Skip to main content

Version: Axidian Privilege 3.3

Mapping user directory and PAM attributes

This section contains a list of default values for user directory attributes and their mapping Axidian Privilege attributes.

Active Directory and Samba DC

Directory attribute	Axidian Privilege attribute	Description
Users
objectGUID	ID	Entity identifier
name	Name	User name
userPrincipalName	PrincipalName	Login with domain in the format username@domain Example: pamadmin@company.local
objectSID	SID	Unique entity identifier in the directory in SID format Example: S-1-5-21-2418255240-4279612882-1152719259
distinguishedName	DistinguishedName	Path to the entity in the directory in DN format Example: 'cn=pamadmin,cn=users,cn=accounts,dc=my,dc=company'
sAMAccountName	SamAccountName	User login name Example: pamadmin
thumbnailPhoto	ThumbnailPhoto	User thumbnail photo in JPEG or binary file format.
jpegPhoto	JpegPhoto	User photo in JPEG format.
User Groups
objectGUID	ID	Entity identifier
name	Name	Group name
canonicalName	CanonicalName	Full path to the group in the directory
objectSID	SID	Unique entity identifier in the directory in SID format Example: S-1-5-21-2418255240-4279612882-1152719259
distinguishedName	DistinguishedName	Path to the entity in the directory in DN format Example: 'cn=pamadmins,cn=users,cn=accounts,dc=my,dc=company'
sAMAccountName	SamAccountName	Unique Group name

FreeIPA

Directory attribute	Axidian Privilege attribute	Description
Users
entryUUID	ID	Entity identifier
cn	Name	User name
krbPrincipalName	PrincipalName	Login with domain in the format username@domain Example: pamadmin@company.local
ipaNTSecurityIdentifier	SID	Unique entity identifier in the directory in SID format Example: S-1-5-21-2418255240-4279612882-1152719259
ipaUniqueID	GUID	Unique Entity identifier in the directory in GUID format Example: 176f69c4-3f2b-11eb-89aa-005056980f49
entrydn	DistinguishedName	Path to the entity in the directory in DN format Example: 'uid=pamadmin,cn=users,cn=accounts,dc=my,dc=company'
uid	SamAccountName	User login name Example: pamadmin
jpegPhoto	ThumbnailPhoto	User thumbnail photo in JPEG or binary file format.
jpegPhoto	JpegPhoto	User photo in JPEG format.
User Groups
ipaUniqueID	ID	Entity identifier
cn	Name	Group name
cn	CanonicalName	Full path to the group in the directory
ipaNTSecurityIdentifier	SID	Unique entity identifier in the directory in SID format Example: S-1-5-21-2418255240-4279612882-1152719259
ipaUniqueID	GUID	Unique Entity identifier in the directory in GUID format Example: 176f69c4-3f2b-11eb-89aa-005056980f49
entryDn	DistinguishedName	Path to the entity in the directory in DN format Example: 'uid=pamadmin,cn=users,cn=accounts,dc=my,dc=company'
cn	SamAccountName	Unique Group name

OpenLDAP

Directory attribute	Axidian Privilege attribute	Description
Users
entryUUID	ID	Entity identifier
cn	Name	User name
entrydn	DistinguishedName	Path to the entity in the directory in DN format Example: 'uid=pamadmin,cn=users,cn=accounts,dc=my,dc=company'
uid	SamAccountName	User login name Example: pamadmin
photo	ThumbnailPhoto	User thumbnail photo in JPEG or binary file format.
photo	JpegPhoto	User photo in JPEG format.
User Groups
entryUUID	ID	Entity identifier
cn	Name	Group name
cn	CanonicalName	Full path to the group in the directory
entryDn	DistinguishedName	Path to the entity in the directory in DN format Example: 'uid=pamadmin,cn=users,cn=accounts,dc=my,dc=company'
cn	SamAccountName	Unique Group name

Active Directory and Samba DC
FreeIPA
OpenLDAP