Data Collected from Active Directory by Ranger
With AD sync enabled Ranger uses the bridge to collect data from AD using the USN it is able to quickly find updates since its last check of AD. Note if you already have the server installed on-premise it can be used instead of the bridge.
The data collected depends on the settings for Active Directory Sync. New in UDM Ranger V2.0.0 you are able to set the "Sync Minimum Attributes" switch this reduces the AD attributes to the minimum required for Ranger to function. Some organisations prefer to collect the full information available in Ranger V1 and this is the default setting.
The AD attributes collected when Minimum Attributes enabled is:
| Distinguished Name |
| display Name |
| MS RTC SIP - Line |
| MS RTC SIP - Primary User Address |
| MS RTC SIP - Private Line |
| name |
| user Account Control |
With the full attributes collected the following attributes are collected:
First Name |
| Last Name |
| description |
| Office Location |
| telephone Number |
| mobile |
Job Title |
| company |
| manager |
Logon Name |
| logon Count |
| last Logon Timestamp |
City |
| State/Province |
| ZIP/Postal Code |
| Country |
| country Code |
| Country Abbreviation |
| Distinguished Name |
| Name |
| department |
| display Name |
| extension Attribute 1 |
| IP Phone |
| legacy Exchange Dn |
| MS RTC SIP - Federation Enabled |
| MS RTC SIP - Internet Access Enabled |
| MS RTC SIP - Line |
| MS RTC SIP - Option Flags |
| MS RTC SIP - Primary Home Server |
| MS RTC SIP - Primary User Address |
| MS RTC SIP - Private Line |
| MS RTC SIP - User Enabled |
| MS RTC SIP - User Policies |
| MS RTC SIP - User Routing Group Id |
| name |
| object Sid |
| target Address |
| user Account Control |
| user Principal Name |
| when Changed |
| when Created |