This page provides a mapping of common Active Directory fields to its LDAP attribute name.
When using Active Directory users and computers you will see the Microsoft provided friendly names. Under the hood of Active Directory these fields are actually using an LDAP attribute. You can see the LDAP attribute name in the attribute editor.
When working with scripts or creating a program you will need to use the LDAP attribute name.
This page provides a visual reference of the LDAP field mappings in Active Directory. In addition, I created a table view for a quick reference.
General Tab
Address Tab
Account Tab
Profile Tab
Telephones Tab
Organization Tab
LDAP Mappings Table View
| TAB | Active Directory Field | LDAP Attribute |
| General | First Name | givenName |
| General | Initials | initials |
| General | Last name | sn |
| General | Display name | displayName |
| General | Description | description |
| General | Office | physicalDeliveryOfficeName |
| General | Telephone number | telephoneNumber |
| General | ||
| General | Web page | wWWHomePage |
| Address | Street | streetAddress |
| Address | P.O Box | postOfficeBox |
| Address | City | l |
| Address | State/province | St |
| Address | Zip/Postal Code | postalCode |
| Address | County/region | co |
| Account | User logon name | userPrincipalName |
| Account | user logon name (pre-Windows 200) | sAMAccountName |
| Profile | Profile path | profilePath |
| Profile | Logon script | scriptPath |
| Profile | Local path | homeDirectory |
| Profile | Connect | homeDrive |
| Telephones | Home | homePhone |
| Telephones | Pager | pager |
| Telephones | Mobile | Mobile |
| Telephones | Fax | facsimileTelephoneNumber |
| Telephones | IP Phone | ipPhone |
| Organization | Job Title | title |
| Organization | Department | department |
| Organization | Company | company |
| Organization | Manager | manager |
| Organization | Direct Reports | directreports |
I believe there is a typo in the LDAP Mappings Table View. It is showing LDAP Attribute=telephoneNumber for the Active Directory Field=Office…
LDAP Mappings Table View
TAB Active Directory Field LDAP Attribute
General First Name givenName
General Initials initials
General Last name sn
General Display name displayName
General Description description
General Office telephoneNumber
General Telephone number telephoneNumber
General E-mail mail
Good catch. I have updated the page.
giveName should be givenName
Thanks. I have updated it.
How do I get support? I have the AD Toolkit and the user update is not updating the proxy addresses correctly. I have examples
https://activedirectorypro.com/contact/
What is the ldap Atrribute for User cannot change password? and is it 1/0 or True/False?
It is stored in the userAccountControl attribute. You would need to use an LDAP query to find it (&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=65536))
In the example the “test.user003” at the top of each screen shot is the Canonical name object, correct?
It is the common name or name. The canonical name looks like this ad.activedirectorypro.com/ADPRO Users/test-build2/test.user003
Incomplete. Where is “otherMailbox”?
That attribute is not displayed in the GUI, you can view it by clicking on the Attribute Editor.
Hi, how can I do an ldap query that give me all the attributes of the result?
thanks
Hi Robert,
if I try to catch the displayName via SQL Server it returns another value than in the UI.
Example:
SQL-Server: firstname lastname
UI: firstname lastname (Extern)
Extern is a suffix which we add for external personell. And that is information I need.
Statement:
SELECT department, facsimileTelephoneNumber, mobile, LOWER(mail) COLLATE SQL_Latin1_General_CP437_CI_AI AS lower_mail, displayName, samAccountName, trim(userPrincipalName) COLLATE SQL_Latin1_General_CP437_CI_AI
AS lower_username
FROM OPENQUERY(ADSI,
‘SELECT userPrincipalName, samAccountName, displayName, mail, mobile, facsimileTelephoneNumber, department
FROM ”LDAP://BITBWSD01.BITBW.BWL.NET/OU=BITBW,OU=Dienststellen,DC=BITBW,DC=BWL,DC=NET”
WHERE objectClass = ”User”
‘)
AS derivedtbl_1
WHERE (trim(userPrincipalName) COLLATE SQL_Latin1_General_CP437_CI_AI IS NOT NULL)
Any Idea why this is different?
Have a great day!
Lars
Hey where can I get account expires?
It is the accountExpires attribute. You can view it from the Attribute Editor tab.
what is attribute for Disabled users