Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 23 Next »

(info) What can LDAP do?

  • Check lockout status for customers

  • Determine if customer is active (employee or student)

  • Identify a customer's account status and affiliation with SJSU

  • Determine if customer is in any DUO group/Adobe group

On this page

PLEASE NOTE:

You will need to configure you LDAP browser on each PC that you use. Please do so ASAP.
In case you are using LDAP on a non-institutional network, connect to VPN in order to use LDAP.

🔍 Important Fields

Formatting the Filter

Softerra LDAP browser uses the standard LDAP query format.

  • (attribute=value)

---The parentheses are necessary.

You may also use wildcard filters by using an asterisk

  • (attribute=val*)

📋 Glossary

 View

accountExpires

Either Never or date

badPasswordTime

Timestamp

badPwdCount

count

cn

common name=givenName middleName sn

department

department name

departmentNumber

department number

displayName

same as cn (?)

distinguishedName

x.500 name, long and ugly

employeeID

employee id or SJSU ID#

employeeNumber

employee id

employeeType

always Employee if true (?)

givenName

first name

homeDirectory

UNC path to home directory

homeDrive

drive letter assigned for home directory

ipPhone

Cisco 5-digit extension

lastLogon

timestamp

lastLogonTimestamp

timestamp (but not same as lastLogon?)

lockoutTime

unspecified or time

logonCount

count

mail

email address

memberOf

group memberships, may be more than one

middleName

middle initial

name

same as cn (?)

objectCategory

always “CN=Person,CN=Schema,CN=Configuration,DC=SJSUAD,DC=SJSU,DC=EDU”

ou

Applicants, Employees, Students or Vendors

physicalDeliveryOfficeName

always “C” until it’s fixed

pwdLastSet

timestamp

sAMAccountName

employee id for login purposes

sjsuIsEmployee

TRUE or FALSE

sjsuPersonAffiliation

Employee Faculty, Employee Staff, Student Applicant, Student

sn

surname (last name)

telephoneNumber

full phone number

title

title

userPrincipalName

email address style login name

whenCreated

account creation timestamp

Back to top

(question) Tutorials

🔧 Set up LDAP (Configure SJSUAD Profile)

 View

  1. Check your Scope Pane (the left-hand column) for an SJSUAD profile. If it’s there, you’re done.

  2. Click the New Profile option under the New button pull-down.

  3. Set SJSUAD as the profile name and click Next

    Profile Creation Wizard step 1 Entering SJSUAD in the Profile Name field

  4. Set sjsuad.sjsu.edu as the Host

  5. Set the Port as 636

  6. Click the Fetch Base DNs, and select DC=SJSUAD,DC=SJSU,DC=EDU

  7. Check the Use secure connection (SSL) the click Next

  8. Select Currently logged on user(Active Directory only) (Other Credentials)

Needs to be updated (CN=Display Name (OU Admin),OU=Resource,OU=Users,OU=Enterprise Support,DC=SJSUAD,DC=SJSU,DC=EDU)

9. Click Finish

The scope pane should fill in with the AD tree information.

Scope pane SJSUAD Active Directory List of OUs

Back to top

🔍 Search LDAP

 View Steps

  1. Open Softerra LDAP Browser; Double-Click the icon

  2. Click the '+' sign next to SJSUAD in the scope pane

    Scope Pane Softerra LDAP browser Listing of servers

  3. Right-click 'sjsuPeople' in the scope pane

  4. Pick “Directory Search” from the context menu

  5. Enter your search criteria in the “Filter” line. (employeeid=xxxxxxxxx)

  6. Click 'Search' button at bottom of window

  7. Double-click on the person in the results area to show all account attributes in the main window.

Back to top

 Show Instructional Video
LDAP Search Caption.mp4

Back to top

  • No labels