A Attribute Mappings Between Oracle Identity Manager and Microsoft Active Directory

The following table discusses attribute mappings between Oracle Identity Manager and Microsoft Active Directory.

Oracle Identity Manager Attribute	Microsoft Active Directory Attribute	Description
Password	unicodePwd	User's password in UTF-8 format This is a write-only attribute.
User must change password at next logon	pwdLastSet	Flag that indicates the last time users modified their passwords If this attribute is set to zero and the Password Never Expires property of the user account is set to false, then the user must set the password at next logon.
Password never expires	userAccountControl	Flag that controls the Password Never Expires property
Account Expiration Date	accountExpires	Date when the account expires
Object GUID	objectGUID	GUID that is based on the current time stamp assigned to an object
Organization Name	Organization	Name of the organization
First Name	givenName	First name
Last Name	sn	Last name
Middle Name	middleName, initials	Initials for the user's middle name This is used as the middle initial in the Microsoft Windows Address Book.
Full Name	cn, displayName	Display name for a user This is usually a combination of the user's first name, middle initial, and last name.
User ID	sAMAccountName, userPrincipalName	User's logon name Note: Microsoft Active Directory restricts the number of characters in the user ID field to 20 characters. Therefore, while provisioning a user through Oracle Identity Manager, you must not enter more than 20 characters in this field.
Group Name	memberOf	Distinguished name of the groups to which an object belongs
Group Type	instanceType	Type of group For example, Global Security Group and Local Distribution Group.
Group Display Name	cn	Display name for the group object
USN Create	uSNCreated	USN value assigned by the local directory for the object during creation This is a read-only attribute.
USN Change	uSNChanged	USN-changed value assigned for every change to the object