Attributes for adding user accounts

Specify a value for the User Id attribute to add a user account on the Active Directory.

The User Id attribute is limited to 20 characters. This attribute can contain:

  • Alphabetic characters
  • Unicode characters
  • Numbers
  • Special characters, such as _ # - $ % ^ ` ( ) ! ~ . ' { }
Note: The period (.) is an exception. It must be surrounded by valid characters; that is, you must specify a valid character before and after the period. For example, 6.7.8.9 is a valid user ID, however, 6.7.8.9. is not a valid user ID.
The User Id attribute cannot include control characters, or any other special characters other than ' ` ~ ! $ % ^ . & { } ( ) - _. If the User Id attribute contains non-supported characters, the Active Directory gives an error message. The adapter stores the value of the User Id attribute in the sAMAccountName attribute on the Active Directory.
Note: The User Id attribute is the only attribute that is required to add an Active Directory account.

To add a user account, if you specify only the User Id attribute on the account form, these attributes are set on the Active Directory.

Table 1. List of attributes and their default values on the Active Directory
Attribute Default value Set by
cn Value of the User Id attribute on the Active Directory account form. Active Directory Adapter
countryCode 0

If country is specified on the Active Directory account form, then the corresponding three-digit code is set on the Active Directory.

 Active Directory
lastLogoff 0 Active Directory
lastLogon 0 Active Directory
distinguishedName cn=RDN,cn=Users,domain name if no base point is specified on the Active Directory Adapter service form.

cn=RDN,container,base point if the base point is specified on the Active Directory Adapter service form.

 Active Directory Adapter
primaryGroupID 513 Active Directory
sAMAccountName Value of the User Id attribute on the Active Directory account form. Active Directory Adapter
name Value of the User Id attribute on the Active Directory account form. Active Directory
userPrincipalName UserId@domain Active Directory Adapter
badPwdCount 0 Active Directory
objectCategory 
CN=Person,CN=Schema,
CN=Configuration,DC=domain name
 Active Directory
msNPAllowDialin FALSE Active Directory Adapter
msRADIUSServiceType 4 Active Directory Adapter