We currently have a View that queries active directory info. I was wondering if there was a good reference as to what fields (field names) are available in AD for me to query against. I don't have access to Active Directory so I can't go playing around in there to maybe figure it out myself. Any help would be appreciated.
+2
A:
Active Directory uses LDAP v3. This version specifies that any fields may be modified, added, and removed, but in order for AD to work properly there are many fields it retains. You can view the schema for your AD instance by going to the domain controller and using the schema editor (in MMC) to view the available fields, but as you said you do not have access to those resources. Here are the common attributes used across most LDAP implementations:
givenName: first name
sn: last name
telephoneNumber: phone number
streetAddress: street address
l: city
st: state
c: country
postalCode: zip code
Andrew Sledge
2009-06-30 18:25:28
Thanks, I'm trying to determine which one I should be using for the unique identifier of a user... I see objectguid, msExchMailboxGUID, attributesecurityguid... any recommendations? I want to make sure this guid never changes even when the records username etc does.
Chris Klepeis
2009-06-30 19:57:51
sAMAccountName is the primary AD identifier
Andrew Sledge
2009-07-10 17:48:13
A:
There's a really good set of references at Richard Mueller's site - he has Excel sheets about the AD properties, how they map to the "Active Directory Users & Computers" tool, and how to search using ADO - lots of good stuff!
Marc
marc_s
2009-07-30 07:05:24