>
    Strata Copilot
    Cloud Identity Engine Attributes (Active Directory)
    Focus
    Download PDF
    Focus
    1. Home
    2. Identity
    3. Manage the Cloud Identity Engine App
    4. Cloud Identity Engine Attributes
    5. Cloud Identity Engine Attributes (Active Directory)
    Download PDF
    Identity

    Cloud Identity Engine Attributes (Active Directory)

    Table of Contents

    Cloud Identity Engine Attributes (Active Directory)

    Learn about On-Premise Active Directory attributes.
    You can collect the following types of default attributes and their associated On-Premise Active Directory fields:

    User Attributes

    Directory Sync AttributeDirectory Field
    Admin CountadminCount
    Common-Namecn
    CompanyNamecompanyName
    Countryco
    Departmentdepartment
    Distinguished Namedn
    GroupsmemberOf
    Last LoginlastLogon
    LastLogonTimelastLogonTimestamp
    Locationl
    MSDSAllowedDelegatedTomsDS-AllowedToDelegateTo
    MSDSAllowedToActOnBehalfOfOtherIdentitymsDS-AllowedToActOnBehalfOfOtherIdentity
    MSDSSupportedEncryptionTypesmsDS-SupportedEncryptionTypes
    Mail
    If you do not configure a value for the Mail attribute, the Cloud Identity Engine uses the value of the User Principal Name.
    		mail
    Managermanager
    NETBIOS NamenETBIOSName
    NamedisplayName
    Object ClassobjectClass
    Primary Group IDprimaryGroupID
    SAM Account NamesAMAccountName
    SIDobjectSid
    SID HistorysIDHistory
    Service Principal NameservicePrincipalName
    Titletitle
    Unique IdentifierobjectGUID
    User Principal NameuserPrincipalName
    UserAccountControluserAccountControl
    WhenChangedwhenChanged
    WhenCreatedwhenCreated

    Organizational Unit (OU) Attributes

    Directory Sync AttributeDirectory Field
    Canonical NamecanonicalName
    Common-Namecn
    Distinguished Namedn
    NamedisplayName
    Object ClassobjectClass
    Unique IdentifierobjectGUID
    When ChangedwhenChanged
    WhenCreatedwhenCreated

    Group Attributes

    Directory Sync AttributeDirectory Field
    Admin CountadminCount
    Common-Namecn
    Distinguished Namedn
    Group TypegroupType
    GroupsmemberOf
    Mail mail
    Membermember
    Namename
    Object ClassobjectClass
    SAM Account NamesAMAccountName
    SIDobjectSid
    Unique IdentifierobjectGUID
    WhenChangedwhenChanged
    WhenCreatedwhenCreated

    Container Attributes

    Directory Sync AttributeDirectory Field
    Canonical NamecanonicalName
    Common-Namecn
    Distinguished Namedn
    Domaindomain
    NamedisplayName
    Object ClassobjectClass
    Unique IdentifierobjectGUID
    WhenChangedwhenChanged
    WhenCreatedwhenCreated

    Computer Attributes

    Directory Sync AttributeDirectory Field
    Admin CountadminCount
    Common-Namecn
    Distinguished Namedn
    GroupsmemberOf
    HostID_hostId
    Host NamedNSHostName
    Last LoginlastLogon
    LastActiveDaysAgolastActiveDaysAgo
    LastLogonTimelastLogonTimestamp
    MSDSAllowedDelegatedTomsDS-AllowedToDelegateTo
    MSDSAllowedToActOnBehalfOfOtherIdentitymsDS-AllowedToActOnBehalfOfOtherIdentity
    MSDSSupportedEncryptionTypesmsDS-SupportedEncryptionTypes
    NETBIOS NamenETBIOSName
    NamedisplayName
    OSoperatingSystem
    OSServicePackoperatingSystemServicePack
    OSVersionoperatingSystemVersion
    Object ClassobjectClass
    Primary Group IDprimaryGroupID
    SAM Account NamesAMAccountName
    SIDobjectSid
    SID HistorysIDHistory
    Serial NumberserialNumber
    Service Principal NameservicePrincipalName
    Unique IdentifierobjectGUID
    User Principal NameuserPrincipalName
    UserAccountControluserAccountControl
    WhenChangedwhenChanged
    WhenCreatedwhenCreated

    © 2026 Palo Alto Networks, Inc. All rights reserved.