be assigned permissions, and therefore, they do not have access to network resources.

Local Contact objects can be found in the following directory path on your computer: <drive>\Users\<user name>\Contacts.

Carroll Blythe

Other

Can be created by applications.

Specific for each instance

Active Directory Domain Services objects

Real-world objects such as users and computers are represented as objects in Active Directory. And these objects can be contained in other objects called container objects. Active Directory Domain Services supports numerous object types, and each is represented by a unique global identifier.

Each object has a set of attributes that best describe it. For example, consider a user object. Each user can have attributes such as Name, Address, and Telephone number. The objects that can be authenticated and to which permissions can be assigned are called security principals. Each security principal object has a security identifier (SID) associated with it, in addition to the global identifier (GUID).

Object Type Details Examples

Built-in security principal

Represents default built-in groups and security principals.

Users:

  • Administrator

  • Cert Publishers

  • Domain Guests

  • Guest

Groups:

  • Administrators

  • Server Operators

  • Print Operators

  • Users

  • Hyper-V Administrators

  • Guests

Computer

Represents a work station or a server in a network. A computer account helps in authenticating and authorizing its access to network resources.

CarrollB

CARROLLB.sales.contoso.com

Group

Represents a collection of user accounts, computer accounts, contacts, and other groups that can be managed as a single unit. Groups facilitate role-based access to network resources. There are two types of groups:

  • Security groups are mainly used for the purpose of providing access to network resources.

  • Distribution groups are not security-enabled and can be used only for communication purposes. Groups can vary in scope, limiting their membership and scope of operation.

Client operating system groups:

  • Administrators

  • Users

  • Power Users

  • Guests

Server operating system groups:

  • Administrators

  • System Operators

  • Users

  • Power Users

  • Everyone

  • Authenticated Users

  • Anonymous Logon

  • Guests

  • System

User

Represents individuals who need access to the resources in a network. Each user account has a user name and a password. The purpose behind creating user accounts is to authenticate the identity of the user and authorize the user's access to network resources. Active Directory supports two types of built-in user accounts: Administrator and Guest.

CarrollB

Contoso\CarrollB

Contact

Contains the contact information about people who are associated with the organization but are not part of it, for example, contractors or suppliers. A contact object does not have a SID associated with it, which prevents it from having access to network resources.

Carroll Blythe

Shared folder

Used to share files across the network. It is mapped to a file share on a server.

In Active Directory, published shared folders are located in an organizational unit.

<drive>:\Users\CarrollB\Public

Printer

Corresponds to a printer resource in a network. Printer objects are listed under the Domain Controllers container in Active Directory Users and Computers.

Printer object naming is organization-specific, for example: 2012-ColorTone 200 Driver, which is a driver associated with Type of Printer.

See also