Reputation: 97
Querying extended attributes in AD-LDS against userProxy Full object
If I create a userProxyfull object in AD-LDS and want to include an attribute that exists in AD but I want to have a different value actually be stored in AD-LDS, is this possible? An example would be mail or objectGUID perhaps. So when I try to look up a user in AD-LDS who is represented by a userProxyfull object, will it return the mail from AD or the one I created for it in AD-LDS?
Upvotes: 0
Views: 440
Answers (1)
Reputation: 2793
userProxyFull objects are used to perform authentication against AD for external use, without hitting the AD directly from outside. Everything is stored in ADLDS and will be retrieved from there. The ADLDS and AD users are connected using ObjectSid. The user must be created in AD before it can be created in ADLDS. The GUIDS will also be different.
Upvotes: 0
Related Questions
- Include Specific Attributes Active Directory Query for an ADUser
- How to get Active Directory Attributes not represented by the UserPrincipal class
- Get other ldap query strings associated with a domain
- Get user Attributes from ADFS
- Using the extensionAttributes in Active Directory
- java - query extended properties from active directory
- How to get All attributes from an Active Directory user in C#
- Getting all Active Directory Properties with DirectorySearcher
- Retrieve Specific Active Directory Properties
- LDAP query operational attributes