LDAP

What can LDAP do?

On this page

PLEASE NOTE:

You will need to configure you LDAP browser on each PC that you use. Please do so ASAP.
In case you are using LDAP on a non-institutional network, connect to VPN in order to use LDAP.

Important Fields

Formatting the Filter

Softerra LDAP browser uses the standard LDAP query format.

  • (attribute=value)

---The parentheses are necessary.

You may also use wildcard filters by using an asterisk

  • (attribute=val*)

Glossary

accountExpires

Either Never or date

badPasswordTime

Timestamp

badPwdCount

count

cn

common name=givenName middleName sn

department

department name

departmentNumber

department number

displayName

same as cn (?)

distinguishedName

x.500 name, long and ugly

employeeID

employee id or SJSU ID#

employeeNumber

employee id

employeeType

always Employee if true (?)

givenName

first name

homeDirectory

UNC path to home directory

homeDrive

drive letter assigned for home directory

ipPhone

Cisco 5-digit extension

lastLogon

timestamp

lastLogonTimestamp

timestamp (but not same as lastLogon?)

lockoutTime

unspecified or time

logonCount

count

mail

email address

memberOf

group memberships, may be more than one

middleName

middle initial

name

same as cn (?)

objectCategory

always “CN=Person,CN=Schema,CN=Configuration,DC=SJSUAD,DC=SJSU,DC=EDU”

ou

Applicants, Employees, Students or Vendors

physicalDeliveryOfficeName

always “C” until it’s fixed

pwdLastSet

timestamp

sAMAccountName

employee id for login purposes

sjsuIsEmployee

TRUE or FALSE

sjsuPersonAffiliation

Employee Faculty, Employee Staff, Student Applicant, Student

sn

surname (last name)

telephoneNumber

full phone number

title

title

userPrincipalName

email address style login name

whenCreated

account creation timestamp


Set up LDAP (Configure SJSUAD Profile)

  1. Check your Scope Pane (the left-hand column) for an SJSUAD profile. If it’s there, you’re done.

  2. Click the New Profile option under the New button pull-down.

  3. Set SJSUAD as the profile name and click Next

  4. Set sjsuad.sjsu.edu as the Host

  5. Set the Port as 636

  6. Click the Fetch Base DNs, and select DC=SJSUAD,DC=SJSU,DC=EDU

  7. Check the Use secure connection (SSL) the click Next

  8. Select Currently logged on user (Active Directory only)

9. Click Finish

The scope pane should fill in with the AD tree information.


Search LDAP

  1. Open Softerra LDAP Browser; Double-Click the icon

  2. Click the '+' sign next to SJSUAD in the scope pane

  3. Right-click 'sjsuPeople' in the scope pane

  4. Pick “Directory Search” from the context menu

  5. Enter your search criteria in the “Filter” line. (employeeid=xxxxxxxxx)

  6. Click 'Search' button at bottom of window

  7. Double-click on the person in the results area to show all account attributes in the main window.