LDAP Attributes and AD Manual Edit

Posted on Posted in Don't Feed the Technician

We have recently got uniFlow print management installed and to get the costings right as a user might be in same department who is billed but also in sub department who is charged differently. We had to use both department field and one of the custom attribute fields {extensionAttribute1}, though a list could be useful for my records and others to know.

Inputting the Department is as simple as selecting the user(s) and going to properties, this is the same for many fields: Display Name, Address, Phone Number… are more hidden and the edit fields you will have to enter Advanced Features mode in Active Directory Users and Computers.

LDAPAttrib

It is worth knowing adding the Advanced Features to your view gives you not only more access to edit users but also to break a user so please be careful when editing a users attribute manually. 

Open your MMC and add Active Directory Users and Computers, then at the top click View, then click Advanced Features. It will refresh the console. Once done, now when you open a users properties you will be given several other tabs. The one for editing users attributes is labeled Attribute Editor and this is where all the users details such as home drive, email display name… is actually stored.

LDAPAttrib2

Simply find the attribute you wish to edit and input the new value.

Active Directory Display Names and corresponding LDAP Names

Name in AD LDAP Name (header in CSV file)
First Name givenName
Middle Name / Initials initials
Last Name sn
Logon Name userPrincipalName
Logon Name (Pre Windows 2000) sAMAccountName
Display Name displayName
Full  Name name/cn
Description description
Office physicalDeliveryOfficeName
Telephone Number telephoneNumber
Email mail
Web Page wWWHomePage
Password password
Street streetAddress
PO Box postOfficeBox
City l
State/Province st
Zip/Postal Code postalCode
Country co
Country 2 Digit Code – eg. US c
Country code -eg. for US country code is 840 countryCode
Group memberOf
Account Expires (use same date format as server) accountExpires
User Account Control userAccountControl
Profile Path profilePath
Login Script scriptPath
Home Folder homeDirectory
Home Drive homeDrive
Log on to userWorkstations
Home homePhone
Pager pager
Mobile mobile
Fax facsimileTelephoneNumber
IP Phone ipPhone
Notes info
Title title
Department department
Company company
Manager manager
Mail Alias mailNickName
Simple Display Name displayNamePrintable
Sending Message Size (KB) submissionContLength
Receiving Message Size (KB) delivContLength
Accept messages from Authenticated Users only msExchRequireAuthToSendTo
Reject Messages From unauthOrig
Accept Messages From authOrig
Send on Behalf publicDelegates
Forward To altRecipient
Deliver and Redirect deliverAndRedirect
Reciepient Limits msExchRecipLimit
Use mailbox store defaults mDBuseDefaults
Issue Warning at (KB) mDBStorageQuota
Prohibit Send at (KB) mDBOverQuotaLimit
Outlook Web Access protocolSettings
Allow Terminal Server Logon tsAllowLogon
Terminal Services Profile Path tsProfilePath
Terminal Services Home Directory tsHomeDir
Terminal Services Home Drive tsHomeDirDrive
Start the following program at logon tsInheritInitialProgram
Starting Program file name tsIntialProgram
Start in tsWorkingDir
Connect client drive at logon tsDeviceClientDrives
Connect client printer at logon tsDeviceClientPrinters
Default to main client printer tsDeviceClientDefaultPrinter
End disconnected session tsTimeOutSettingsDisConnections
Active Session limit tsTimeOutSettingsConnections
Idle session limit tsTimeOutSettingsIdle
When session limit reached or connection broken tsBrokenTimeOutSettings
Allow reconnection tsReConnectSettings
Remote Control tsShadowSettings
Custom Field 1 extensionAttribute1

Leave a Reply

Your email address will not be published. Required fields are marked *