Active Directory LDAP Field Mappings

by Robert Allen

This page provides a mapping of common Active Directory fields to its LDAP attribute name. 

When using Active Directory users and computers you will see the Microsoft provided friendly names. Under the hood of Active Directory these fields are actually using an LDAP attribute. You can see the LDAP attribute name in the attribute editor. 

When working with scripts or creating a program you will need to use the LDAP attribute name. 

This page provides a visual reference of the LDAP field mappings in Active Directory. In addition, I created a table view for a quick reference. 

General Tab

Address Tab

Account Tab

Profile Tab

Telephones Tab

Organization Tab

LDAP Mappings Table View

TABActive Directory FieldLDAP Attribute
GeneralFirst NamegivenName
GeneralInitialsinitials
GeneralLast namesn
GeneralDisplay namedisplayName
GeneralDescriptiondescription
GeneralOfficephysicalDeliveryOfficeName
GeneralTelephone numbertelephoneNumber
GeneralE-mailmail
GeneralWeb pagewWWHomePage
AddressStreetstreetAddress
AddressP.O BoxpostOfficeBox
AddressCityl
AddressState/provinceSt
AddressZip/Postal CodepostalCode
AddressCounty/regionco
AccountUser logon nameuserPrincipalName
Accountuser logon name (pre-Windows 200)sAMAccountName
ProfileProfile pathprofilePath
ProfileLogon scriptscriptPath
ProfileLocal pathhomeDirectory
ProfileConnecthomeDrive
TelephonesHomehomePhone
TelephonesPagerpager
TelephonesMobileMobile
TelephonesFaxfacsimileTelephoneNumber
TelephonesIP PhoneipPhone
OrganizationJob Titletitle
OrganizationDepartmentdepartment
OrganizationCompanycompany
OrganizationManagermanager
OrganizationDirect Reportsdirectreports

Recommended Tools

  • AD Cleanup Tool - Find stale and inactive user and computer accounts in Active Directory. Export, disable, move or delete the stale accounts to increase security.
  • AD User Creation Tool - Bulk import or update Active Directory user accounts. Add users to groups, import into OUs, set multiple attributes and more.
  • NTFS Permissions Tool - Scan and audit NTFS folder permissions. See which users and groups have access to what.
  • AD Reporting Tool - Over 200 reports on users, computers, groups, OUs and more. Customize reports or create your own reports with the report builder.

26 thoughts on “Active Directory LDAP Field Mappings”

  1. A BIG thank you!

    Do you happen to know whether there is a complete, definitive list of data available LDAP query (via ADSI)? Struggling to see what is possible.

    Reply

  2. many thanks. if you need to hide some attributes there are some other “hidden” fields eg otherHomePhone, otherPager, otherMobile, otherFacsimileTelephoneNumber, otherIpPhone, otherTelephone

    Reply

  5. Trying to get a Attribute that is o under the Attribute Editor how do I pull that information that is not standard fields

    Reply

    • It is the common name or name. The canonical name looks like this ad.activedirectorypro.com/ADPRO Users/test-build2/test.user003

      Reply

    • It is stored in the userAccountControl attribute. You would need to use an LDAP query to find it (&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=65536))

      Reply

  13. How do I get support? I have the AD Toolkit and the user update is not updating the proxy addresses correctly. I have examples

    Reply

  14. I believe there is a typo in the LDAP Mappings Table View. It is showing LDAP Attribute=telephoneNumber for the Active Directory Field=Office…

    LDAP Mappings Table View
    TAB Active Directory Field LDAP Attribute
    General First Name givenName
    General Initials initials
    General Last name sn
    General Display name displayName
    General Description description
    General Office telephoneNumber
    General Telephone number telephoneNumber
    General E-mail mail

    Reply

Leave a Comment