| LDAP Property | Description |
|---|---|
| DN | DN Stands for distinguisehd name. This is the unique identifier for any object in AD. An example value would be:
CN=Joe User, OU=Las Vegas, DC=mycompany,DC=com Note that when identifying a DN value in your script you will likely be required to enclose the line above with double quotes (“) so it would look like this: “CN=Joe User, OU=Las Vegas, DC=mycompany,DC=com“ |
| CN | CN = Joe User CN stands for Common Name. This property is a combination of the givenName and SN attributes joined together |
| displayName | displayName = Joe User Note that displayName and CN are often confused for each other. |
| description | Note that this is different from displayName |
| givenName | The first name of the user |
| homeDrive | Home Folder |
| name | name = Joe User. The same as CN |
| ObjectClass | objectClass = User Identifies what type of object is selected. Other values are: Computer, orgnizationalUnit, container, group |
| objectCategory | objectClass = Person Defines what schema category that object belongs to. |
| physcialDeliveryOfficeName | The office field of the user property |
| profilePath | Roaming profile path: connect. Setup is a bit tricky |
| sAMAccountName | sAMAAccountName = jUser This is an old NT 4.0 logon ID. This value must be unique in the domain. |
| SN | SN = User This is the last name of the user. SN stands for surname |
| userAccountControl | This property is used to enable or disable a user account. A value of 514 means that account is disabled. A value of 512 means the account is enabled. |
| userPrincipleName | userPrincipleName = juser@lasvegas.com This property is useful for logging in a large forest Active Directory architecutre. This is also a unique property throught the forest. This property is often abbreviated as UPN. |
| mail = juser@lasvegas.com the email property of the user |
|
| C | Country or Region |
| company | Name of Company or Organization |
| department | Department |
| homephone | |
| l | Location. Used mainly with printers That is a lower case (L) |
| manager | |
| mobile | Cell phone or mobile phone number |
| OU | Orgnizational Unit |
| postalCode | Zip or post code |
| st | State or province |
| streetAddress | Street address, not including country or state |
| telephoneNumber | Office Phone |
| dNSHostName | |
| rID | |
| url | |
| uSNCreate | |
| uSNChanged | |
| tokenGroups | A computed attribute that contains the list of SIDs due to a transitive group membership expansion operation on a given user or computer. Token Groups cannot be retrieved if no Global Catalog is present to retrieve the transitive reverse memberships. More Info |
.NET Active Directory – Understanding LDAP Active Directory User Object Properties/Attributes.