Password Control – Display Properties

The user display section featured above can be configured to show virtually any user account properties, including multi-valued properties.  This guide will show you how easy it is to show additional properties.

  • Click File, Settings, Properties To Load
  • Check any attributes that you want to display

Other Attributes

If the attribute you want to display isn’t listed in any of the tabs, you can click the “Advanced” tab and add the attribute manually.

Adding an Attribute

  • Enter the LDAP Display Name of the property in the “Name” textbox. See section titled “Finding the correct name” below for more information.
  • Enter a friendly name for the property in the “Display Name” box – this can be anything you want.  You might want to use “Tel” for “telephoneNumber”, “Surname” for “sn”.
  • Click the Add button to add the property

Deleting an Attribute

  • Select the property you want to remove in the list box.
  • Click the Remove button

Finding the correct name (LDAP Display Name)

Unfortunately the names used by Active Directory are not always very intuitive. e.g.  “First Name” is actually defined as “givenName”. Last Name is defined as “sn”. Some attribute names are even more obscure – City is defined simply as “l” for locality.

If you have a property you want to add to the list but don’t know how the name is defined in the schema, there are a couple of ways to find this out.

  • Use the schema-snap in. (Easier to use ADSIEdit though)
  • Use the ADSIEdit utility

Using ADSIEdit

  • Install the Support Tools from the Windows Server CD
  • Find or create a test user account.
  • Edit a property on the user account to make the value distinctive.  For example, you might want to enter the value “First Name” in the first name property – you will then look for the value “First Name” in ADSIEdit to find the name of the “First Name” property.
  • Open ADSIEdit – This utility looks similar to Active Directory Users & Computers.
  • Navigate ADSIEdit until you find the user object.
  • Right-click the user object & click properties.
  • Check the “Show only attributes that have values” checkbox – This will make your search easier.
  • Search for the attribute with the value that corresponds to what you entered in Active Directory Users and Computers.
  • Use the name in the “Attribute” column as the name for the “Properties To Load dialog box.