Commands-Home-ManageAttributes-icon Manage attributes

 

<< Click to view the table of contents >>

Navigation:  Commands > Settings >

Commands-Home-ManageAttributes-icon Manage attributes

 

The Manage Attributes window allows you to customize the Current Document Template.

 

The grid rows are the attributes to be managed in the document, you can add or remove them using the Add attribute or Remove attribute commands located at the bottom of the window. Some attributes, highlighted in red, are required for the program to work and cannot be removed.

 

The Add attribute command allows you to add attributes to the current document, you can select them from the list of user or group attributes in Active Directory, all of the following attribute types are supported, including any custom attributes created by the organization.

 

Case-insensitive string type

Numeric value represented as a string

Directory string specification

Byte array represented as string

32-bit integer type

64-bit integer type (large)

Boolean value type

OID value type

Time expressed in generalized time format

Distinguished name of a directory service object

Enumeration value type

IA5 character set string

Printable character set string

SID value type

 

The application also handles attributes that do not exist in Active Directory, these have an Extra_ or Opt_ prefix before the name, for more information on this see: Extra Attributes.

 

Commands-Home-ManageAttributes

 

The following fields can be edited or displayed for each attribute:

 

Header: the column header in the main application grid, this is a descriptive value only.

 

Default Value: this is the value that the application will automatically assign to new users created within the document, for existing users you can still easily apply these values using the Set Values Window.
As a default value you can use a static value, for example for the department attribute the value Offices, or, for multi-value attributes use several values separated by the symbol | (pipe) such as for the memberOf attribute the value Domain Users|Offices.
Default values can also be obtained automatically based on other attributes, when you want to use another attribute as a value you need to include it between braces {} e.g. the value of the name attribute could be obtained automatically from the attributes sn and givenName with this syntax within the name field {sn} {givenName} or the value of the homeDirectory attribute could be obtained from the static value of the UNC path of the shared folder on the file server ending with the name attribute ex. \\FileServerName\SharedFolder\Subfolder\{name}.
If you want to get portions of attributes automatically, some macros are available, description and examples follow.

 

Macro

Prototype

Description

E.g. with the value of the attribute name = michelangelo.bonarroti

DelLeft

{attribute}[DelLeft(N)]

deletes N characters from the left

{name}DelLeft(2) = michelangelo.bonarro

DelRight

{attribute}[DelRight(N)]

deletes N characters from the right

{name}DelRight(2) = chelangelo.bonarroti

GetLeft

{attribute}[GetLeft(N)]

gets N characters from the left

{name}GetLeft(2) = mi

GetRight

{attribute}[GetRight(N)]

gets N characters from the right

{name}GetRight(2) = ti

Sub

{attribute}[Sub(N,M)]

gets a sub-string of M characters from N

{name}[Sub(7,6)] = angelo

 

Rule: these are additional automations that can be applied to attribute values; for example, you can define to calculate a password based on specific criteria, or change text to uppercase, remove empty spaces, etc. For more information on rules see the Rules topic.

 

Attribute or option: displays the name of the attribute in Active Directory

 

Type: displays the Active Directory type related to the attribute

 

Single-value: displays whether the Active Directory attribute is a single-value type or can contain a list of values (multi-value).

 

Read-only: shows whether the Active Directory attribute is read-only or writable.

 

Unique: shows whether the attribute is considered unique, i.e., no duplicate values are allowed. For attributes marked as unique by Active Directory, the property cannot be changed. You can, however, mark an attribute as unique even if it is not unique in AD, in which case it will be marked as unique by Active Directory One at the project level, which will prevent the creation or modification of a user or group if duplicate values are found in AD.

 

Override: allows the override list to be displayed and edited. This property is used when storing in Active Directory and when importing, when all the values in the override list of the record you are storing or importing are equal to an existing record, it is overwritten.

 

NOTE: Some attributes have an important function and are highlighted with color.

 

Root Attributes: when an attribute has no default values and is used to build other attributes it is defined as a root attribute; this type of attribute is highlighted in green. In the example figure, the root attributes are sn and givenName because they do not have a default value and are used to auto-complete the displayName, name, userPrincipalName, saMAccountName fields. for more information on root attributes see Templates.

 

Key attribute and key entity: in this example, the memberOf attribute record highlighted in blue is the key attribute that contains the key entity of the project (in this case the Offices group). See Projects for more information.

 

See also: Templates - Extra Attributes - Rules.