This article is the third in a series that offers a reference point between User account atrributes and their associated values as displayed within various interfaces. In this post we look at the General Tab within the standard Active Directory for Users and Computers interface. If you are looking for a representation of LDAP fields in Outlook or ADUC, see these posts:
Outlook Attributes
ADUC Attributes
Active Directory Users and Computers – Address Tab (Part 4)
Active Directory Users and Computers – Account Tab (Part 5)
If you’re looking for information on User Account Attributes in Active Directory for Users and Computers, this post maps out attributes listed under the general tab. A complete list of attribute mappings is often useful for an administrator for the purpose of using VBScript or Powrshell to manage an Active Directory environment. We will post a complete list in the next post (along with the next tab in ADUC) – until then, I’m sure there are thousands of examples of this around the web – a simple search should provide you with what you need.
Active Directory – User Account Attributes – ADUC General Tab
Here’s a mapping for the General Tab within DSA.MSC (expressed in other words, DSA.MSC is the MMC snap-in that opens up ADUC or Active Directory for Users and Computers):
[Move to Address Tab][Move to Account Tab]
| Name in ADUC | LDAP Attribute | Format | Attribute-ID |
| First Name | givenName | Single | 2.5.4.42 |
| Initials | initials | Single | 2.5.4.43 |
| Last Name | sn | Single | 2.5.4.4 |
| Display Name | displayName | Single | 1.2.840.113556.1.2.13 |
| Description | description | Single* | 2.5.4.13 |
| Office | physicalDeliveryOfficeName | Single | 2.5.4.19 |
| Telephone Number | telephoneNumber | Single | 2.5.4.20 |
| Single | 0.9.2342.19200300.100.1.3 | ||
| Web Page | wWWHomepage | Single | 1.2.840.113556.1.2.464 |
*Note: The Description Attribute is listed as single, but for most other classes in AD (those that are not security principals) this value may be multivalued; ie: an Organisational Unit may have multiple description values associated, whilst a user account/computer account may only be associated with a single string. This is to allow for backwards compatibility.
Damien,
Great site overall, but we are finding that in our AD, that the user’s name displayed next the icon is not coming from {displayname}. How did you arrive at this?
We have done some tests and it appears to us that the user’s name is coming from “cn”. It is really difficult to find a definitive document from Microsoft. Appreciate what you are trying to do.
I am so sorry – You are correct! The Name field shows the CN of the user. I will fix my post! I think this was an oversight, purely because I had been working on a series of outlook related images.
Thanks for sharing Damien, those images with the LDAP attributes name were really useful.
Hi ,
How to set add ldap attributes for password modification ?