Supported Server Object Class and Attribute Names

The servers in your realms must use the attribute names listed in the following table for the Cisco Defense Orchestrator to retrieve user metadata from the servers. If the attribute names are incorrect on your server, the Cisco Defense Orchestrator cannot populate its database with the information in that attribute.

Map of attribute names to Cisco Defense Orchestrator fields
Metadata	CDO Attribute	LDAP ObjectClass	Active Directory Attribute	OpenLDAP Attribute
LDAP user name	Username	user inetOrgPerson	samaccountname	cn uid
first name	First Name		givenname	givenname
last name	Last Name		sn	sn
email address	Email		mail userprincipalname (if mail has no value)	mail
department	Department		department distinguishedname (if department has no value)	ou
telephone number	Phone		telephonenumber	telephonenumber

Note	The LDAP ObjectClass for groups is `group`, `groupOfNames`, (`group-of-names` for Active Directory) or `groupOfUniqueNames`.

For more information about ObjectClasses and attributes, see the following references:

Microsoft Active Directory:
- ObjectClasses: All Classes on MSDN
- Attributes: All Attributes on MSDN
OpenLDAP: RFC 4512