LDAP Object Details
In NetGovern, an Identity Management Cache (IMC) job connects to the Active Directory in order to create individual objects in the LDAP. Platform User or Group objects are created for each user or group in the Active Directory, using their UPN value. Child attributes are created for the user's location entries. Each location entry maps to an existing location that the user has data in. The location entries listed in LDAP correspond to the storage locations previously configured in NetGovern. To learn more, see the Object details below.
- Open the LDAP browser.
- From the drop-down tree in the left-hand panel, select cn=platform. Click on the cn=Users container to expand the list of Platform User Objects.
- Each Platform User Object entry is based on the user's individual UPN value. Double-click on a Platform User Object to view the object details.
- Platform User Objects contain the following attributes:
-
LDAP Attribute
Description
userType
The value entered here is always User.
displayName
The user's name in the AD.
objectClass
The value entered here is always User.
samAccountName
The sAMAcccountName that is pulled from the AD.
legacyCN
The current CN of the user in the Addressbook cache.
NOTE
If the user does not have a mailbox, this attribute will not be displayed.primarySMTPAddress
The mail attribute that is pulled from the AD. If an AD user does not have a mailbox and the mail attribute is empty, their UPN value will be displayed instead.
NOTE
If a user mailbox is created at a later stage, it will be added. If a Platform User Object includes a user mailbox that is later deleted, the Platform User Object will not be deleted. Platform User Objects are never deleted.CN
The UserPrincipleObject that is pulled from the AD.
- Open the LDAP browser.
- From the drop-down tree in the left-hand panel, select cn=platform. Click on cn=Users.
- A Group Object is created for each group. Each Group Object entry is based on the sAMAccountName of the group.
- Group Objects contain the following attributes:
-
LDAP Attribute
Description
userType
The value entered here is always User.
groupMember
The UPN value of each group member that is pulled from the member attribute in the AD. Each group member has one attribute.
NOTE
If processing a Nested group, it will contain all members from the Parent and Child groups.objectClass
The location type.
samAccountName
The sAMAcccountName that is pulled from the AD.
primarySMTPAddress
The mail attribute that is pulled from the AD. If a user in the AD group does not have a mailbox and the mail attribute is empty, the user's UPN value(s) will be displayed instead.
NOTE
If a user mailbox is created at a later stage, it will be added. If a Group Object includes a user mailbox that is later deleted, the Group Object will not be deleted.CN
The sAMAccountName that is pulled from the AD.
- Open the LDAP browser.
- From the drop-down tree in the left-hand panel, select cn=archiving. Click on cn=GWOpenNode.
- An object is created for the local or external storage locations previously configured in the NetGovern Admin UI. Each corresponding location entry in cn=archiving consists of the unique location ID, the GWALocation.
- From the drop-down tree in the left-hand panel, select cn=platform, then cn=Users. Click on the Platform User Object.
- A Child Location entry of the storage location is created and listed under the Platform User Object. The same GWALocation ID is displayed. Double-click on the Platform User Child Location Object to view the corresponding paths.
- Platform User Child Location Objects contain the following attributes:
-
LDAP Attibute
Description
objectClass
The location type.
accountID
The attribute that is the user's current hidden property. Either maps to the Addressbook cache (found under cn=Users, cn=archiving, then cn=GWOpenServer) or the Usermap, if the user has one (found under cn=Usermaps, o=netmail, cn=archiving, then cn=GWOpenServer).
CN
The locationID of the location (found under o=netmail, CN=Archiving, then cn=GWOpenNode).