Skip to main content

LDAP attributes

The following article presents a brief description of common LDAP attributes.

Such attributes can be mapped directly into Bizagi's WFUser System Entity's attributes through the LDAP synchronization feature.

For more information about this feature, refer to Importing LDAP Users.

Refer to the table below to view how to address attributes in your LDAP Server as information possibly useful in your Bizagi end users.

For further and official information about LDAP attributes and the filtering possibilities, refer to Microsoft guides at http://social.technet.microsoft.com/wiki/contents/articles/5392.active-directory-ldap-syntax-filters.aspx.

LDAP Attribute (alphabetically)

LDAP Attribute (alphabetically)Description / example
cStands for country or region. Most likely to contain a two-letter ISO country code. Example: c=DE
cnStands for common name. Composed from the givenName attribute, concatenated to the SN attribute. Example: CN=Guy Thomas.
companyStands for Company (or organization name).
descriptionThe description seen in LDAP Users and Computers. Not to be confused with displayName.
displayNameIf you script this property, be sure you understand which field you are configuring. Often, displayName can be confused with CN or description.
dcStands for domain component, which means that this string holds one component, a label of a DNS domain name. Example: DC=cp, DC=com
dnStands for distinguished name. Composed from the CN attribute and additional organization information. Example: CN=Guy Thomas, OU= Newport,DC=cp,DC=com
givenNameRefers to the Firstname. Example: givenName=Guy
nameThe same as CN.
objectCategoryDefines the Schema category. Example: objectClass=Person
objectClassAlso used for Computer, organizationalUnit, even container. Important top level container. Example: objectClass=User.
ouDefines the Organizational unit. Example: OU=Newport
physicalDeliveryOfficeNameDefines the Office on the user's General property sheet.
sAMAccountNameOld NT 4.0 logon name, must be unique in the domain. Can be confused with CN. Example: sAMAccountName=guyt
snStands for surname (or last name). Example: SN=Thomas.
stContains the State or province. Example: ST=California.
streetContains the address (first line). Example: street=15 Main St.
telephoneNumberContains phone numbers (it is multi-valued). Example: telephoneNumber=+1 234 567 8901
userAccountControlUsed to disable an account. A value of 514 disables the account, while 512 makes the account ready for logon.
userPrincipalNameOften abbreviated to UPN, and looks like an email address. Very useful for logging on especially in a large Forest. Note UPN must be unique in the forest. Example: userPrincipalName=guyt@CP.com

Refer to the table below to view other attributes which are found in Exchange:

Exchange AttributeDescription
homeMDBHere is where you set the MailStore
legacyExchangeDNLegacy distinguished name for creating Contacts. In the following example, Guy Thomas is a Contact in the first administrative group of GUYDOMAIN: /o=GUYDOMAIN/ou=first administrative group/cn=Recipients/cn=Guy Thomas
mailAn easy, but important attribute. A simple SMTP address is all that is required billyn@ourdom.com
mailNicknameNormally this is the same value as the sAMAccountName, but could be different if you wished. Needed for mail enabled contacts.
mDBUseDefaultsAnother straightforward field, just the value to:True
msExchHomeServerNameExchange needs to know which server to deliver the mail. Example: /o=YourOrg/ou=First Administrative Group/cn=Configuration/cn=Servers/cn=MailSrv
proxyAddressesAs the name 'proxy' suggests, it is possible for one recipient to have more than one email address. Note the plural spelling of proxyAddresses.
targetAddressSMTP:@ e-mail address. Note that SMTP is case sensitive. All capitals means the default address.
showInAddressBookDisplays the contact in the Global Address List.