LDAP Attribute Mappings Reference
You can manually add an LDAP server to Jamf Pro by using the LDAP Server settings. Manually adding an LDAP server involves entering values for object classes and search bases, and then defining the LDAP attribute mappings.
For each LDAP server you set up in Jamf Pro, you must define the following:
- Object Class Limitation—
When you configure the Object Class Limitation setting, you can choose or .
- Object Class—
When configuring the Object Class, you can choose , , , and .
- Search Base—
To ensure that the Active Directory search can find any user object in your domain, you must specify the root of the domain. For example, the search base string for a domain name of "example.com" would be the following: dc=example,dc=com
- Search Scope—
You can either search all subtrees or the first level only.
User Mappings
The following table gives an example of the attributes that you can manually enter when configuring the LDAP Servers settings for an Active Directory:
Attribute Mappings | Example Value | Notes |
|---|---|---|
User ID | uSNCreated | Unique, constant identifier for the LDAP user |
Username | sAMAccountName | |
Real Name | displayName | First name and last name |
Email Address | userPrincipalName | Full email address or local-part of the user's email address (if only local-part, also use the Append to Email field) |
Append to Email Results | (Optional) This value will be appended to all email addresses populated by the Email Address field. | |
Department | department | Must have a corresponding department name in Jamf Pro |
Building | physicalDeliveryOfficeName | Must have a corresponding building name in Jamf Pro |
Room | streetAddress | |
Phone | telephoneNumber | |
Position | title | |
User UUID | objectGUID |
User Group Mappings
The following table gives an example of the attributes that you can manually enter when configuring the LDAP Servers settings for an Active Directory:
Attribute Mappings | Example | Notes |
|---|---|---|
Group ID | uSNCreated | Unique, constant identifier for the LDAP group |
Group Name | name | |
Group UUID | objectGUID |
Additional Information
For additional information on how to manually add an LDAP server, see LDAP Directory Service Integration in the Jamf Pro Documentation.