This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject

A new Flexera Community experience is coming on November 25th, click here for more information.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Directory Services Attributes Administration

msiteam
By
Level 2
I'm trying to configure the Directory Services Attributes. I succefully connect and get the attributes available, but not the right ones.

If I connect to my AD with Sysinternals ADExplorer.exe or with Microsoft dsa.msc I can see the right attributes, ex. Department instead of DepartmentNumber.

I can use the username, email address and one or two general attributes but can't get others.

Authentication is Working.

The Directory Service Connection have the following configuration:
Directory Service Identification
Directory Service Type: Active Directory
Directory Service Port: 389 (tried 3268, connects but don't get any attribute)

Server Administration Credentials (are OK)

Server Attribute Mapping
Group Class Name: group
Group Name Attribute: cn
Group Member Attribute: member
User Class Name: user
User Name Attribute: samaccountname

I omited sensitive information.

Thanks in advance for your help.

‎May 11, 2010 08:26 AM

0 Kudos
(1) Reply

Cary_R
By
Level 11
Hi There,

From what I recall, certain accounts have permissions to query against different attributes.

Are you using the same account when you're looking around with the standalone tools?

If so, then there might be some issue with the query that's being made. I think the builtin logging won't show this granularity for AD communication, but if you're connecting on port 389, you can use Wireshark to sniff the communication with the domain controller, and see the query and any results that are getting passed back.

If you like, you can PM me with the log, and I can look to see what's going on.

Regards,

Cary

‎May 12, 2010 04:27 PM

0 Kudos