The Directories Management User Attributes page lists the user attributes that sync to your Active Directory connection.

Changes that are made and saved in the User Attributes page are added to the Mapped Attributes page in the Directories Management directory. The attributes changes are updated to the directory with the next sync to Active Directory.

The User Attributes page lists the default directory attributes that can be mapped to Active Directory attributes. You select the attributes that are required, and you can add other Active Directory attributes that you want to sync to the directory.

Table 1. Default Active Directory Attributes to Sync to Directory

Directory Attribute Name

Default Mapping to Active Directory Attribute

userPrincipalName

userPrincipalName

distinguishedName

distinguishedName

employeeId

employeeID

domain

canonicalName. Adds the fully qualified domain name of object.

disabled (external user disabled)

userAccountControl. Flagged with UF_Account_Disable

When an account is disabled, users cannot log in to access their applications and resources. The resources that users were entitled to are not removed from the account so that when the flag is removed from the account users can log in and access their entitled resources

phone

telephoneNumber

lastName

sn

firstName

givenName

email

mail

userName

sAMAccountName.

The User Attributes page lists the default directory attributes that can be mapped to Active Directory attributes. You select the attributes that are required, and you can add other Active Directory attributes that you want to sync to the directory.

Table 2. Default Active Directory Attributes to Sync to Directory

Directory Attribute Name

Default Mapping to Active Directory Attribute

userPrincipalName

userPrincipalName

distinguishedName

distinguishedName

employeeId

employeeID

domain

canonicalName. Adds the fully qualified domain name of object.

disabled (external user disabled)

userAccountControl. Flagged with UF_Account_Disable

When an account is disabled, users cannot log in to access their applications and resources. The resources that users were entitled to are not removed from the account so that when the flag is removed from the account users can log in and access their entitled resources

phone

telephoneNumber

lastName

sn

firstName

givenName

email

mail

userName

sAMAccountName.