Data Collected from Active Directory by Ranger

The Ranger product uses the bridge to collect data from AD using the USN it is able to quickly find updates since its last check of AD. Note if you already have the server installed on-premise it can be used instead of the bridge.

The data collected depends on the settings for Active Directory Sync. New in UDM Ranger V2.0.0 you are able to set the "Sync Minimum Attributes" switch this reduces the AD attributes to the minimum required for Ranger to function. Some organisations prefer to collect the full information available in Ranger V1 and this is the default setting.

The AD attributes collected when Minimum Attributes enabled is:


Distinguished Name
display Name
MS RTC SIP - Line
MS RTC SIP - Primary User Address
MS RTC SIP - Private Line
name
user Account Control


With the full attributes collected the following attributes are collected:


First Name

Last Name
description
Office Location
telephone Number
mobile
E-mail

Job Title

company
manager

Logon Name

logon Count
last Logon Timestamp

City

State/Province
ZIP/Postal Code
Country
country Code
Country Abbreviation
Distinguished Name
Name
department
display Name
extension Attribute 1
IP Phone
legacy Exchange Dn
MS RTC SIP - Federation Enabled
MS RTC SIP - Internet Access Enabled
MS RTC SIP - Line
MS RTC SIP - Option Flags
MS RTC SIP - Primary Home Server
MS RTC SIP - Primary User Address
MS RTC SIP - Private Line
MS RTC SIP - User Enabled
MS RTC SIP - User Policies
MS RTC SIP - User Routing Group Id
name
object Sid
target Address
user Account Control
user Principal Name
when Changed
when Created