Fork me on GitHub

Next Active Directory Integration allows you to map Active Directory attributes to WordPress attributes and vice versa. On this configuration page you define your required mappings.

Attribute options of Next ADI

How it works

Every option is shown as a single row and has the following options

Column Property
AD attribute Name of the attribute inside the Active Directory. You can select one of the attributes from the list
Data Type Type of the Active Directory attribute. This influences how the attribute is displayed inside WordPress
WordPress attribute Unique name of the attribute inside WordPress' usermeta table. All attribute values are stored in there.
Description This description is shown on the user's profile page if View in User Profile is enabled
View in User Profile If enabled, the attribute is shown on the user's profile page
Sync to AD If enabled, the attribute will be synchronized back to the Active Directory account if the administrator has enabled the Sync to AD feature.
Overwrite with empty value If enabled, the WordPress attribute will be overwritten even if the AD attribute is empty.

Attributes

The following AD attributes will be always mapped, even if they are not explicitly mapped by your configuration because they are required to make ADI work properly:

  • cn
  • givenname
  • sn
  • displayname
  • description
  • mail
  • samaccountname
  • userprincipalname
  • useraccountcontrol

You can overwrite the mapping to make them viewable but you should not synchronize them back to AD.

Data Types

Not all of the attributes can be synchronized back to the Active Directory:

Data Type Syncable to AD Hint
string Yes Unicode Strings like homePhone
list Yes A list of Unicode Strings like otherHomePhone
integer Yes Integers or Large Integer attributes like logonCount
bool No Booleans use it from boolean attributes like fromEntry
octet No Octet Strings like jpegPhoto
time No UTC Coded Time like whenCreated
timestamp No Integers which store timestamps (not the unix ones) like lastLogon
cn No Common Name extracts the CN part and drops everything else - use it with manager