Supported server object class and attribute names

Map user metadata attributes from your LDAP servers to the correct firewall fields to ensure user information is accurately retrieved and populated in the firewall.

The servers in your realms must use the attribute names listed in the following table for the Cloud-Delivered Firewall Management Center to retrieve user metadata from the servers. If the attribute names are incorrect on your server, the Cloud-Delivered Firewall Management Center cannot populate its database with the information in that attribute.

Map of attribute names to Cloud-Delivered Firewall Management Center fields
Metadata	Cloud-Delivered Firewall Management Center Attribute	LDAP ObjectClass	Active Directory Attribute	OpenLDAP Attribute
LDAP user name	Username	user inetOrgPerson	samaccountname	cn uid
first name	First Name		givenname	givenname
last name	Last Name		sn	sn
email address	Email		mail userprincipalname (if mail has no value)	mail
department	Department		department distinguishedname (if department has no value)	ou
telephone number	Phone		telephonenumber	telephonenumber

Note	The LDAP ObjectClass for groups is `group`, `groupOfNames`, (`group-of-names` for Active Directory) or `groupOfUniqueNames`.

For more information about ObjectClasses and attributes, see these references:

Microsoft Active Directory:
- ObjectClasses: All Classes on MSDN
- Attributes: All Attributes on MSDN
OpenLDAP: RFC 4512