Use the get_zone_user_field command to return the value for a specified field from the currently selected zone user stored in memory. The get_zone_user_field command does not query Active Directory for the zone user. If you change field values using ADEdit without saving the zone user to Active Directory, the field value you retrieve using get_zone_user_field won’t match the same field value for the zone user stored in Active Directory.

Zone type

Classic and hierarchical


get_zone_user_field field




This command takes no options.


This command takes the following required argument:

field (string type)

Specifies the case-sensitive name of the field whose value to retrieve.

Argument values

  • addn: Returns the distinguished name of the Active Directory user object for the zone user. For example, if the user object is created in the default Users container, this field might return a path similar to CN=amy.adams,CN=Users,DC=ajax,DC=org.
  • createTime: Returns the time and date this zone user was created.
  • dn: Returns the distinguished name of the service connection point for the zone user. If the zone is a Services for UNIX (sfu) zone, no value is returned for this field.
  • enabled: Returns 1 if the user is enabled, or 0 if the user is disabled. This field is only applicable for users in classic zones. All other zone types use roles.
  • foreign: If the zone user comes from another forest, this field returns the user principal name of the zone user. Otherwise, this field returns no value.
  • gecos: Returns information from the GECOS field.
  • gid: Returns the primary group identifier (GID) for the user.
  • home: the Returns user’s home directory.
  • modifyTime: Returns the time and date this zone user was last modified.
  • shell: Returns the user’s shell type.
  • uid: Returns the numeric identifier for the user.
  • uname: Returns the user name.

You can also specify AIX extended attributes as the field to get an extended attribute value for a zone user.

Return value

This command returns a field value. The data type depends on the field specified.


The following example returns the current zone user’s user name:

get_zone_user_field uname

If the current zone user is on AIX, you can get extended attributes and values. For example:

get_zone_user_field aix.ttys

Related commands

Before you use this command, you must have a currently selected zone user stored in memory. The following commands enable you to view and select a zone user:

  • get_zone_users returns a Tcl list of the Active Directory names of all zone users in the current zone.
  • list_zone_users lists to stdout the zone users and their NSS data in the current zone.
  • new_zone_user creates a new zone user and stores it in memory.
  • select_zone_user retrieves a zone user from Active Directory and stores it in memory.

After you have a zone user stored in memory, you can use the following commands to work with that zone user:

  • delete_zone_user deletes the selected zone user from Active Directory and from memory.
  • save_zone_user saves the selected zone user with its current settings to Active Directory.
  • set_zone_user_field sets a field value in the currently selected zone user.